pkcs#11

问题 As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance. Closed 7 years ago . I am supposed to write a client application in C# that communicates with Thales WebSentry and I need a few hints at how to start.

问题 I wrote a custom PKCS11 provider and now i want to user it via jarsigner. My command : jarsigner -verbose -keystore NONE -storetype PKCS11 -providerClass my.provider.class jar_to_sign_on.jar "key_name" And i get the following error : jarsigner error: java.lang.ClassNotFoundException: my.provider.class This is because jarsinger can't find my provider .jar implementation. When i put mt .jar in ...\Java\jdk1.8.0_31\jre\lib\ext it works perfectly. My question is : There is a way to dynamically

问题 I have .Net application to interact with the crypto token (Smartcard) using PKCS11Interop library where users can login to the token and generate keypair and sign. If users enter the wrong password multiple time token will be locked, how can I get the remaining number of attempt to login to the token. while searching on the internet I came across Net.Pkcs11Interop.HighLevelAPI.TokenInfo.TokenFlags which contains this information CKF_USER_PIN_COUNT_LOW 0x00010000 True if an incorrect user

问题 Cheers. This is a copy of my question on crypto stack exchange. I'm dealing with HSM via PKCS#11 C/Python interface. I'm wondering is it possible to do some C_Encrypt / C_Decrypt in hardware. By saying "in hardware" I mean encryption/decryption without exposing the result to the caller space. This is mostly aboud decryption as I want to call C_Decrypt and leave the result inside the HSM as arbitrary data to do some other transformations on that data later, saying re-encrypting it on some

问题 Hi I am trying to prevent multiple pin prompts for every pdf that needs to be signed. I am using code from this example : Pin is required when this part of code get process : MakeSignature.SignDetached(appearance, pks, chain, crlList, ocspClient, tsaClient, estimatedSize, subfilter); Is there any way to memorize token pin and sing rest of pdfs without prompting for pin? 回答1: Finally I found solution, this code does the trick : ... RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)pk

问题 Hi I am trying to prevent multiple pin prompts for every pdf that needs to be signed. I am using code from this example : Pin is required when this part of code get process : MakeSignature.SignDetached(appearance, pks, chain, crlList, ocspClient, tsaClient, estimatedSize, subfilter); Is there any way to memorize token pin and sing rest of pdfs without prompting for pin? 回答1: Finally I found solution, this code does the trick : ... RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)pk

问题 I'm almost losing hope on this one. I'm trying to access the Firefox trust store from Java 7 using the NSS libraries that come with the Firefox installation, via PKCS#11. Here is the code: import java.security.KeyStore; import java.security.Security; import java.util.Enumeration; import sun.security.pkcs11.SunPKCS11; public class Test { public static void main(String[] args) throws Exception { String configName = "pkcs11.cfg"; SunPKCS11 p = new SunPKCS11(configName); Security.addProvider(p);

问题 Using PKCS11Interop on Safenet HSMs, I got this error "Method C_OpenSession returned 2147484548" the error, in my documentation, is CKR_SMS_ERROR: " General error from secure messaging system - probably caused by HSM failure or network failure ". This confirm the problem it happens when the connectivity is lacking. The problem is when this happens, the service isn't able to resume the communication when the connectivity is back, until I restart manually the service managing the HSM access .

问题 Using PKCS11Interop on Safenet HSMs, I got this error "Method C_OpenSession returned 2147484548" the error, in my documentation, is CKR_SMS_ERROR: " General error from secure messaging system - probably caused by HSM failure or network failure ". This confirm the problem it happens when the connectivity is lacking. The problem is when this happens, the service isn't able to resume the communication when the connectivity is back, until I restart manually the service managing the HSM access .

问题 Good day! I'm trying to create public key ObjectHandle based on hex string that comes from client via post request. I'm doing it according to the documentation, but it returns me CKR_ATTRIBUTE_TYPE_INVALID exeption. Full exeption message: Net.Pkcs11Interop.Common.Pkcs11Exception: 'Method C_CreateObject returned CKR_ATTRIBUTE_VALUE_INVALID' Inner exeption is null Can you please help me to figure out what i'm doing wrong? Here is my code: using (Pkcs11 pkcs11 = new Pkcs11(Settings