pkcs11interop

问题 I have .Net application to interact with the crypto token (Smartcard) using PKCS11Interop library where users can login to the token and generate keypair and sign. If users enter the wrong password multiple time token will be locked, how can I get the remaining number of attempt to login to the token. while searching on the internet I came across Net.Pkcs11Interop.HighLevelAPI.TokenInfo.TokenFlags which contains this information CKF_USER_PIN_COUNT_LOW 0x00010000 True if an incorrect user

问题 Using PKCS11Interop on Safenet HSMs, I got this error "Method C_OpenSession returned 2147484548" the error, in my documentation, is CKR_SMS_ERROR: " General error from secure messaging system - probably caused by HSM failure or network failure ". This confirm the problem it happens when the connectivity is lacking. The problem is when this happens, the service isn't able to resume the communication when the connectivity is back, until I restart manually the service managing the HSM access .

问题 Using PKCS11Interop on Safenet HSMs, I got this error "Method C_OpenSession returned 2147484548" the error, in my documentation, is CKR_SMS_ERROR: " General error from secure messaging system - probably caused by HSM failure or network failure ". This confirm the problem it happens when the connectivity is lacking. The problem is when this happens, the service isn't able to resume the communication when the connectivity is back, until I restart manually the service managing the HSM access .

问题 Good day! I'm trying to create public key ObjectHandle based on hex string that comes from client via post request. I'm doing it according to the documentation, but it returns me CKR_ATTRIBUTE_TYPE_INVALID exeption. Full exeption message: Net.Pkcs11Interop.Common.Pkcs11Exception: 'Method C_CreateObject returned CKR_ATTRIBUTE_VALUE_INVALID' Inner exeption is null Can you please help me to figure out what i'm doing wrong? Here is my code: using (Pkcs11 pkcs11 = new Pkcs11(Settings

问题 Good day! I'm trying to create public key ObjectHandle based on hex string that comes from client via post request. I'm doing it according to the documentation, but it returns me CKR_ATTRIBUTE_TYPE_INVALID exeption. Full exeption message: Net.Pkcs11Interop.Common.Pkcs11Exception: 'Method C_CreateObject returned CKR_ATTRIBUTE_VALUE_INVALID' Inner exeption is null Can you please help me to figure out what i'm doing wrong? Here is my code: using (Pkcs11 pkcs11 = new Pkcs11(Settings

问题 I was wondering whether it is possible using pkcs11interop to create a 3DES key and specify the key value for creation, or otherwise create a key and output the generated key value. Basically I need the secret key to be exported to another device. I've tried using the CKA_VALUE attribute and passing the key as a byte[] array but with no success. Is such thing possible please? Can someone assist me please? EDIT: Here is the code I have with no luck so far: public ObjectHandle generate3DESKey

问题 I am using PKCS11Interop to perform Key Management operations inside an HSM. The HSM I am using is a network HSM, Thales N-Shield. Here are the details of my setup: 1- HSM 1- RFS Server 3- Clients My software application is distributed and is hosted over the 3 clients. The key will be generated in one of the clients and could be used by the application components present in other clients. However, I have noticed that a key generated in one client machine is not accessible to other client

问题 I am trying to use PKCS11Interop Library with latest version (0.16) of OpenSC (opensc-pkcs11.dll). I have tried USB tokens from three vendors which are Yubico 4, NitroKey Pro/Start, Fetian ePass2003 but unable to use most of the functions from PKCS11Interop Library. I receive Net.Pkcs11Interop.Common.Pkcs11Exception: 'Method C_SignRecoverInit returned CKR_FUNCTION_NOT_SUPPORTED' for most of functions provided by the library. The functions that throw this exception are C_GetOperationState, C

问题 I have generated a RSA public-private keypair in HSM using PKCS11Interop generate key API. I want to export the keypair. I used Findobject API to get the keys, the API returs an ObjectHandle , while reading attributes using GetAttributeValue API , I am not able to read the key's value. And when I set the key's attribute to CKA_EXTRACTABLE to true, I am not able to generate the key altogether. Also I need to import externally provided keypair in HSM. Any help is highly appreciated. 回答1: What

问题 I'm trying to implement some demo of XML signing with a certificate which stored in the HSM. I found some interesting example from this link: Sign XML Document with X509Certificate2 and modified it to using certificate and key inside the HSM with PKCS11Interop wrapper. But anyone could give me a suggestion or example to convert ObjectHandle privateKey from HSM to SignedXML.SigningKey private static void SignXmlWithCertificate(XmlDocument xmlDoc, X509Certificate2 cert, Session session, String