login about faq

Hi, I need to sign some file with an automatic batch. For one service I have a PFX file and so I can sign them. Now I have another service that it require to sign with a certificate that it is on a smart cart. The private key is not exportable and so I receive next error:

ChilkatLog:
  CreateP7M:
    DllDate: Mar  6 2015
    ChilkatVersion: 9.5.0.48
    UnlockPrefix: ###
    Username: ###
    Architecture: Little Endian; 32-bit
    Language: .NET 4.0
    VerboseLogging: 0
    inPath: C:###test.xml
    outPath: C:###test.xml.p7m
    createOpaqueSignature:
      A private key exists, but it is not exportable.  Will use CryptoAPI for signing.
      Using Crypto API, therefore must load entire file into memory.
      msCryptoSignature:
        bDetached: 0
        cert_def_provider: Bit4id Universal Middleware Provider
        hashAlgorithmName: sha256
        hashAlgorithmOid: 2.16.840.1.101.3.4.2.1
        buildCertChain:
          startCertDN: ###
          Certificate signature verified.
          Certificate chain completed to root.
          Root (self-signed) certificate signature verified.
        --buildCertChain
        signingCert: ###
        includedCert: ###
        WindowsError: Si  verificato un errore interno. (Internal error)
        WindowsErrorCode: 0x80090020
      --msCryptoSignature
    --createOpaqueSignature
    Failed.
  --CreateP7M
--ChilkatLog
My code is similar to:
Dim inFile As String = "C:###test.xml"
Dim outFile As String = "C:###test.p7m.xml"

Dim crypt As New Chilkat.Crypt2 crypt.UnlockComponent("####")

Dim cert As New Chilkat.Cert cert.LoadByCommonName("#####")

Dim csp As New Chilkat.Csp csp.ProviderName = "Microsoft Enhanced RSA and AES Cryptographic Provider" csp.SetHashAlgorithm("sha256") crypt.SetCSP(csp)

If Not crypt.SetSigningCert(cert) Then Throw New Exception(crypt.LastErrorText) Else If Not crypt.CreateP7M(inFile, outFile) Then Throw New Exception(crypt.LastErrorText) Else MessageBox.Show("Success") End If End If

What can I do?

asked May 25 '15 at 02:42

OpenDotCom's gravatar image

OpenDotCom
11


Try omitting all use of Chilkat.Csp. The Chilkat.Csp object really shouldn't be needed, and it's likely that setting specific values in it are the cause of the trouble.

link

answered May 26 '15 at 09:26

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

I try your solution and it doesn't throw error. The procedure creates file p7m but it sign with sha1 algorithm. I need to sign with sha256. Next step is remove the pin request. I tried to use SetSecretKeyViaPassword but pin popup still appeared. Wath function should I use?

link

answered May 26 '15 at 10:51

OpenDotCom's gravatar image

OpenDotCom
11

edited May 26 '15 at 10:59

I don't think either of these issues can be resolved w/ Chilkat. Chilkat is simply using the CSP indirectly via the Microsoft CryptoAPI, and it may be that the CSP does not support SHA256. Also, the pin request is something controlled by the hardware/CSP/operating system and is not something that Chilkat can suppress.

link

answered May 27 '15 at 09:18

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

Ok , I will try in the Microsoft documentation.

link

answered May 27 '15 at 09:56

OpenDotCom's gravatar image

OpenDotCom
11

Could you be using a SmartCard certificate that doesn't support the provider you specified? See https://support.microsoft.com/en-us/kb/2003319 for more info.

Dan

link

answered May 28 '15 at 02:18

AgeofStrife's gravatar image

AgeofStrife
9614

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×8
×6
×2

Asked: May 25 '15 at 02:42

Seen: 1,210 times

Last updated: May 28 '15 at 02:18

powered by OSQA