Signing PDF using Pkcs11Interop for CKM_ECDSA_SHA256 (ECDSA with SHA256) C# .net
girije...@gmail.com
I found an CKM enum, CKM_ECDSA_SHA256, which I am passing while creating an object of class mechanism for calling the Sign method of Session.
I am getting the response from the "Signdata" method, however, on opening the Pdf files generated after signing give an error "Signature Invalid". Here is the code snippet for Signdata method call. I don't get any error or exception in the code, however, the pdf as I have mentioned are showing signature invalid.
private Pkcs11 _pkcs11;
private Slot _slot;
private Session _session;
try
{
_pkcs11 = new Pkcs11(hsmCryptoApi, true);
}
catch (Pkcs11Exception ex)
{
if (ex.RV == CKR.CKR_CANT_LOCK)
_pkcs11 = new Pkcs11(hsmCryptoApi, false);
else
throw ex;
}
_slot = FindSlot(_pkcs11, _certificateInformation.TokenLabel);
_session = _slot.OpenSession(true);
using (Mechanism mechanism = new Mechanism(CKM.CKM_ECDSA_SHA256))
{
_session.Login(CKU.CKU_USER, passowrd);
byte[] signedHash = _session.Sign(mechanism, GetPrivateKeyHandle(), message);
_session.Logout();
return signedHash;
}
private ObjectHandle GetPrivateKeyHandle()
{
string keyLabel = _certificateInformation.KeyLabel;
List<ObjectAttribute> searchTemplate = new List<ObjectAttribute>();
searchTemplate.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY));
searchTemplate.Add(new ObjectAttribute(CKA.CKA_LABEL, keyLabel));
List<ObjectHandle> foundObjects = _session.FindAllObjects(searchTemplate);
return foundObjects[0];
}
Jaroslav Imrich
--
You received this message because you are subscribed to the Google Groups "Pkcs11Interop" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pkcs11interop+unsubscribe@googlegroups.com.
To post to this group, send email to pkcs11...@googlegroups.com.
Visit this group at https://groups.google.com/group/pkcs11interop.