Decrypt the eKYC reponse using Protect Server HSM

32 views
Skip to first unread message

jyo...@syntizen.com

unread,
Apr 25, 2019, 3:04:00 AM4/25/19
to Pkcs11Interop
Hi,

Can anyone tell me how to decrypt the UIDAI eKYC response which is encrypted with Public key of PFX certificate using Protect Server HSM?

I have received SDK but it is purely using Net.Pkcs11Interop.HighLevelAPI.

Regards,
Jyoshna

Jyoshna Bayyapureddy

unread,
May 2, 2019, 9:01:39 AM5/2/19
to Pkcs11Interop, jarosla...@gmail.com
Hi Jaroslav and the others,

I want to encrypt data with the private key but it returned an error!

Here is my code:
byte[] decode = rawData
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_X_509);
byte[] decryptedData = session.Decrypt( mechanism, privateKey, decode);  
var PlText = decryptmessage(splitter.EncryptedData, splitter.IV, decryptedData);//Getting error Here when passing above line data(i.e., decryptedData)

private byte[] decryptmessage(byte[] cmessage, byte[] iVector, byte[] m_Key)
        {
            //// randomly generated number acts as inetialization vector
            byte[] m_IV = new byte[16];
            Array.Copy(iVector, 0, m_IV, 0, 16);

            // GenerateAESKey();
            KeyParameter aesKeyParam = ParameterUtilities.CreateKeyParameter("AES", m_Key);
            ParametersWithIV aesIVKeyParam = new ParametersWithIV(aesKeyParam, m_IV);

            IBufferedCipher cipher = CipherUtilities.GetCipher("AES/CFB/NoPadding");
            cipher.Init(false, aesIVKeyParam);
            return cipher.DoFinal(cmessage);
        }

The Error is:
    the key should be 128/192/256 bits in length

I am getting session key in 256 bytes. Can anyone help me to get the session key as 32 bytes?

Thanks & Regards, 

Jyoshna Bayyapureddy,

Website: www.syntizen.com

Email: jyo...@syntizen.com



--
You received this message because you are subscribed to the Google Groups "Pkcs11Interop" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pkcs11intero...@googlegroups.com.
To post to this group, send email to pkcs11...@googlegroups.com.
Visit this group at https://groups.google.com/group/pkcs11interop.

Jaroslav Imrich

unread,
May 5, 2019, 3:14:39 PM5/5/19
to Jyoshna Bayyapureddy, Pkcs11Interop
Hello Jyoshna,

I've never heard of UIDAI eKYC so I have no idea ¯\_(ツ)_/¯

Regards, Jaroslav
Reply all
Reply to author
Forward
0 new messages