如何使用密码键盘在 Ncryptoki 中输入密码
How to use the PINpad to enter the Password in Ncryptoki
我目前正在使用 Ncryptoki C# 示例项目来测试 HSM 是否正常工作。我已经设置并初始化了插槽和令牌。当我 运行 示例代码时,它总是告诉我错误的 PIN。我使用密码键盘输入密码“1111”,如有帮助将不胜感激。
using System;
using System.Collections.Generic;
using System.Collections;
using System.Text;
using Cryptware.NCryptoki;
namespace USCToolkit.NCryptokiTest
{
class Program
{
static void Main(string[] args)
{
// Creates a Cryptoki object related to the specific PKCS#11 native library
//Cryptoki cryptoki = new Cryptoki("smaoscki.dll");
Cryptoki cryptoki = new Cryptoki(@"C:\Program Files\SafeNet\LunaClient\cryptoki.dll");
cryptoki.Initialize();
// Prints all information relating to the native library
CryptokiInfo info = cryptoki.Info;
Console.WriteLine(info.Version);
Console.WriteLine(info.ManufacturerID);
Console.WriteLine(info.LibDescription);
// Reads the set of slots containing a token
SlotList slots = cryptoki.Slots;
if(slots.Count == 0)
{
Console.WriteLine("No slot available");
return;
}
// Gets the first slot available
Slot slot = slots[0];
// Prints all information relating to the slot
SlotInfo sinfo = slot.Info;
Console.WriteLine(sinfo.Description);
Console.WriteLine(sinfo.ManufacturerID);
///
Console.WriteLine("flags: "+sinfo.Flags);
if (!slot.IsTokenPresent)
{
Console.WriteLine("No token inserted in the slot: " + slots[0].Info.Description);
return;
}
// Gets the first token available
Token token = slot.Token;
// Prints all information relating to the token
TokenInfo tinfo = token.Info;
Console.WriteLine(tinfo.Label);
Console.WriteLine(tinfo.ManufacturerID);
Console.WriteLine(tinfo.Model);
Console.WriteLine(tinfo.SerialNumber);
Console.WriteLine(tinfo.HardwareVersion);
// Opens a read/write serial session
Session session =
token.OpenSession(Session.CKF_SERIAL_SESSION | Session.CKF_RW_SESSION,
null,
null);
/////
//PIN pin = new PIN();
/////
// Executes the login passing the user PIN
int nRes = session.Login(Session.CKU_USER,"1111");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
Console.WriteLine("Logged in:" + session.IsLoggedIn);
// Searchs for an RSA private key object
// Sets the template with its attributes
CryptokiCollection template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
// Launchs the search specifying the template just created
CryptokiCollection objects = session.Objects.Find(template, 10);
foreach (Object obj in objects)
{
Console.WriteLine(((PrivateKey)obj).Label);
}
for (int i = 0; i < objects.Count; i++)
{
Console.WriteLine(((PrivateKey)objects[i]).Label);
}
RSAPrivateKey privateKey;
RSAPublicKey publicKey;
// If the private key is not found generates the key pair
if(objects.Count == 0)
{
CryptokiCollection templatePub = new CryptokiCollection();
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, "1"));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS, 1024));
CryptokiCollection templatePri = new CryptokiCollection();
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, "1"));
//Generate the key pair
Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);
privateKey = (RSAPrivateKey)keys[1];
publicKey = (RSAPublicKey)keys[0];
}
else //If the private key is found gets the corresponding public key
{
privateKey = (RSAPrivateKey)objects[objects.Count - 1];
Console.WriteLine(privateKey.Label);
// search for the related public key
template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
// Launchs the search specifying the template just created
objects = session.Objects.Find(template, 1);
publicKey = (RSAPublicKey)objects[0];
Console.WriteLine(publicKey.Label);
// prepares for the signature
string helloworld = "Hello World";
byte[] text = Encoding.ASCII.GetBytes(helloworld);
// launches the digital signature operation with a RSA_PKCS mechanism
nRes = session.SignInit(Mechanism.SHA1_RSA_PKCS, privateKey);
// computes the signature
byte[] signature = session.Sign(text);
// launches the digital signature verification with a RSA_PKCS mechanism
nRes = session.VerifyInit(Mechanism.SHA1_RSA_PKCS, publicKey);
// verifies the signature
nRes = session.Verify(text, signature);
// results if nRes == 0 means that the verification is OK
Console.Write("Verified " + (nRes == 0));
}
// Logouts and closes the session
session.Logout();
session.Close();
cryptoki.Finalize(IntPtr.Zero);
}
}
}
我猜你的问题是由于 Login 方法的 return 值验证不充分造成的:
int nRes = session.Login(Session.CKU_USER,"1111");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
仅当值为 0 但基础 PKCS#11 函数 C_Login returns not only CKR_OK but also CKR_USER_ALREADY_LOGGED_IN 和一堆其他代码不一定表示错误时,您的代码才会继续。
我终于明白我的问题了。我在 LunaG5 上工作,当初始化令牌(黑键)时,将创建一个秘密文本字符串。格式类似于:Asdf-s4SD-DF7d4-wd3S。安装 KSP 时也会使用此字符串。密码“1111”仅在密码键盘上使用,但应用程序中必须使用密码字符串来验证您使用的是哪个令牌。
int nRes = session.Login(Session.CKU_USER,"Asdfs4SDDF7d4wd3S");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
对于秘密字符串的创建,搜索:创建旧式 PED 验证的应用程序分区
我目前正在使用 Ncryptoki C# 示例项目来测试 HSM 是否正常工作。我已经设置并初始化了插槽和令牌。当我 运行 示例代码时,它总是告诉我错误的 PIN。我使用密码键盘输入密码“1111”,如有帮助将不胜感激。
using System;
using System.Collections.Generic;
using System.Collections;
using System.Text;
using Cryptware.NCryptoki;
namespace USCToolkit.NCryptokiTest
{
class Program
{
static void Main(string[] args)
{
// Creates a Cryptoki object related to the specific PKCS#11 native library
//Cryptoki cryptoki = new Cryptoki("smaoscki.dll");
Cryptoki cryptoki = new Cryptoki(@"C:\Program Files\SafeNet\LunaClient\cryptoki.dll");
cryptoki.Initialize();
// Prints all information relating to the native library
CryptokiInfo info = cryptoki.Info;
Console.WriteLine(info.Version);
Console.WriteLine(info.ManufacturerID);
Console.WriteLine(info.LibDescription);
// Reads the set of slots containing a token
SlotList slots = cryptoki.Slots;
if(slots.Count == 0)
{
Console.WriteLine("No slot available");
return;
}
// Gets the first slot available
Slot slot = slots[0];
// Prints all information relating to the slot
SlotInfo sinfo = slot.Info;
Console.WriteLine(sinfo.Description);
Console.WriteLine(sinfo.ManufacturerID);
///
Console.WriteLine("flags: "+sinfo.Flags);
if (!slot.IsTokenPresent)
{
Console.WriteLine("No token inserted in the slot: " + slots[0].Info.Description);
return;
}
// Gets the first token available
Token token = slot.Token;
// Prints all information relating to the token
TokenInfo tinfo = token.Info;
Console.WriteLine(tinfo.Label);
Console.WriteLine(tinfo.ManufacturerID);
Console.WriteLine(tinfo.Model);
Console.WriteLine(tinfo.SerialNumber);
Console.WriteLine(tinfo.HardwareVersion);
// Opens a read/write serial session
Session session =
token.OpenSession(Session.CKF_SERIAL_SESSION | Session.CKF_RW_SESSION,
null,
null);
/////
//PIN pin = new PIN();
/////
// Executes the login passing the user PIN
int nRes = session.Login(Session.CKU_USER,"1111");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
Console.WriteLine("Logged in:" + session.IsLoggedIn);
// Searchs for an RSA private key object
// Sets the template with its attributes
CryptokiCollection template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
// Launchs the search specifying the template just created
CryptokiCollection objects = session.Objects.Find(template, 10);
foreach (Object obj in objects)
{
Console.WriteLine(((PrivateKey)obj).Label);
}
for (int i = 0; i < objects.Count; i++)
{
Console.WriteLine(((PrivateKey)objects[i]).Label);
}
RSAPrivateKey privateKey;
RSAPublicKey publicKey;
// If the private key is not found generates the key pair
if(objects.Count == 0)
{
CryptokiCollection templatePub = new CryptokiCollection();
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, "1"));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS, 1024));
CryptokiCollection templatePri = new CryptokiCollection();
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, "1"));
//Generate the key pair
Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);
privateKey = (RSAPrivateKey)keys[1];
publicKey = (RSAPublicKey)keys[0];
}
else //If the private key is found gets the corresponding public key
{
privateKey = (RSAPrivateKey)objects[objects.Count - 1];
Console.WriteLine(privateKey.Label);
// search for the related public key
template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
// Launchs the search specifying the template just created
objects = session.Objects.Find(template, 1);
publicKey = (RSAPublicKey)objects[0];
Console.WriteLine(publicKey.Label);
// prepares for the signature
string helloworld = "Hello World";
byte[] text = Encoding.ASCII.GetBytes(helloworld);
// launches the digital signature operation with a RSA_PKCS mechanism
nRes = session.SignInit(Mechanism.SHA1_RSA_PKCS, privateKey);
// computes the signature
byte[] signature = session.Sign(text);
// launches the digital signature verification with a RSA_PKCS mechanism
nRes = session.VerifyInit(Mechanism.SHA1_RSA_PKCS, publicKey);
// verifies the signature
nRes = session.Verify(text, signature);
// results if nRes == 0 means that the verification is OK
Console.Write("Verified " + (nRes == 0));
}
// Logouts and closes the session
session.Logout();
session.Close();
cryptoki.Finalize(IntPtr.Zero);
}
}
}
我猜你的问题是由于 Login 方法的 return 值验证不充分造成的:
int nRes = session.Login(Session.CKU_USER,"1111");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
仅当值为 0 但基础 PKCS#11 函数 C_Login returns not only CKR_OK but also CKR_USER_ALREADY_LOGGED_IN 和一堆其他代码不一定表示错误时,您的代码才会继续。
我终于明白我的问题了。我在 LunaG5 上工作,当初始化令牌(黑键)时,将创建一个秘密文本字符串。格式类似于:Asdf-s4SD-DF7d4-wd3S。安装 KSP 时也会使用此字符串。密码“1111”仅在密码键盘上使用,但应用程序中必须使用密码字符串来验证您使用的是哪个令牌。
int nRes = session.Login(Session.CKU_USER,"Asdfs4SDDF7d4wd3S");
if (nRes != 0)
{
Console.WriteLine("Wrong PIN");
return;
}
对于秘密字符串的创建,搜索:创建旧式 PED 验证的应用程序分区