Updated Pkcs11RsaProvider to support ICspAsymmetricAlgorithm in order to be possible the Private key to be imported into X509Certificate2 object. Also added correct SignData method which is commonly used.
Added properties:
private byte[] _cspBlob;
Updated methods:
// added _cspBlob data generation from RSACryptoServiceProvider using the PublicKey
internal Pkcs11RsaProvider(Pkcs11X509CertificateContext certContext)
Added methods:
public override byte[] SignData(byte[] data, int offset, int count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding)
public CspKeyContainerInfo CspKeyContainerInfo //NOTE not presize could be improved
public byte[] ExportCspBlob(bool includePrivateParameters)
public void ImportCspBlob(byte[] _cspBlob)
Possible usage:
// Load the Pkcs11X509Store
Pkcs11X509Store store = new Pkcs11X509Store(@"C:\Windows\SysWow64\cmP11.dll", new ConstPinProvider("1234"));
Updated Pkcs11RsaProvider to support ICspAsymmetricAlgorithm in order to be possible the Private key to be imported into X509Certificate2 object. Also added correct SignData method which is commonly used.
Added properties: private byte[] _cspBlob;
Updated methods: // added _cspBlob data generation from RSACryptoServiceProvider using the PublicKey internal Pkcs11RsaProvider(Pkcs11X509CertificateContext certContext)
Added methods: public override byte[] SignData(byte[] data, int offset, int count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) public CspKeyContainerInfo CspKeyContainerInfo //NOTE not presize could be improved public byte[] ExportCspBlob(bool includePrivateParameters) public void ImportCspBlob(byte[] _cspBlob)
Possible usage: // Load the Pkcs11X509Store Pkcs11X509Store store = new Pkcs11X509Store(@"C:\Windows\SysWow64\cmP11.dll", new ConstPinProvider("1234"));
Pkcs11X509Certificate pkcs11cert = store.Slots[0].Token.Certificates[0];
// Crate X509Certificate2 object with just a certificate X509Certificate2 x509Certificate2 = new X509Certificate2(pkcs11cert.Info.RawData);
// Get PKCS#11 based private key RSA rsaPrivateKey = (RSA)pkcs11cert.GetRSAPrivateKey();
//Set the private key to be used by Pkcs11RsaProvider Pkcs11RsaProvider pkcs11RsaPrivateKey = (Pkcs11RsaProvider)rsaPrivateKey;
// Extend X509Certificate2 with the private key x509Certificate2.PrivateKey = pkcs11RsaPrivateKey;
// Do the signature
byte[] sig = x509Certificate2.GetRSAPrivateKey().SignData(input, hashAlgorithmName, rSASignaturePadding);