|
|
|
date: Wed, 16 Jul 2008 10:58:32 +0200,
group: microsoft.public.platformsdk.security
back
RE: Signing with no hash OID
Hi Eric,
The Microsoft Base Smart Card Crypto Provider does not perform any
computation on its own. Instead, it delegates it to the card module
associated with the smart card you are using. So, the error you have comes
certainly from an issue with the card module's CardSignData function which is
not handling correctly the CRYPT_NOHASHOID flag.
I suspect that CardSignData returns an output that is invalid in this case,
or at least it doesn't have the right length, which makes the MS CSP
returning NTE_BAD_SIGNATURE because of the internal checks it performs on the
CardSignData output.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
to reach : mounir_idrix_fr (replace the underscores with the at and dot
characters respectively)
"Eric Boudrand" wrote:
> Hello,
>
> I am trying to sign data with CryptSignHash function. The arguments used are
> AT_KEYEXCHANGE and CRYPT_NOHASHOID flag. Call to this function failed with
> error 0x80090006 (NTE_BAD_SIGNATURE). I am using Microsoft Base Smart Card
> Crypto Provider. The operating system is Windows XP Pro SP3. If I set no
> flag to CrypSignHash, the call is correct. But, I would like to avoid the
> hash OID in the output. I may have forgotten something. Any idea ?
>
> One more question. What is the output format if CRYPT_NOHASHOID is set ?
> Thanks for any help.
>
> Regards.
>
> Eric Boudrand
>
>
>
>
>
>
>
>
>
>
>
date: Wed, 16 Jul 2008 17:36:00 -0700
author: Mounir IDRASSI am
Re: Signing with no hash OID
Hi Mounir,
Your suspicion was correct. I could get an update of the manufacturer card
module. I can call now CryptSignHash with CRYPT_NOHASHOID flag without
problems. Thanks.
Regards.
Eric Boudrand
"Mounir IDRASSI" <moonidra@newsgroups.nospam> a écrit dans le message de
news: 1FAD7AE1-FACB-4838-BEEB-96A84E8531C9@microsoft.com...
> Hi Eric,
>
> The Microsoft Base Smart Card Crypto Provider does not perform any
> computation on its own. Instead, it delegates it to the card module
> associated with the smart card you are using. So, the error you have comes
> certainly from an issue with the card module's CardSignData function which
> is
> not handling correctly the CRYPT_NOHASHOID flag.
> I suspect that CardSignData returns an output that is invalid in this
> case,
> or at least it doesn't have the right length, which makes the MS CSP
> returning NTE_BAD_SIGNATURE because of the internal checks it performs on
> the
> CardSignData output.
>
> Cheers,
> --
> Mounir IDRASSI
> IDRIX
> http://www.idrix.fr
>
> to reach : mounir_idrix_fr (replace the underscores with the at and dot
> characters respectively)
>
>
> "Eric Boudrand" wrote:
>
>> Hello,
>>
>> I am trying to sign data with CryptSignHash function. The arguments used
>> are
>> AT_KEYEXCHANGE and CRYPT_NOHASHOID flag. Call to this function failed
>> with
>> error 0x80090006 (NTE_BAD_SIGNATURE). I am using Microsoft Base Smart
>> Card
>> Crypto Provider. The operating system is Windows XP Pro SP3. If I set no
>> flag to CrypSignHash, the call is correct. But, I would like to avoid the
>> hash OID in the output. I may have forgotten something. Any idea ?
>>
>> One more question. What is the output format if CRYPT_NOHASHOID is set ?
>> Thanks for any help.
>>
>> Regards.
>>
>> Eric Boudrand
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
date: Tue, 29 Jul 2008 16:57:20 +0200
author: Eric Boudrand
|
|
