I'm trying to create .p7m file CAdES-BES digital signature). My algorithm is based on c++ chilkat example: https://www.example-code.com/cpp/cades_bes_smartcard.asp
Here's my scenario: - Visual Studio 2008 C++ - Smart card reader: Gemalto - Smart Card chip: INCARD - Bit4id Universal Middleware
Heres my test-function:
int PSignFile(LPCSTR szFile, LPCSTR szCCN)
{
int nReturn = 0;
CString sError;
try
{
CkGlobal glob;
bool success = glob.UnlockBundle(GetChilkatLicence());
if (success != true)
{
sError.Format("Chilkat - component unlock failed\n\n%s", glob.lastErrorText());
throw -1;
}
CkCrypt2 crypt;
// Use a certificate on a smartcard or USB token.
CkCert cert;
// Pass the certificate's Subject CN to the LoadByCommonName method.
success = cert.LoadByCommonName(szCCN);
if (success != true)
{
sError.Format("Chilkat - load certificate failed\n\n%s", cert.lastErrorText());
throw -2;
}
// Provide the smartcard PIN.
// If the PIN is not explicitly provided here, the Windows OS should
// display a dialog for the PIN.
//cert.put_SmartCardPin("000000");
// Provide the certificate for signing.
success = crypt.SetSigningCert(cert);
if (success != true)
{
//std::cout << crypt.lastErrorText() << "\r\n";
sError.Format("Chilkat - set signing certificate failed\n\n%s", crypt.lastErrorText());
throw -3;
}
crypt.put_CadesEnabled(true);
// Indicate that SHA-256 should be used.
crypt.put_HashAlgorithm("sha256");
// AGGIORNARE LA VERSIONE
// Specify the signed attributes to be included.
// (This is what makes it CAdES-BES compliant.)
CkJsonObject jsonSignedAttrs;
jsonSignedAttrs.UpdateInt("contentType",1);
jsonSignedAttrs.UpdateInt("signingTime",1);
jsonSignedAttrs.UpdateInt("messageDigest",1);
jsonSignedAttrs.UpdateInt("signingCertificateV2",1);
crypt.put_SigningAttributes(jsonSignedAttrs.emit());
CString sSignedFile(szFile);
sSignedFile += ".p7m";
// Create the CAdES-BES signature, which contains the original data.
success = crypt.CreateP7M(szFile, static_cast<LPCSTR>(sSignedFile));
if (success == false)
{
sError.Format("Chilkat - create p7m failed\n\n%s", crypt.lastErrorText());
throw -4;
}
}
catch(int nError)
{
nReturn = nError;
DisplayMessage(sError, "Errore firma");
}
return nReturn;
}
I obtain this message error:
ChilkatLog:
CreateP7M:
DllDate: Aug 25 2018
ChilkatVersion: 9.5.0.75
UnlockPrefix: ABCSLT.CB1092019
Architecture: Little Endian; 32-bit
Language: Visual C++ 9.0 (32-bit)
VerboseLogging: 0
Component successfully unlocked using purchased unlock code.
inPath: D:\xml\IT00484960588_BDQMJ.xml
outPath: D:\xml\IT00484960588_BDQMJ.xml.p7m
createOpaqueSignature:
createPkcs7Signature:
hashAlgorithm: sha256
isDetachedSignature: 0
dataContentSize: 99270
numSigningCerts: 1
issuerSerialNum: 351AE9
createAuthenticatedAttributes:
signingCertificateV2:
adding SigningCertificateV2 authenticated attribute...
--signingCertificateV2
--createAuthenticatedAttributes
numAsnBytesToSign: 51
msCngSignWithCert:
msPadAndSignHashV2:
WindowsError: Errore imprevisto di scheda. <--- ERROR !!!!
WindowsErrorCode: 0x8010001f
--msPadAndSignHashV2
--msCngSignWithCert
Failed to sign digest of authenticated attributes.
Failed to create one or more SignerInfos...
--createPkcs7Signature
--createOpaqueSignature
Failed.
--CreateP7M
--ChilkatLog
"WindowsError: Errore imprevisto di scheda." means "WindowsError: an unexpected card error has occurred". I'm stucked on this ! I don't know how to go on. Can anyone help me ? thanks !
Paolo
I see from the contents of the LastErrorText that you are using MSVC++ 2008 (VC9).
Please try this new build:
32-bit: https://chilkatdownload.com/prerelease/chilkat-9.5.0-x86-vc9-1061.zip
64-bit: https://chilkatdownload.com/prerelease/chilkat-9.5.0-x86_64-vc9-1062.zip
There have been improvements since August 2018 having to do with smartcards.
Note: Chilkat uses the Microsoft CNG (Cryptographic Next Generation) API internally to do the signing. If the problem remains, it may be that the cert needs to be correctly installed on your Windows system. Check the documentation provided by the smartcard vendor ( Gemalto - Smart Card chip: INCARD - Bit4id Universal Middleware ) or information about what must be done...
User contributions licensed under CC BY-SA 3.0