locked
Getting exception "Invalid Signature" when accessing PrivateKey's property of X509Certificate2 RRS feed

  • Question

  • Hello,

    I'm trying to sign a XML but when I try to access the PrivateKey property of my X509Certificate2's instance, i get this exception :

    'certificado.PrivateKey' threw an exception of type 'System.Security.Cryptography.CryptographicException'

    Stacktrace:

       at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
       at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
       at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
       at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
       at System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameters parameters)
       at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
       at NFSeUtilPBH.AssinaturaXML.Assinar(XmlDocument doc, X509Certificate2 certificado, String tag) in D:\tmp\NFe\Compo\Fontes\NFSeUtilPBH\AssinaturaXML.cs:line 53
       at NFSeUtilPBH.NFSeUtilPBHClass.AssinarXML(XmlDocument conteudoXML, String tagAssinar, Int32& codRetorno) in D:\tmp\NFe\Compo\Fontes\NFSeUtilPBH\NFSeUtilPBHClass.cs:line 39


    For getting the certificate's instance, I do this:

    X509Certificate2 _X509Cert = new X509Certificate2();
                try
                {
                    X509Store store = new X509Store("MY", StoreLocation.CurrentUser);
                    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
                    X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;
                    X509Certificate2Collection collection1 = (X509Certificate2Collection)collection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
                    X509Certificate2Collection collection2 = (X509Certificate2Collection)collection.Find(X509FindType.FindByKeyUsage, X509KeyUsageFlags.DigitalSignature, false);
    
                    X509Certificate2Collection scollection = X509Certificate2UI.SelectFromCollection(collection2, "Certificado(s) Digital(is) disponível(is)", "Selecione o Certificado Digital para uso no aplicativo", X509SelectionFlag.SingleSelection);
                    if (scollection.Count == 0)
                    {
                        _X509Cert.Reset();
                        throw new CertificadoDigitalException("Nenhum certificado escolhido");
                    }
                    else
                    {
                        _X509Cert = scollection[0];
                    }
    
                    store.Close();
                    return _X509Cert;
                }
                catch (System.Exception ex)
                {
                    throw new CertificadoDigitalException(ex.Message);
                    return _X509Cert;
                }
    OBS: _X509Cert = certificado in exception's message.

    With this code, a window appear and I select my certificate (its an usb token).

    If someone have an idea, thank you very much and sorry for my poor english.

    Visual Studio 2008 Team System / C# 3.0 / .NET 3.5 / ASPNET / Win7
    --chrisbhmg
    Monday, November 9, 2009 11:12 PM

Answers

  • Hi!

    I have upgraded the driver of my usb token (ePass2000 - Pronova) to the last version and the problem has been solved.

    Without code modification, now it's working fine!

    Thanks for your time.

    Best regards.
    Christophe T. Chavey.
    --chrisbhmg
    • Marked as answer by ChristopheBHMG Tuesday, November 10, 2009 5:32 PM
    Tuesday, November 10, 2009 5:32 PM

All replies

  • Hello

    I'm performing researches on this issue and will update you as soon as possible. Thanks for your patience.
    Regards,
    Jialiang Ge
    MSDN Subscriber Support in Forum
    If you have any feedback of our support, please contact msdnmg@microsoft.com.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    Tuesday, November 10, 2009 11:27 AM
  • Hi Jialiang,

    Thanks for reply.

    I post 2 printscreens of my certificate installation.

    http://www.postimage.org/image.php?v=aVmDX3A

    http://www.postimage.org/image.php?v=aVmCLei

    Thanks!

    --chrisbhmg
    Tuesday, November 10, 2009 2:32 PM
  • Hi!

    I have upgraded the driver of my usb token (ePass2000 - Pronova) to the last version and the problem has been solved.

    Without code modification, now it's working fine!

    Thanks for your time.

    Best regards.
    Christophe T. Chavey.
    --chrisbhmg
    • Marked as answer by ChristopheBHMG Tuesday, November 10, 2009 5:32 PM
    Tuesday, November 10, 2009 5:32 PM