CertEnroll+ USBcryptoTokens - Getting an error while generatingcertificateRequest

[Guest miiiiichal]

Hi all,

 

I have to generate certificate request using CertEnroll on my Vista.

It must be generated on the web page. To do this I use Javascript. I

crteate X509EnrollmentWebClassFactory object (the basic one) and other

objects with web enabled tag. My code works fine when I want to

generate the request using for example 'Microsoft Strong Cryptographic

Provider'. The problem appears when I use my token CSP -

'Charismathics Smart Security Interface CSP' (drivers You can download

form www.charismathics.com).

In this situation function CreateRequest() start working and throw na

error:

---------------------------

Windows Internet Explorer

---------------------------

Error: CertEnroll::CX509Enrollment:Stick out tongue_CreateRequest:

ASN1 - unexpected end of data. 0x80093102 (ASN: 258)

---------------------------

OK

---------------------------

 

Token works OK with Windows XP and mozilla and its behavior look fine

on vista (before an error apprears the private and public keys are

stored in token's memory).

 

Does anybody have similar problem with tokens?

Could you help me with this one??

Maybe I'm not set all privateKey Attributs or something like this?

 

Any suggestions?

 

This is my code my shows the problem:

 

<html>

<head>

<SCRIPT LANGUAGE="JavaScript">

<!--

function genReq(){

var cspName="Charismathics Smart Security Interface CSP";

var cspType=1;

var XCN_AT_KEYEXCHANGE=1;

var dn="CN=Name Surname";

var pkcs10="";

try{

this.classFactory = new

ActiveXObject("X509Enrollment.CX509EnrollmentWebClassFactory");

this.objPrivateKey=

this.classFactory.CreateObject("X509Enrollment.CX509PrivateKey");

this.objDN=

this.classFactory.CreateObject("X509Enrollment.CX500DistinguishedName");

this.objRequest=

this.classFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");

this.objEnroll=

this.classFactory.CreateObject("X509Enrollment.CX509Enrollment");

this.objExt=

this.classFactory.CreateObject("X509Enrollment.CX509ExtensionKeyUsage");

this.selectedCsp=

this.classFactory.CreateObject("X509Enrollment.CCspInformation");

 

this.selectedCsp.InitializeFromName(cspName);

 

 

this.objPrivateKey.CspInformations=this.classFactory.CreateObject("X509Enrollment.CCspInformations");

this.objPrivateKey.CspInformations.Add(this.selectedCsp);

this.objPrivateKey.ProviderName=this.selectedCsp.Name;

this.objPrivateKey.ProviderType= this.selectedCsp.Type;

this.objPrivateKey.KeySpec= XCN_AT_KEYEXCHANGE;

this.objPrivateKey.Length=1024;

this.objPrivateKey.KeyUsage=0xffffff;

this.objPrivateKey.ExportPolicy=1;

this.objPrivateKey.MachineContext=0;

 

this.objExt.InitializeEncode(0);

 

this.objRequest.InitializeFromPrivateKey(1,this.objPrivateKey,"");

this.objDN.Encode(dn);

this.objRequest.Subject = this.objDN;

this.objRequest.X509Extensions.Add(this.objExt);

this.objEnroll.InitializeFromRequest(this.objRequest);

// line generateing the proble:

pkcs10= this.objEnroll.CreateRequest(1);

}

catch (e) {

alert(e.name + ": " + e.message);

throw new Error("cannot initialize Enrollment Object");

}

}

//-->

</SCRIPT>

</head>

<body onLoad='genReq()'>

<H1>generate cert req.</H1>

 

</body>

</html>

 

 

thanks in advance,

miiiiichal