The EVOLIUM REDTRUST CSP is not capable of signing a non-hash. In other words, it’s not possible to do TLS 1.2 with client certificates with the RedTrust KSP. This is a common problem in CSP/KSP implementations. They assume that everything to be signed is a hash, such as SHA1, SHA256, SHA384, SHA512, and require the hash algorithm to be specified […]
This blog post describes one possible cause for the “Keyset does not exist” error when trying to access/use a non-exportable private key via the Microsoft CNG or CryptoAPI. The situation was that the certificate was installed to the user’s Current User Personal Store, but the corresponding private key was stored in the Local Machine Key Store (machine keyset). There were […]
Question: I’m tried to produce a P7S file with the hash algorithm SHA-512, but the code always produces a signature with an SHA-1 hash for the data. If I’m selecting MD5 as hash algorithm it works fine. I’m using a Smartcard (D-Trust with Siemens Card OS 4.3) , ReinerSCT card reader and as Smartcard CSP Nexus Personal 4.10.1. Here’s my […]