PowerShell
PowerShell
PKCS11 Import an Existing RSA Public Key onto the HSM
See more PKCS11 Examples
Demonstrates how to import an existing RSA Public Key onto a smart card or token.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.
$pkcs11 = New-Object Chilkat.Pkcs11
# Use the PKCS11 driver (.dll, .so, .dylib) for your particular HSM.
# (The format of the path will change with the operating system. Obviously, "C:/" is not used on non-Windows systems.
$pkcs11.SharedLibPath = "C:/Program Files (x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll"
# Establish a logged-on session.
$pin = "0000"
$userType = 1
$success = $pkcs11.QuickSession($userType,$pin)
if ($success -eq $false) {
$($pkcs11.LastErrorText)
exit
}
# Generate a new 2048-bit RSA key.
$rsa = New-Object Chilkat.Rsa
$privKey = New-Object Chilkat.PrivateKey
$success = $rsa.GenKey(2048,$privKey)
if ($success -eq $false) {
$($rsa.LastErrorText)
exit
}
# Get the public key information as XML, so we can access the modulus and exponent.
$xml = New-Object Chilkat.Xml
$pubKey = New-Object Chilkat.PublicKey
$privKey.ToPublicKey($pubKey)
$xml.LoadXml($pubKey.GetXml())
$attrs = New-Object Chilkat.JsonObject
# Specify the type of object, and the type of key.
$attrs.UpdateString("class","CKO_PUBLIC_KEY")
$attrs.UpdateString("key_type","CKK_RSA")
# Add an optional label if desired.
$attrs.UpdateString("label","RSA Public Key 1")
# Allow the key to be use for verify, wrapping, and encryption operations.
$attrs.UpdateBool("verify",$true)
$attrs.UpdateBool("wrap",$true)
$attrs.UpdateBool("encrypt",$true)
# Make this a session-only public key.
# To store the public key on the token so that it persists after the PKCS11 session, set token = $true.
$attrs.UpdateBool("token",$false)
# Provide the RSA public key material
$attrs.UpdateString("modulus",$xml.GetChildContent("Modulus"))
$attrs.UpdateString("public_exponent",$xml.GetChildContent("Exponent"))
# Create the RSA public key.
# Returns the PKCS11 object handle of the created key.
$objHandle = $pkcs11.CreatePkcs11Object($attrs)
if ($objHandle -eq 0) {
$($pkcs11.LastErrorText)
$("Failed.")
}
else {
$("PKCS11 object handle = " + $objHandle)
$("Successfully imported an RSA key..")
}
$pkcs11.Logout()
$pkcs11.CloseSession()