Class PrivateKey

Class describes a private key object. Inherits from Key.

Note that the constructor is not intended to be called by user code. Such objects are constructed internally by the API.

Inheritance

System.Object

TokenObject

Key

PrivateKey

RSAPrivateKey

Inherited Members

Key.GetKeyType()

Key.GetAlgorithmName()

Key.GetKeyLength()

TokenObject.Equals(Object)

TokenObject.GetHashCode()

TokenObject.GetParent()

TokenObject.GetType()

TokenObject.GetCkId()

TokenObject.GetCkLabel()

TokenObject.GetPinNumber()

TokenObject.GetDetails()

System.Object.Equals(System.Object, System.Object)

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: scmapi

Assembly: scmapi.dll

Syntax

public class PrivateKey : Key

Methods

Decrypt(Byte[])

Decrypts the provided data using a private key. The operation will use PKCS#1 padding.

Declaration

public byte[] Decrypt(byte[] data)

Parameters

Type	Name	Description
System.Byte[]	data	bytearray containing the ciphertext data to decrypt.

Returns

Type	Description
System.Byte[]	bytearray containing the plaintext data.

HashAndSign(Byte[], String)

Hashes the provided data and signs the hash using a private key. The operation will use PKCS#11 padding.

The HashAlg parameter indicates the hash algorithm to use and can take the following values:

• sha1 or sha256: Available for all keys (SHA-1 may be forbidden with qualified signature keys depending on the card profile). The API will automatically take care of the partial hashing requirement when used with a qualified signature key.
• sha384 or sha512: Not available for qualified signature keys.

Declaration

public byte[] HashAndSign(byte[] data, string hashAlg)

Parameters

Type	Name	Description
System.Byte[]	data	data to hash, provided as a bytearray.
System.String	hashAlg	algorithm of the hash.

Returns

Type	Description
System.Byte[]	the bytearray containing the signature.

IsPartialHash()

Returns true if the key must use partial hashing (qualified signature key). Available only for private Keys.

Declaration

public bool IsPartialHash()

Returns

Type	Description
System.Boolean	true if the key must use partial hashing (qualified signature key); otherwise, false.

Sign(Byte[], String)

Signs the provided data and signs the hash using a private key. The operation will use PKCS#11 padding.

The HashAlg parameter indicates the hash algorithm to use and can take the following values:

• null: The hash data will be signed as provided. Not available for qualified signature keys.
• sha1, sha256, sha384 or sha512: The corresponding OID will be prepended. Not available for qualified signature keys.
• sha1-partial or sha256-partial: The hash must be provided as a partial hash block (containing intermediate hash values) as defined by the IAS specifications. The hash will be finalized by the card and the corresponding OID will be prepended. Available only for qualified signature keys.

Declaration

public byte[] Sign(byte[] hash, string hashAlg)

Parameters

Type	Name	Description
System.Byte[]	hash	bytearray containing the hash value.
System.String	hashAlg	algorithm of the hash.

Returns

Type	Description
System.Byte[]	the bytearray containing the signature.