Posted: 01/11/2018 11:32:24
by Karel Benák (Standard support level)
Joined: 03/16/2011
Posts: 14

in our application, I sign an XML document using a certificate that is stored on a smart card but I access it using Windows My storage. Sometimes the signature fails and we get the following error message:
Signing failed: Win32 error: 2148073485 ---> SBCryptoProvWin32.EElWin32CryptoProviderError: Signing failed: Win32 error: 2148073485
   v SBCryptoProvWin32.TElWin32CryptoProvider.SignFinal(TElCustomCryptoContext Context, Byte[]& Buffer, Int32 StartIndex, Int32& Size, TElCPParameters Params, TSBProgressFunc ProgressFunc, Object ProgressData)
   v SBPublicKeyCrypto.TElRSAPublicKeyCrypto.SignFinal()
   v SBPublicKeyCrypto.TElPublicKeyCrypto.InternalSignDetached()
   v SBPublicKeyCrypto.TElPublicKeyCrypto.SignDetached(Byte[] InBuffer, Int32 InIndex, Int32 InSize, Byte[]& OutBuffer, Int32 OutIndex, Int32& OutSize)
   v SBXMLSig.TElXMLSigner.SignRSA(Byte[] Buf, TElRSAKeyMaterial KeyMaterial, Int16 AMethod)
   v SBXMLSig.TElXMLSigner.CalculateSignatureValue(Byte[] Buf)
   v SBXMLSig.TElXMLSigner.Save(TElXMLDOMNode& Node)

Could you please advise me where to look for the cause of the problem?
Thank you
Posted: 01/15/2018 00:59:21
by Ken Ivanov (Team)

Hi Karel,

Thank you for contacting us.

Error code 2148073485 (0x8009000D) stands for a system CryptoAPI error NTE_NO_KEY. When returned by a signing function, this error indicates that the private key passed to the function 'does not exist' (meaning the operating system can't see/access it right now).

There is no one specific reason for this kind of errors. When a hardware key is used in the scheme, it is often about peculiarities or a particular state of its driver layer (CSP), which make the system 'lose sight' of the key. We need to investigate the issue deeper to identify the exact root cause.

To start with, could you please describe the 'sometimes' work in more details?


- does the error happen totally randomly or there is some kind of pattern?

- what is the error's average rate of occurrence?

- do you need to re-start your application or re-insert the cryptographic hardware after the error to be able to sign successfully again?

Thanks in advance.




Topic viewed 459 times

Number of guests: 1, registered members: 0, in total hidden: 0

Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!