use PKCS#11 (hardware) storages

PKCS#11 is a standard for API to hardware security devices such as smart cards, USB tokens, other hardware, which is used to store certificates and private keys, or perform cryptographic operations.

SecureBlackbox provides access to such devices using TElPKCS11CertStorage class. To use this class and access or manage the certificates in PKCS11 storage, you need to take the following actions:

1. set DLLName property of TElPKCS11CertStorage class. The DLLName refers to so-called PKCS#11 driver -- a DLL which is provided by the hardware manufacturer, and contains the PKCS#11 interface functions.
2. call Open() method of TElPKCS11CertStorage class to load the driver and open the storage
3. use Module property of TElPKCS11CertStorage class to access the TElPKCS11Module class. TElPKCS11Module class provides information about the hardware device. Among other things, it provides access to information about hardware device slots (using TElPKCS11Module.Slot[] and TElPKCS11Module.SlotCount properties). I.e. you can find out if the slot contains a storage (for example, card reader may contain 2 reader slots, one of which has an inserted card).
4. use TElPKCS11CertStorage.OpenSession() method to open the session. You need to specify, which slot you want to access and whether the session is read-only (you will only read the certificates and/or keys) or read-write (you want to add/modify/delete the infromation in the storage device). OpenSession() method returns a reference to TElPKCS11SessionInfo class.
5. use TElPKCS11SessionInfo class to login to the session using your PIN (password) for the hardware device. Call TElPKCS11SessionInfo.Login() method to login. Store the reference to TElPKCS11SessionInfo class, cause you will need it later if you need to logout.

Now you can use and manage the certificates in the hardware device.

Remember to call Close() method of TElPKCS11CertStorage class to end using the hardware device, deallocate the resources and unload the driver DLL.

ActiveX: some methods are included in secondary interfaces of the object. In this case you need to cast the object to the necessary interface.