EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElX509Certificate and CryptoProvider.SetProviderProp

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
Posted: 03/28/2011 11:06:20
by Grazyna Polomska (Basic support level)
Joined: 02/07/2011
Posts: 9

Dear Sirs,

I've got this:

Cert: TElX509Certificate;
PINtoSet: AnsiString;


and I've tried to set PIN using
Cert.CryptoProvider.SetProviderProp(RawByteString(PP_SIGNATURE_PIN), RawByteString(PINtoSet));

But I'm not successfull.

I can do that using "pure" CryptoAPI in this way:

PIN: AnsiString;

if (CryptAcquireCertificatePrivateKey(pCertContext, CRYPT_ACQUIRE_CACHE_FLAG, nil, hCryptProv, @dwKeySpec, nil) = True) then
CryptGetUserKey(hCryptProv, AT_SIGNATURE, @hKey);
// set PIN
if Length(PIN) > 1 then
CryptSetProvParam(hCryptProv, PP_KEYEXCHANGE_PIN, PByte(PAnsiChar(PIN)), 0);
CryptSetProvParam(hCryptProv, PP_SIGNATURE_PIN, PByte(PAnsiChar(PIN)), 0);

How to do that using SBB? Is it possible or I have to use CryptoAPI directly?
Posted: 03/28/2011 11:23:40
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

Unfortunately, there is no way to pass a PIN to the underlying CryptoAPI cryptographic provider at the moment. Actually, this hasn't been implemented due to total absence of cryptographic providers supporting PIN setup in that way. I have added the corresponding task to the to do list.
Posted: 03/28/2011 11:32:09
by Grazyna Polomska (Basic support level)
Joined: 02/07/2011
Posts: 9

I've asked because e.g. UNIZETO (the most of company in Poland uses their solution) allow to set PIN this way - it is really comfortable when you try to sing e.g. 100 or 200 documents in one session (in tax offices a.s.o.).

So I understand that nowadays I have to use direct CryptoAPI even if I buy SBB Professional. Thank you for adding that to "to do list". When we can expect SBB version which will support this?
Posted: 03/28/2011 12:52:46
by Ken Ivanov (EldoS Corp.)

I think we will be able to add this feature either to the following or to the subsequent build (i.e. to SBB 9 first of second beta build).
Posted: 03/28/2011 13:31:39
by Grazyna Polomska (Basic support level)
Joined: 02/07/2011
Posts: 9

And when we can buy that version including PIN support - next month or later? How much later?
Posted: 03/28/2011 13:42:41
by Ken Ivanov (EldoS Corp.)

Well, you can purchase the product right once the feature is available. You might actually consider evaluating the feature before purchasing to ensure that it does the job for you.

An estimated time frame for the feature to be implemented is up to month.
Posted: 03/28/2011 14:10:53
by Eugene Mayevski (EldoS Corp.)

I'd say the feature will go into SecureBlackbox 9.0, which is planned for may. The first beta of version 9 is expected somewhere next week (one new module is holding us from making it available now), but the requested feature itself will appear in one of the next betas.

Sincerely yours
Eugene Mayevski
Posted: 10/04/2011 07:34:25
by Robert Gruba (Standard support level)
Joined: 10/04/2011
Posts: 1

Is this feature in current SecureBlackbox ?
If so, how can we use it?
Posted: 10/04/2011 07:40:16
by Ken Ivanov (EldoS Corp.)

What exactly feature are you asking about (setting the values of PP_KEYEXCHANGE_PIN and PP_SIGNATURE_PIN properties, or general access to CryptSetProvParam)?
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.



Topic viewed 2525 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!