EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElWinCertStorage and USB token detection

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
Posted: 08/05/2011 10:13:21
by Gianni Di Pietrantonio (Standard support level)
Joined: 07/27/2011
Posts: 7

I'am accessing X509 certificates via TElWinCertStorage.

How can I detect if USB token is really connected to the usb port?

Best Regads
Posted: 08/05/2011 10:19:15
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

You can do this using TElPKCS11CertStorage and its TElPKCS11CertStorage.OnSlotEvent event and TElPKCS11CertStorage.MonitorSlotEvents property.
Posted: 08/05/2011 10:35:45
by Ken Ivanov (EldoS Corp.)

It is not possible to detect whether the token is inserted to the slot via CryptoAPI (which is utilized by TElWinCertStorage class), as CryptoAPI does not provide information about where exactly a particular certificate is stored.
Posted: 08/05/2011 11:03:03
by Gianni Di Pietrantonio (Standard support level)
Joined: 07/27/2011
Posts: 7

Using TElPKCS11CertStorage I don't know dllname used by USB Token.
Now, we don't know wich Hardware our customers will use.

Is it possible to retrieve dllName used by a X509Certificate?
Posted: 08/05/2011 11:48:31
by Ken Ivanov (EldoS Corp.)

No. There is no way to distinguish whether a particular certificate returned by TElWinCertStorage is stored on the hardware token or in system store (neither to obtain a path to a driver DLL in the former case).

Actually, there is an indirect method of checking whether the token is actually inserted. CSPs from most of the HSM vendors make private keys available when the token is plugged in, and "hide" them when it's not. So checking the value of TElX509Certificate.PrivateKeyExists property might be a solution in your case.
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.



Topic viewed 2585 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!