EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Enter PIN programmatically

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
Posted: 02/12/2013 02:18:22
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

I use smart card to sign PDF files and Windows asks me to enter PIN. Is it possible to enter PIN number programmatically? I want to generate & sign PDF files at web server for online users.
Posted: 02/12/2013 04:13:50
by Ken Ivanov (EldoS Corp.)


Thank you for getting in touch with us.

Generally, it depends - first, on who exactly is asking for a PIN (Windows or smart card's CSP), and, second, on whether the CSP accepts PINs passed from code. Are you using TElWinCertStorage or TElPKCS11CertStorage to access the certificate?
Posted: 02/12/2013 05:16:25
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Windows dialog box asks for the PIN and I use TElWinCertStorage (CertStorage = SBWinCertStorage.TElWinCertStorage).
Posted: 02/12/2013 05:26:37
by Ken Ivanov (EldoS Corp.)

OK, please try to assign the PIN in the following way and check if it is accepted by the CSP. Note that the workability of this approach is subject to specifics of implementation of a particular CSP:

Cert.KeyMaterial.KeyExchangePIN = "your-pin-here";
Cert.KeyMaterial.SignaturePIN = "your-pin-here";

The Cert object above should be the one you are providing with the TElPDFPublicKeySecurityHandler.CertStorage storage object.
Posted: 02/12/2013 06:59:03
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Thanks, it works! I've looking for this solution for a month. Is SecureBlackbox enough for me to sign PDF files on IIS/Windows Server 2008?
Posted: 02/12/2013 07:06:06
by Ken Ivanov (EldoS Corp.)

Great, we are glad that it worked for you.

Yes, SecureBlackbox can be used in Windows Server 2008 and IIS environments.
Posted: 02/13/2013 07:17:50
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Last question: Can I export private key from the smartcard? I need to work on Hyper-V Guest OS environment and it's hard to install USB device. IMHO it's protected by chip.
Posted: 02/13/2013 08:58:57
by Ken Ivanov (EldoS Corp.)

In general case, no. There IS a possibility to create exportable keys though, but the exportability flag must be explicitly set on key generation or import phase.
Posted: 02/26/2013 03:15:26
by walter Schrabmair (Basic support level)
Joined: 12/15/2012
Posts: 43

Ken, can you tell me where in TinySignerPKCS11 example I have to add these to lines?


Cert.KeyMaterial.KeyExchangePIN = "your-pin-here";
Cert.KeyMaterial.SignaturePIN = "your-pin-here";
Posted: 02/26/2013 03:25:06
by Ken Ivanov (EldoS Corp.)


These lines are only applicable to certificates accessed via a TElWinCertStorage object (i.e. those residing in or mapped to CryptoAPI certificate stores). You normally pass your PIN to the Login() method of a TElPKCS11CertStorage object if you choose to access your device via the PKCS#11 interface.
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.



Topic viewed 11347 times

Number of guests: 2, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!