EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Enter PIN programmatically

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#23404
Posted: 02/12/2013 02:18:22
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

I use smart card to sign PDF files and Windows asks me to enter PIN. Is it possible to enter PIN number programmatically? I want to generate & sign PDF files at web server for online users.
#23407
Posted: 02/12/2013 04:13:50
by Ken Ivanov (EldoS Corp.)

Hello,

Thank you for getting in touch with us.

Generally, it depends - first, on who exactly is asking for a PIN (Windows or smart card's CSP), and, second, on whether the CSP accepts PINs passed from code. Are you using TElWinCertStorage or TElPKCS11CertStorage to access the certificate?
#23409
Posted: 02/12/2013 05:16:25
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Windows dialog box asks for the PIN and I use TElWinCertStorage (CertStorage = SBWinCertStorage.TElWinCertStorage).
#23410
Posted: 02/12/2013 05:26:37
by Ken Ivanov (EldoS Corp.)

OK, please try to assign the PIN in the following way and check if it is accepted by the CSP. Note that the workability of this approach is subject to specifics of implementation of a particular CSP:

Cert.KeyMaterial.KeyExchangePIN = "your-pin-here";
Cert.KeyMaterial.SignaturePIN = "your-pin-here";

The Cert object above should be the one you are providing with the TElPDFPublicKeySecurityHandler.CertStorage storage object.
#23413
Posted: 02/12/2013 06:59:03
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Thanks, it works! I've looking for this solution for a month. Is SecureBlackbox enough for me to sign PDF files on IIS/Windows Server 2008?
#23414
Posted: 02/12/2013 07:06:06
by Ken Ivanov (EldoS Corp.)

Great, we are glad that it worked for you.

Yes, SecureBlackbox can be used in Windows Server 2008 and IIS environments.
#23422
Posted: 02/13/2013 07:17:50
by Nime Cloud (Basic support level)
Joined: 02/12/2013
Posts: 20

Last question: Can I export private key from the smartcard? I need to work on Hyper-V Guest OS environment and it's hard to install USB device. IMHO it's protected by chip.
#23428
Posted: 02/13/2013 08:58:57
by Ken Ivanov (EldoS Corp.)

In general case, no. There IS a possibility to create exportable keys though, but the exportability flag must be explicitly set on key generation or import phase.
#23723
Posted: 02/26/2013 03:15:26
by walter Schrabmair (Basic support level)
Joined: 12/15/2012
Posts: 43

Ken, can you tell me where in TinySignerPKCS11 example I have to add these to lines?

Quote

Cert.KeyMaterial.KeyExchangePIN = "your-pin-here";
Cert.KeyMaterial.SignaturePIN = "your-pin-here";
#23724
Posted: 02/26/2013 03:25:06
by Ken Ivanov (EldoS Corp.)

Walter,

These lines are only applicable to certificates accessed via a TElWinCertStorage object (i.e. those residing in or mapped to CryptoAPI certificate stores). You normally pass your PIN to the Login() method of a TElPKCS11CertStorage object if you choose to access your device via the PKCS#11 interface.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 8266 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!