EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Set PIN programmatically

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
Posted: 02/03/2014 13:33:11
by Toni Santa (Standard support level)
Joined: 05/27/2013
Posts: 57

I've an application sending soap request via Delphi VCL THTTPReqResp-component. The server needs for smartcard-authentication so when sending the reqeust it pops up the Windows security dialog asking for certificate to use and when selected the certificate it asks for the PIN-code. So far no problem. Now I would like to pass the certificate and the PIN by code. Based on your TinySignerPKCS11 demo project I'm able to open the storage (PKCS11CertStorage), get the slot and login onto the session. So the certificate with credentials should be in cache. But when posting the HTTPReqResp to the server, Windows still asks me the certificate to use and its PIN. After inserting the PIN the first time, the info seems to be cached as subsequential requests do no longer ask for certificate and PIN.
Is there a way to avoid the request of the PIN when sending the HTTPRequest first time and having the PIN? Could be the TelHTTP-components? (actually I don't have a HTTPBlackbox-license).
best regards
Posted: 02/03/2014 13:47:44
by Eugene Mayevski (EldoS Corp.)

With TElHTTPSClient you can implement client-side authentication with a certificate stored on hardware device, and you won't be prompted for any PINs (given that you pass a pin to Login method).

Delphi components use Windows HTTP client functionality which knows nothing about your PKCS#11 login session, hence the prompt.

Sincerely yours
Eugene Mayevski



Topic viewed 921 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!