[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: SmartCard/CAPI NewBee Questions
From: Harry Whitehouse <harry () ENVMGR ! COM>
Date: 2000-03-28 2:42:59
[Download RAW message or body]
Hello All!
I'm relatively experienced with CAPI, and recently obtained a Gemplus smart
card which has a compatible CSP and a host of on-card resources like RSA,
DES, SHA1, etc. But I have questions..
1. I can successfully CryptacquireContext() against the card, and generate
keys (DES and RSA). But suppose I wanted to store my generated DES key on
the card (or some other secret)? Is this a CAPI function call, or do I have
to go to the SCard API set?
2. I'm presuming that calling CyrptAcquireContext on a fresh card (using
CRYPT_NEWKEYSET) creates a new RSA key pair which is stored on the card.
That's a permenant key pair (until I erase it in some way), is that correct?
I ask this because the Gemplus software interface has a simple status box
showing the items stored on the card. If I explicitly generate an RSA key
pair -- using CryptGenKey -- I generally see some notification of this key
being store on the card. However, if I just acquire and release context, and
then look at the card, the status shows no keys being stored.
3. If I start with a clean, fully-erased card, I can call
CryptAcquireContext(), CryptGenKey() for an RSA key and then
CryptReleaseContext with no error codes. However, if I rerun this little
test program a second time, the RSA key generation steps fails with a vaque
NTE_FAIL return code. I presume the card might have stored the generated
RSA key the first time and doesn't have space for a second one. I tried to
resolve this by adding a CryptDestroyKey() after the creation, but that
doesn't solve the problem. If I run a second time, I get the NTE_FAIL
error.
Anyone know what might be going on here?
TIA
Harry
----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://discuss.microsoft.com/archives/index.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic