'Re: AW: CSP, Certificates and Smartcards'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: AW: CSP, Certificates and Smartcards
From:       Peto Bori <smartwin2000 () HOTMAIL ! COM>
Date:       2000-10-30 8:22:34
[Download RAW message or body]


Hello,

Thank you for responding.

But the function setKeyParam is never called using our CSP. And the
KP_CERTIFICATE is only used
within the schannel context (according to the SDK july 2000).

Our CSP now supports RSA_FULL, but what your saying is that we also
need to support the schannel extensions?

And to do that would we have to return the SSL3 SHAMD5 algorithm when
getProvParam( enumalg ) is called?

Tom Rixom &
Peter Boevink.

----- Original Message -----
From: "Peter Bodenmann" <peter.bodenmann@GMX.CH>
To: <CryptoAPI@DISCUSS.MICROSOFT.COM>
Sent: Friday, October 27, 2000 9:59 PM
Subject: AW: CSP, Certificates and Smartcards


> Hi,
>
> The last thing in a successful enrollment is "Install Certificate", which
> publishes the certificate in the active directory and stores it on the
> smart card. The later is done by calling CPSetKeyParam with parameter
> KP_CERTIFICATE.
> (The length of the buffer that is passed to this function you have to
> determine by parsing the ASN.1 structure of the certificate)
>
> Peter Bodenmann
>
>
> ------------------------------------------------------
> WinTrust                        phone +41 52 335 45 25
> Peter Bodenmann                mobile +41 78 644 58 86
> Hochgruetstr. 10          e-mail peter.bodenmann@gmx.ch
> 8472 Seuzach
> Switzerland
>
>
>
>
> Von:    Peto Bori [SMTP:smartwin2000@HOTMAIL.COM]
> Gesendet am:    Freitag, 27. Oktober 2000 16:59
> An:     CryptoAPI@DISCUSS.MICROSOFT.COM
> Betreff:        Re: CSP, Certificates and Smartcards
>
> Thank u for responding,
>
> But to write a certificate onto a smart card an application must call
> something that
> knows how to write such a certificate onto a specific smart card.
>
> We are writing a CSP which can be used to enroll smart card users. It
> creates the
> keyset on the smart card succesfully and a certificate is generated in the
> specific
> CA, but the enrollment then fails with a error code.
>
> This is because we are missing the functionality needed to write that
> certificate onto
> the smart card. (we think)
>
> I would think the CSP  would also handle the certificate functionality but
> their is no
> indication of who to do this in the documentation or if this is the right
> thing to do.
>
> So we are still stuck with the question: "Who do i write the certificate
> onto a smartcard?"?
> Anyone?
>
> Tom Rixom &
> Peter Boevink
>
> ----- Original Message -----
> From: "Greg Stark" <gstark@ethentica.com>
> To: <smartwin2000@HOTMAIL.COM>
> Sent: Friday, October 27, 2000 3:49 PM
> Subject: Re: CSP, Certificates and Smartcards
>
>
> > The certificates are created and managed entirely by the application
> which
> > is using your CSP, e.g. Outlook Express. The CSP only gives (and gets)
> > public keys. The CSP does handle all the managament of private keys and
> > these are normally stored protected on the smart card. I suppose a good
> > application could be aware of the presence of a smart card and attempt
to
> > store the certificate there as well for portability reasons, but I don't
> > believe any of the Crypto SPI functions (CP**) address this.
> >
> > Greg Stark, gstark@ethentica.com
> > Chief Security Architect
> > Ethentica, Inc.
> > www.ethentica.com
> >
> >
> > ----- Original Message -----
> > From: "Peto Bori" <smartwin2000@HOTMAIL.COM>
> > To: <CryptoAPI@DISCUSS.MICROSOFT.COM>
> > Sent: Friday, October 27, 2000 6:33 AM
> > Subject: CSP, Certificates and Smartcards
> >
> >
> > Hello,
> >
> > I have a questions about CSP's and Smartcards.
> >
> > Even if you setup all the functions correctly for a RSA_FULL CSP
> > such as signing, hashing, etc... when is the Certificate produced
> > actually stored on the smartcard?
> >
> > Does the CSP have to register Certificate functions?
> >
> > Tom Rixom &
> > Peter Boevink
> >
> > ----------------------------------------------------------------
> > Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
> > contains important info including how to unsubscribe.  Save time, search
> > the archives at http://discuss.microsoft.com/archives/index.html
> >
> >
> >
>
> ----------------------------------------------------------------
> Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
> contains important info including how to unsubscribe.  Save time, search
> the archives at http://discuss.microsoft.com/archives/index.html
>
> ----------------------------------------------------------------
> Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
> contains important info including how to unsubscribe.  Save time, search
> the archives at http://discuss.microsoft.com/archives/index.html
>

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic