[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: Calling a Microsoft CSP in a third party CSP
From: xiaowei <xiaowei () CE-INFOSYS ! COM>
Date: 2001-09-14 2:15:39
[Download RAW message or body]
Hi, everyone,
I am planning to develop a smartcard CSP. From the previous lists, some
respective people (such as Legernes) have developed the CSP by partly using
MS CSP. Such as implementing only private keys management in the third pasty
CSP and other functions (sysmmetric algs and publick key management) are
processed by the MS CSP.
The question is: When a key handle is passed in through entry point
functions, because we do not know the MS key handle format, how to identify
the key handle is MS CSP’s key handle or my CSP’s key handle? Such as in
CPSetKeyParam and CPGetKeyParam functions.
If we separate the pub key and private key respectively to MS CSP and my
CSP, how to ensure their relations? the signature and verify? (because we do
not know the MS CSP hash object format.)
Thanks in advance….
Regards,
xiaowei
-----Original Message-----
From: Microsoft Cryptographic API
[mailto:CryptoAPI@DISCUSS.MICROSOFT.COM]On Behalf Of Dag Legernæs
Sent: Friday, September 07, 2001 4:39 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Calling a Microsoft CSP in a third party CSP
Pascal,
I believe you are correct; we submit our CSP as a single DLL to MS for
signing. However, the only "other" DLL we use is rsaenh.dll which is also
signed - we do not call any unsigned DLLs explicitly.
As far as I can tell, it is up to you whether you check the signature of any
auxiliary DLLs you load from your CSP. See the "remarks" section in the
documentation on CPAcquireContext for details.
Best Regards
Dag Legernes,
ErgoXChange, Norway
-----Original Message-----
From: Pascal MERLIN [mailto:pmerlin@SCRYPTO.FR]
Sent: 7. september 2001 10:30
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Calling a Microsoft CSP in a third party CSP
Dear Dag,
thanks for your answer.
I suppose you had no problem to sign your CSP with Microsoft. We think it
means you only need to register with Microsoft when creating a new CSP,
with no regards what your CSP is doing (it can use others DLL which are not
really signed!).
Best regards
Pascal MERLIN
SCRYPTO Systems
Synergie Park
2 rue Louis de Broglie
59260 LEZENNES
Site Web : www.scrypto.fr
Tel : 03.20.91.97.78
Fax : 03.20.91.35.39
-----Message d'origine-----
De: Dag Legernes [SMTP:Dag.Legernes@ERGO.NO]
Date: jeudi 6 septembre 2001 15:31
A: CryptoAPI@DISCUSS.MICROSOFT.COM
Objet: Re: Calling a Microsoft CSP in a third party CSP
Pascal,
we have developed and tested a CSP in which we basically only implement
private key management and no cryptographic algorithms.
Our CSP uses software keys and does not support smart cards,
but the question of how to "delegate" cryptographic functionality
to MS CSP remains the same.
Our CSP establishes the connection to MS CSP by simple dynamic linking
- i.e. LoadLibrary() calls - in CPAcquireContext(). We link to rsaenh.dll
since we require 128-bits crypto, you might want to look up the default CSP
in the Registry instead. After LoadLibrary(), we set up pointers to all the
relevant functions in MS CSP by repeated calls to GetProcAddress().
Our CSP has been thorougly tested and was deployed to a substantial
number of users several months ago.
No problems relating to the dynamic-link approach oulined above have been
reported.
Best Regards
Dag Legernes
ErgoXChange, Norway
-----Original Message-----
From: Pascal MERLIN [mailto:pmerlin@SCRYPTO.FR]
Sent: 5. september 2001 16:58
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Calling a Microsoft CSP in a third party CSP
Hi everybody,
Microsoft technical documentation tells developpers that in case of smart
card CSP it is possible to implement only private keys management in the
third party CSP. There is no need to develop others functions (symmetric
algorithm and public key management), for you can use them from the
standard Microsoft CSP.
The question is :
Is it possible to call (from the third party CSP) the Microsoft CSP
functions using the CSPI? Or do you need to call functions through
CryptoAPI?
More generaly, is it possible to use dynamic link in the third party CSP?
In fact static link is perhaps a constraint to get a CSP signature from
Microsoft?
Thanks for any answer
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic