'Re: How to store certificate into USB KEY'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: How to store certificate into USB KEY
From:       Laszlo Elteto <lelteto () RAINBOW ! COM>
Date:       2003-01-22 16:01:37
[Download RAW message or body]

First you need to store the certificate on the token. To do that open the
container where your private key is (CryptAcquireContext) then select your
key (CrytpGetUserKey). Now you can "attach" the certificate to your key
using CryptSetKeyParam with KP_CERTIFICATE parameter.
Since your CSP is not act as smart card provider you need to monitor the
token insertion and your CSP (or a "resident" program) has to read out the
certificate from the token and insert it into the other computer's "My" key
store (associating it with your CSP). It would be polite if you remove this
certificate from the store when the token detached (unless the user
indicates (s)he wants to store the cert permanently on that computer.
Note that you will still have limitation, eg. you cannot use the token for
NT login. For that you really need a smart card provider type CSP.

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: SUBSCRIBE CryptoAPI cnca01 [mailto:fangz@263.NET]
Sent: Tuesday, January 21, 2003 6:30 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: How to store certificate into USB KEY


Hi:

   I have developed a csp, it uses USB KEY as key container, and it works
well in outlook and IE.

But I has two questions:

The first is how can I store CERTIFICATE in my USB KEY when i request
certifcate through

certificate "enroll" control. (Now the certificate I request througth my CSP
is stored in "MY"

certificate store only )? that is, what are other factors which my csp
should support?

The second is when I insert USB KEY(It has my csp requested certificate in
it, assuming the

first problem is resolved) into another computer which has installed my csp,
how can i do to

make the certificate in it is visible in WINDOWS "MY" store automatically.


if anyone could  give me some instructions or some relating documents,
thanks in advance!


fangzhi

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic