[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: use of pkcs#11 is limited?
From:       Laszlo Elteto <lelteto () RAINBOW ! COM>
Date:       2003-05-14 15:38:00
[Download RAW message or body]

It is strange if that CSP is designed to run only with certain application.
If that's the case I guess you are out of luck. (You better use a smart card
from a manufacturer which supports generic CAPI and PKCS#11 - but that's my
personal recommendation only.)
As for the other story: There are several cryptographic APIs in use.
One is CAPI = Microsoft's CryptoAPI. It is for Windows only. Many - but no
all - Windows applications use CAPI: it has broad support for certificates,
encrypt/decrypt, sign/verify and any token which has a CSP.
Another widely used cryptographic API is RSA Security's PKCS#11 a.k.a.
Cryptoki (Cryptographic Token Interface API). It is cross-platform but as
its name implies its scope is more limited to token support, eg. it does not
have much certificate support (except you can store and retrieve them).
Netscape uses Cryptoki (even on Windows platform).
Another widely used API is OpenSSL (and in it the crypto EAY library). It is
pure cryptography, generally doesn't have token support (except for a few
accelerator boards).
For your last question: BTW = By The Way...

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: Alberto Salvati [mailto:alberto.salvati@OMNITICKET.IT]
Sent: Wednesday, May 14, 2003 8:21 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: use of pkcs#11 is limited?


> hmmm what CSP are you using? If it's a particular smart card provider's
you
> need to ask their tech support. But generally CSPs don't check who is the
> caller (ie. what application uses them); they are supposed to work with
any
> CAPI-using app.

I use a Incard (www.incard.it) csp provider.
When i use this csp with outoook express, it asks me for smartcard pin
autentication.
After, i can sign and send email msg
But, when I use same csp form my app WITH DIFFERENT TOOLKIT, when i try to
sign, i have a error.
csp manufactured tells me that this csp can be used only from Outlook, ie,
netcsape.
It's this possible?
Now, i try to rename my app.. ;))


> BTW your subject is rather confusing as PKCS#11 is NOT CAPI and this
> discussion forum generally don't support Cryptoki. (There's a Cryptoki
> mailing list maintained by RSA.)

It's possible...
pkcs#11 is a INTERFACE to smartcard device or not?
CAPI= cryptoapi?

i'm lost in a maze....
What's means "BTW"?


A

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

This message and any material contained in any attachment may contain information \
which is the property of and which is confidential to Rainbow Technologies, Inc. This \
information is intended solely for the use of the individual or entity to whom it is \
addressed. If you are not the intended recipient, you are hereby notified that any \
disclosure, copying, distribution, or use of any of the information contained in this \
message is STRICTLY PROHIBITED. If you have received this message in error, please \
notify us immediately. Thank you.

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM


[prev in list] [next in list] [prev in thread] [next in thread]