堆栈内存溢出
  简体   繁体   English

使用 Chromium Embedded Framework 缓存智能卡 PIN

[英]Caching a smart card PIN with Chromium Embedded Framework

 原文  2020-02-12 02:36:13       smartcard/ cefsharp/ chromium-embedded/ client-certificates/ ssl-client-authentication

问题描述

I have a service-oriented webapp that uses IIS 8.5 and client certificate authentication via smartcard.我有一个面向服务的 web 应用程序,它通过智能卡使用 IIS 8.5 和客户端证书身份验证。 The statically served front-end calls multiple services via AJAX.静态服务的前端通过 AJAX 调用多个服务。 The smartcards with the certificates are protected with a PIN.带有证书的智能卡受 PIN 保护。 When using Chrome, Firefox, etc. the PIN prompt appears once and is seemingly cached for subsequent use.使用 Chrome、Firefox 等时,PIN 提示出现一次,似乎已缓存以备后用。

However, we need to embed the webapp inside a Windows 10 .NET desktop application using cefsharp .但是,我们需要使用cefsharp将 webapp 嵌入到 Windows 10 .NET 桌面应用程序中。 The webapp works, but the user is requested to enter their PIN constantly, once per service is seems, and then shortly after some timeout again, for (I think) each service. webapp 可以工作,但要求用户不断输入他们的 PIN,每次服务似乎一次,然后在一段时间后再次超时,对于(我认为)每项服务。

I don't know where to begin to know if it's possible to implement caching with cefsharp.我不知道从哪里开始知道是否可以使用 cefsharp 实现缓存。 From what I read this data should have been cached by Windows , but it doesn't look like this is the case or the embedded chromium is confusing the caching strategy.从我读到的数据来看,这些数据应该已经被 Windows 缓存了,但看起来情况并非如此,或者嵌入式铬混淆了缓存策略。

Is smartcard PIN caching something that can be done with cefsharp (or IIS, or even the client's Windows machine if we must)?智能卡 PIN 缓存是否可以使用 cefsharp(或 IIS,或者甚至是客户端的 Windows 机器,如果必须的话)来完成?

1 个解决方案

解决方案1
 1  2020-12-02 14:47:35

With Gemalto, you need to change the sleep time for the smartcard (registry action for EACH CLIENT):使用金雅拓,您需要更改智能卡的休眠时间(每个客户端的注册操作):

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\calais [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Cryptography\\calais
“CardDisconnectPowerDownDelay”= dword:xxh Type: REG_DWORD Value: xx is the delay period in seconds. “CardDisconnectPowerDownDelay”= dword:xxh 类型:REG_DWORD 值:xx 是以秒为单位的延迟时间。

In our case we have set this to 180 seconds, and works fine for us (75000 cards deployed)在我们的例子中,我们将其设置为 180 秒,对我们来说效果很好(部署了 75000 张卡)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 数字签名智能卡错误的引脚反馈 - digitial signature smart card wrong pin feedback 不使用PIN读取智能卡信息吗? - Read smart card information without PIN? 重置具有Muscle卡小程序的Smart Card销 - Reset Smart Card pin having Muscle card applet 使用C#对Gemalto .net智能卡进行Pin验证 - Pin verification for Gemalto .net smart card using c# 智能卡验证引脚错误 0x80100001 - Smart Card Validation Pin Error 0x80100001 无法使用 APDU 命令验证智能卡 PIN - Cant verify smart card PIN using APDU command 在Win 8.1和Win 10下禁用虚拟智能卡的PIN缓存 - Disable PIN caching for Virtual Smart Cards under Win 8.1 & Win 10 C# 如何在使用智能卡时防止多个 Windows PIN 提示? - C# how to prevent multiple Windows PIN prompts when using a smart card? 智能卡,PIN,安全HTTP,登录和下载以及操作源HTML-需要合适的编码语言 - Smart card, PIN, Secure HTTP, Login and Downloading and manipulating the source html - need a suitable coding langugage 在 Javascript 中可以接受 PIN 缓存吗? - Is PIN caching acceptable in Javascript?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM