stackoom
  简体   繁体   中英

Replacement of PKCS #11 Smart Card Data Object in CAPI/CNG

 原文  2020-05-18 12:19:38       c#/ cryptography/ smartcard/ pkcs#11/ cng

Question

There are 3 main PKCS #11 objects (Key, Certificate, Data), I found replacement for key and certificate objects in CAPI/CNG, but I didn't found replacement for creating data object on smart card using CAPI/CNG

PKCS #11 Data Object documentation here https://www.cryptsoft.com/pkcs11doc/v220/group__SEC__10__5__DATA__OBJECTS.html

1 answers

solution1
 1 ACCPTED  2020-05-21 18:30:54

PKCS#11 or rather Cryptoki is a specification to control a secure token. Sometimes it can make sense to store other sensitive data such as password in a token. Furthermore, sometimes data is used to interact with schemes themselves, such as the "Info" parameter for key derivation functions, although commonly such data is provided as parameter to the PKCS#11 method invocation.

CAPI/CNG is much more oriented towards providing cryptographic operations for applications. It makes kind of sense that generic data objects are not supported; such objects can already be present in the software itself after all. As such, it is less need to store it on a secure device. If there is a method to retrieve such data from a secure token then I haven't seen it.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Access certificate and private key from pkcs#11 token or smart-card PKCS11 certificate Event when smart card of the X509Certificate2 object is removed Windows Smart Card Authentication to Access Website-Data Read data from second smart card reader in web application Convert PKCS'11 Object handle to X509Certificate Object in C# Read smart card on demand Issue reading smart card How to work with a Smart Card CreateObject PKCS#11 fail
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM