a related issue i found some days ago related to windows public/private key handling. Not very close to the topic, but imho close enough to post (and ask). http://social.msdn.microsoft.com/Forums/en-AU/windowssecurity/thread/676746c1-f9d0-4590-87b6-6a2fbddd319f
2011/12/3 Hunter William <william.hun...@trusted-logic.com>: > Hi, > > Having just done this, I may be able to help. You do need the minidriver > installed for this to work. Check out > http://www.opensc-project.org/opensc/wiki/MiniDriver for details. In a > nutshell: > > - Make sure you have the minidriver dll - you may need a different version of > OpenSC (look for opensc-minidriver.dll) > - Add your ATR to the registry as detailed in the wiki > - Test and load the certificates into the store using certutil -SCInfo. Your > card should be recognised with the name you used in the registry - otherwise > the first two steps weren't done properly. Note that you can get certutil in > Windows XP too - look for the Windows 2003 Adminpak. In fact I don't know of > another way to get the certificates loaded properly (can you use the tools > bundled with opensc?), so you will probably need to install this on XP. > - Make sure that the certificate is loaded, and that the private key > reference is present (important!) in the Microsoft store (run certmgr.msc). > > Then you should be able to use the certificate where required. When the > private key is necessary, the BaseCSP will prompt you for the PIN (the > certificate maintains a reference to where to find the private key). Note > that I experienced a number of issues with getting the certificate reliably > into the store *with* the private key, but this seemed to be because I was > changing my certificate, and Microsoft seems to keep a reference to the > private key even when you delete the public key. You can usually fix this by > rebooting or by running certutil -repairstore -user my <cert ID>. > > Hope that helps, > Will > ________________________________________ > From: opensc-devel-boun...@lists.opensc-project.org > [opensc-devel-boun...@lists.opensc-project.org] On Behalf Of michele > [mich...@mailc.net] > Sent: 02 December 2011 04:15 PM > To: opensc-devel@lists.opensc-project.org > Subject: [opensc-devel] opensc csp and windows > > Hi, I'm looking for guidelines for using the latest stable of OpenSC > with Windows XP and 7. > I need to authenticate to a web site by reading the certificate stored > in the smart card. All works fine using > Mozilla Firefox (and adding a new Security device by specifying the > opensc dll), but now I'm interested in the > CSP stuff. How can certificates stored in the smart card loaded into the > Microsoft store and then used by Internet Explorer? > Is the experimental mini driver what I want? How it works? > > Thank you for any guidelines. > > Michele > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
