Re: How to load a Certificate into a memory store

From: EFS can use other csp more than ms csp. (csp._at_discussions.microsoft.com)
Date: 10/27/04

Next message: Venu: "'CMDchecktempinit could not be located' Error after applying KB840"
Previous message: Pavel Lebedinsky: "Re: Getting the user of all processes running on the system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Oct 2004 01:51:02 -0700

I have developed an csp which can be used by EFS.In my csp,I store
certificate/private key/public key in usb key.

"David Cross [MS]" wrote:

> This is not possible with EFS today since it only allows the Microsoft Base,
> Enhanced or Strong CSPs to be used which require the certificate and private
> key to be installed in the local machine. Seperately, what are the threats
> you are concerned in regards to the certificate being installed on the local
> machine?
>
> --
>
>
> David B. Cross [MS]
>
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> http://support.microsoft.com
>
> "Buzios" <buzios@po.com> wrote in message
> news:pan.2004.08.27.11.52.12.949432@po.com...
> > The OS is Win2K or XP.
> > To increase security, I want to keep the certificate created for the
> > Encryption File System out of the machine.
> >
> > The idea is to keep the certificate on a Pen Drive and import the
> > Certificate when a user logs on.
> >
> > Currently I am importing the certificate to the "MY" store when the user
> > logs on and removing it when the user logs off.
> >
> > What I would like to do is to import the certificate into a memory store
> > avoiding the need to remove the certificate when the user logs off.
> > It would be a more robust solution because if the machine is suddenly
> > powerd off the certificate would be gone.
> >
> > Any ideas on how it could be done?
> >
> > TKS in advance.
>
>
>

Next message: Venu: "'CMDchecktempinit could not be located' Error after applying KB840"
Previous message: Pavel Lebedinsky: "Re: Getting the user of all processes running on the system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: SmartCard CSP and CA certificate enrollment
... Store for each of the two keys in the ... 'default' container on the smart card. ... CSP Design & Development Consulting ... enrolls for a certificate, the Certificate Enrollment Wizard offers the ...
(microsoft.public.platformsdk.security)
Re: smart card private key
... first storing the certificate information and the private key ... information in the system store. ... first of it the name of the CSP module that manages that key. ... information about the private key present on the smart card before ...
(microsoft.public.platformsdk.security)
RE: CSPs and Certificate Extensions
... This matches the calls that are made to my CSP that I ... That means the problem is occurring when the certificate is being accessed - ... CPSignHash is called with the key spec set to AT_KEYEXCHANGE. ... of the IE certificate store. ...
(microsoft.public.platformsdk.security)
RE: Smartcard CSP Problem
... CSP documentation. ... of the private keys you store. ... Apps may call your CSP to store the corresponding certificate: ... > I am to develop a SmartCard CSP, but with no actual SmartCard behind it, but ...
(microsoft.public.platformsdk.security)
Re: SmartCard CSP and CA certificate enrollment
... The Microsoft Certificate Enrollment Wizard puts new certificates into the ... when your smart card CSP ... well-behaved smartcard CSP will store the certificate with the key. ...
(microsoft.public.platformsdk.security)