Re: Smartcard Encryption under Windows

From: Ian Hellen [MS] (ianhelle@online.microsoft.com)
Date: 11/04/02 

From: "Ian Hellen [MS]" <ianhelle@online.microsoft.com>
Date: Mon, 4 Nov 2002 21:28:15 -0000

Andreas,
Smartcard operations really depend on what type of certificate is stored on
the smart card. The very low level (PC/SC) operations are really only for
things like data storage, requesting key generation, etc. Typically (in a
Windows environment) smartcards are used to store certs for email signing or
smartcard logon - these only normally need digital signature key usage.
To perform data encryption you need a certificate that is created with Key
Encypherment key usage. This allows you to request that the smart card
perform encryption operations with the key pair associated with that
certificate.
The place to look for details on how to do this is the Cryptography
reference in the Security section of MSDN.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/se
curity/cryptography_portal.asp
For a simpler scriptable interface that allows most common crypto operations
look at the CAPICOM reference sub-section of this area. 

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm.
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
"MSDN Newsgroups" <andreas@brainloop.com> wrote in message
news:uoxb6FBhCHA.2460@tkmsftngp09...
> Have someone experience with writting smartcard application under windows?
>
> I want to know which cards and readers can be used to de-/encrypt data.
> An example code using PC/SC will also be nice.
>
> I have found APIs using smartcards for authentification or digital
signature
> but I nearly found one for de-/encryption.
> Any links for further information will help me, too.
>
> MfG
> Andreas Siglreithmayr
>
>

Relevant Pages

  • server 2003 smart card deployment
    ... certificate, and an administrator certificate both were ... certificate for a smart card on behalf of another user by using the smart ... insert the smartcard and click enroll, when I do I get an error, the details ... Smart Card Reader 'O2Micro PCMCIA Reader 0' rejected IOCTL EJECT: ...
    (microsoft.public.windows.server.general)
  • Re: Smartcard Encryption under Windows
    ... Smartcard operations really depend on what type of certificate is stored on ... To perform data encryption you need a certificate that is created with Key ... This allows you to request that the smart card ... > An example code using PC/SC will also be nice. ...
    (microsoft.public.win2000.security)
  • Re: Smartcard Encryption under Windows
    ... Smartcard operations really depend on what type of certificate is stored on ... To perform data encryption you need a certificate that is created with Key ... This allows you to request that the smart card ... > An example code using PC/SC will also be nice. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Does WinLogon call PC/SC directly or use CryptoAPI?
    ... It is not whether WinLogon is smart card aware or. ... matters to me as I would have to implement PC/SC driver if WinLogon makes ... It actually gets all the smartcard data ...
    (microsoft.public.platformsdk.security)
  • Re: Cannot Logon using Smartcard
    ... > I am trying to setup smart card logon in Windows 2003 domain. ... and Enterprise Sub CA for certificate enrollment. ... But only smartcard logon certifcates does not work. ...
    (microsoft.public.windows.server.security)