SQL Server
SQL Server
ScMinidriver - Import a Certificate to IDPrime MD T=0 Smart Card
See more ScMinidriver Examples
Demonstrates how to import a certificate and its private key to a key container on an ID Prime MD T=0 smartcard.Note: Requires Chilkat v9.5.0.88 or later. This example only runs on Windows because ScMinidriver is a Windows-only class.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @scmd int
EXEC @hr = sp_OACreate 'Chilkat.ScMinidriver', @scmd OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- Reader names (smart card readers or USB tokens) can be discovered
-- via List Readers or Find Smart Cards
DECLARE @readerName nvarchar(4000)
SELECT @readerName = 'SCM Microsystems Inc. SCR33x USB Smart Card Reader 0'
EXEC sp_OAMethod @scmd, 'AcquireContext', @success OUT, @readerName
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @scmd
RETURN
END
-- If successful, the name of the currently inserted smart card is available:
EXEC sp_OAGetProperty @scmd, 'CardName', @sTmp0 OUT
PRINT 'Card name: ' + @sTmp0
-- The IDPRime MD smart card has 4 different PIN roles:
-- "user" -- Primary Card PIN
-- "admin" -- Administrator PIN
-- "3" -- Digital Signature PIN
-- "4" -- Unblock only PIN (PUK)
-- To import a certificate to the "IDPrime MD T=0" smart card, we must first PIN authenticate using "user", and then also PIN authenticate using "3" (the Digital Signature PIN)
DECLARE @pinId nvarchar(4000)
SELECT @pinId = 'user'
-- (Of course, use your PIN which may be different than "0000")
DECLARE @retval int
EXEC sp_OAMethod @scmd, 'PinAuthenticate', @retval OUT, @pinId, '0000'
IF @retval <> 0
BEGIN
PRINT 'PIN Authentication failed.'
EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
EXEC @hr = sp_OADestroy @scmd
RETURN
END
DECLARE @cert int
EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT
-- Load the cert + private key from a .p12/.pfx
-- We got this .p12 from https://badssl.com/download/
DECLARE @password nvarchar(4000)
SELECT @password = 'badssl.com'
EXEC sp_OAMethod @cert, 'LoadPfxFile', @success OUT, 'qa_data/pfx/badssl.com-client.p12', @password
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
EXEC @hr = sp_OADestroy @scmd
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- Also authenticate using "3", the digital signature PIN.
-- (Of course, use your PIN which may be different than "12345678")
EXEC sp_OAMethod @scmd, 'PinAuthenticate', @retval OUT, '3', '12345678'
IF @retval <> 0
BEGIN
PRINT 'PIN Authentication failed.'
EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
EXEC @hr = sp_OADestroy @scmd
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- Let's import this certificate as the "signature" key/cert in key container #6.
DECLARE @containerIndex int
SELECT @containerIndex = 6
DECLARE @keySpec nvarchar(4000)
SELECT @keySpec = 'sig'
-- Note the last argument (the pin ID) is "3". This is the required PIN ID for the IDPrime MD T=0 smart card.
EXEC sp_OAMethod @scmd, 'ImportCert', @success OUT, @cert, @containerIndex, @keySpec, '3'
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
END
ELSE
BEGIN
PRINT 'Successfully imported the cert + private key onto the smart card.'
END
-- Delete the context when finished with the card.
EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
END
EXEC @hr = sp_OADestroy @scmd
EXEC @hr = sp_OADestroy @cert
END
GO