Sample code for 30+ languages & platforms
SQL Server

ScMinidriver - Import a Certificate to IDPrime MD T=0 Smart Card

See more ScMinidriver Examples

Demonstrates how to import a certificate and its private key to a key container on an ID Prime MD T=0 smartcard.

Note: Requires Chilkat v9.5.0.88 or later. This example only runs on Windows because ScMinidriver is a Windows-only class.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @scmd int
    EXEC @hr = sp_OACreate 'Chilkat.ScMinidriver', @scmd OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- Reader names (smart card readers or USB tokens) can be discovered
    -- via List Readers or Find Smart Cards
    DECLARE @readerName nvarchar(4000)
    SELECT @readerName = 'SCM Microsystems Inc. SCR33x USB Smart Card Reader 0'
    EXEC sp_OAMethod @scmd, 'AcquireContext', @success OUT, @readerName
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @scmd
        RETURN
      END

    -- If successful, the name of the currently inserted smart card is available:

    EXEC sp_OAGetProperty @scmd, 'CardName', @sTmp0 OUT
    PRINT 'Card name: ' + @sTmp0

    -- The IDPRime MD smart card has 4 different PIN roles:
    -- "user" -- Primary Card PIN
    -- "admin" -- Administrator PIN
    -- "3" -- Digital Signature PIN
    -- "4" -- Unblock only PIN (PUK)
    -- To import a certificate to the "IDPrime MD T=0" smart card, we must first PIN authenticate using "user", and then also PIN authenticate using "3" (the Digital Signature PIN)
    DECLARE @pinId nvarchar(4000)
    SELECT @pinId = 'user'
    -- (Of course, use your PIN which may be different than "0000")
    DECLARE @retval int
    EXEC sp_OAMethod @scmd, 'PinAuthenticate', @retval OUT, @pinId, '0000'
    IF @retval <> 0
      BEGIN

        PRINT 'PIN Authentication failed.'
        EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
        EXEC @hr = sp_OADestroy @scmd
        RETURN
      END

    DECLARE @cert int
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    -- Load the cert + private key from a .p12/.pfx
    -- We got this .p12 from https://badssl.com/download/
    DECLARE @password nvarchar(4000)
    SELECT @password = 'badssl.com'
    EXEC sp_OAMethod @cert, 'LoadPfxFile', @success OUT, 'qa_data/pfx/badssl.com-client.p12', @password
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
        EXEC @hr = sp_OADestroy @scmd
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    -- Also authenticate using "3", the digital signature PIN.
    -- (Of course, use your PIN which may be different than "12345678")
    EXEC sp_OAMethod @scmd, 'PinAuthenticate', @retval OUT, '3', '12345678'
    IF @retval <> 0
      BEGIN

        PRINT 'PIN Authentication failed.'
        EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
        EXEC @hr = sp_OADestroy @scmd
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    -- Let's import this certificate as the "signature" key/cert in key container #6.
    DECLARE @containerIndex int
    SELECT @containerIndex = 6
    DECLARE @keySpec nvarchar(4000)
    SELECT @keySpec = 'sig'
    -- Note the last argument (the pin ID) is "3".  This is the required PIN ID for the IDPrime MD T=0 smart card.
    EXEC sp_OAMethod @scmd, 'ImportCert', @success OUT, @cert, @containerIndex, @keySpec, '3'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
      END
    ELSE
      BEGIN

        PRINT 'Successfully imported the cert + private key onto the smart card.'
      END

    -- Delete the context when finished with the card.
    EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
      END

    EXEC @hr = sp_OADestroy @scmd
    EXEC @hr = sp_OADestroy @cert


END
GO