Sample code for 30+ languages & platforms
SQL Server

ScMinidriver - Get Public Keys from Smart Card Key Container

See more ScMinidriver Examples

Demonstrates how to query a key container on a smart card (or USB token) to get the public part of the private keys that are present. A key container can hold two separate private keys -- one in the "signature" position, and the other in the "key exchange" position.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- Chilkat recommends the following free tool for interactively examining the contents of your smart card
    -- through the ScMinidriver interface:  MGTEK Tool for Minidriver enabled Smart Cards

    -- Let's first look at our smart card..
    -- Here's the view of our Gemalto (Thales) IDPrime MD T=0 smart card in the MGTEK tool:

    -- (image:https://example-code.com/images/gemalto_idprime_after_key_import.JPG/endImage)

    DECLARE @scmd int
    EXEC @hr = sp_OACreate 'Chilkat.ScMinidriver', @scmd OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- First we need to acquire a context to the smart card in the reader where it is inserted.
    -- Reader names (smart card readers or USB tokens) can be discovered
    -- via List Readers or Find Smart Cards
    DECLARE @readerName nvarchar(4000)
    SELECT @readerName = 'Alcor Micro USB Smart Card Reader 0'
    EXEC sp_OAMethod @scmd, 'AcquireContext', @success OUT, @readerName
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @scmd
        RETURN
      END

    -- If successful, the name of the currently inserted smart card is available:

    EXEC sp_OAGetProperty @scmd, 'CardName', @sTmp0 OUT
    PRINT 'Card name: ' + @sTmp0

    -- We likely shouldn't need to authenticate with the smart card (use a PIN) to simply get a public key,
    -- so we can skip the PIN authenticatin step..

    -- Let's get the key(s) present in Container #7.
    -- In our case (shown in the image above), there is a private key in the "key exchange" position, but no key in the "signature" position.
    DECLARE @pubkey_sig int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubkey_sig OUT

    DECLARE @pubkey_kex int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubkey_kex OUT

    EXEC sp_OAMethod @scmd, 'GetContainerKeys', @success OUT, 7, @pubkey_sig, @pubkey_kex
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @scmd
        EXEC @hr = sp_OADestroy @pubkey_sig
        EXEC @hr = sp_OADestroy @pubkey_kex
        RETURN
      END

    EXEC sp_OAGetProperty @pubkey_sig, 'Empty', @iTmp0 OUT
    IF @iTmp0 = 1
      BEGIN

        PRINT 'No signature key is present.'
      END
    ELSE
      BEGIN

        PRINT 'Signature key:'
        EXEC sp_OAMethod @pubkey_sig, 'GetPem', @sTmp0 OUT, 1
        PRINT @sTmp0
      END

    EXEC sp_OAGetProperty @pubkey_kex, 'Empty', @iTmp0 OUT
    IF @iTmp0 = 1
      BEGIN

        PRINT 'No Key Exchange key is present.'
      END
    ELSE
      BEGIN

        PRINT 'Key Exchange key:'
        EXEC sp_OAMethod @pubkey_kex, 'GetPem', @sTmp0 OUT, 1
        PRINT @sTmp0
      END

    EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT


    PRINT 'Success.'

    -- Here's the output of the above sample code:

    -- Card name: IDPrime MD T=0
    -- No signature key is present.
    -- Key Exchange key:
    -- -----BEGIN RSA PUBLIC KEY-----
    -- MIIBCgKCAQEAsXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNi
    -- wUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv
    -- /gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyT
    -- Evb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUb
    -- E9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4
    -- ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRwIDAQAB
    -- -----END RSA PUBLIC KEY-----

    EXEC @hr = sp_OADestroy @scmd
    EXEC @hr = sp_OADestroy @pubkey_sig
    EXEC @hr = sp_OADestroy @pubkey_kex


END
GO