C
C
ScMinidriver - Import a Certificate to IDPrime MD T=0 Smart Card
See more ScMinidriver Examples
Demonstrates how to import a certificate and its private key to a key container on an ID Prime MD T=0 smartcard.Note: Requires Chilkat v9.5.0.88 or later. This example only runs on Windows because ScMinidriver is a Windows-only class.
Chilkat C Downloads
#include <C_CkScMinidriver.h>
#include <C_CkCert.h>
void ChilkatSample(void)
{
BOOL success;
HCkScMinidriver scmd;
const char *readerName;
const char *pinId;
int retval;
HCkCert cert;
const char *password;
int containerIndex;
const char *keySpec;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
scmd = CkScMinidriver_Create();
// Reader names (smart card readers or USB tokens) can be discovered
// via List Readers or Find Smart Cards
readerName = "SCM Microsystems Inc. SCR33x USB Smart Card Reader 0";
success = CkScMinidriver_AcquireContext(scmd,readerName);
if (success == FALSE) {
printf("%s\n",CkScMinidriver_lastErrorText(scmd));
CkScMinidriver_Dispose(scmd);
return;
}
// If successful, the name of the currently inserted smart card is available:
printf("Card name: %s\n",CkScMinidriver_cardName(scmd));
// The IDPRime MD smart card has 4 different PIN roles:
// "user" -- Primary Card PIN
// "admin" -- Administrator PIN
// "3" -- Digital Signature PIN
// "4" -- Unblock only PIN (PUK)
// To import a certificate to the "IDPrime MD T=0" smart card, we must first PIN authenticate using "user", and then also PIN authenticate using "3" (the Digital Signature PIN)
pinId = "user";
// (Of course, use your PIN which may be different than "0000")
retval = CkScMinidriver_PinAuthenticate(scmd,pinId,"0000");
if (retval != 0) {
printf("PIN Authentication failed.\n");
CkScMinidriver_DeleteContext(scmd);
CkScMinidriver_Dispose(scmd);
return;
}
cert = CkCert_Create();
// Load the cert + private key from a .p12/.pfx
// We got this .p12 from https://badssl.com/download/
password = "badssl.com";
success = CkCert_LoadPfxFile(cert,"qa_data/pfx/badssl.com-client.p12",password);
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkScMinidriver_DeleteContext(scmd);
CkScMinidriver_Dispose(scmd);
CkCert_Dispose(cert);
return;
}
// Also authenticate using "3", the digital signature PIN.
// (Of course, use your PIN which may be different than "12345678")
retval = CkScMinidriver_PinAuthenticate(scmd,"3","12345678");
if (retval != 0) {
printf("PIN Authentication failed.\n");
CkScMinidriver_DeleteContext(scmd);
CkScMinidriver_Dispose(scmd);
CkCert_Dispose(cert);
return;
}
// Let's import this certificate as the "signature" key/cert in key container #6.
containerIndex = 6;
keySpec = "sig";
// Note the last argument (the pin ID) is "3". This is the required PIN ID for the IDPrime MD T=0 smart card.
success = CkScMinidriver_ImportCert(scmd,cert,containerIndex,keySpec,"3");
if (success == FALSE) {
printf("%s\n",CkScMinidriver_lastErrorText(scmd));
}
else {
printf("Successfully imported the cert + private key onto the smart card.\n");
}
// Delete the context when finished with the card.
success = CkScMinidriver_DeleteContext(scmd);
if (success == FALSE) {
printf("%s\n",CkScMinidriver_lastErrorText(scmd));
}
CkScMinidriver_Dispose(scmd);
CkCert_Dispose(cert);
}