Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(SQL Server) Use a Smart Card Certificate + Private Key for SSL/TLS AuthenticationSee more ScMinidriver ExamplesDemonstrates how to use a certificate + private key located on a smart card for the TLS client certificate in an HTTPS request.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. DECLARE @scmd int -- Use "Chilkat_9_5_0.ScMinidriver" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.ScMinidriver', @scmd OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- Reader names (smart card readers or USB tokens) can be discovered -- via List Readers or Find Smart Cards DECLARE @readerName nvarchar(4000) SELECT @readerName = 'SCM Microsystems Inc. SCR33x USB Smart Card Reader 0' DECLARE @success int EXEC sp_OAMethod @scmd, 'AcquireContext', @success OUT, @readerName IF @success = 0 BEGIN EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @scmd RETURN END -- If successful, the name of the currently inserted smart card is available: EXEC sp_OAGetProperty @scmd, 'CardName', @sTmp0 OUT PRINT 'Card name: ' + @sTmp0 -- If desired, perform regular PIN authentication with the smartcard. -- For more details about smart card PIN authentication, see the Smart Card PIN Authentication Example DECLARE @retval int EXEC sp_OAMethod @scmd, 'PinAuthenticate', @retval OUT, 'user', '000000' IF @retval <> 0 BEGIN PRINT 'PIN Authentication failed.' END -- You can find a cerficate using any of the following certificate parts: -- "subjectDN" -- The full distinguished name of the cert. -- "subjectDN_withTags" -- Same as above, but in a format that includes the subject part tags, such as the "CN=" in "CN=something" -- "subjectCN" -- The common name part (CN) of the certificate's subject. -- "serial" -- The certificate serial number. -- "serial:issuerCN" -- The certificate serial number + the issuer's common name, delimited with a colon char. -- These are the same certificate parts that can be retrieved by listing certificates on the smart card (or USB token). -- See List Certificates on Smart Card Example DECLARE @certPart nvarchar(4000) SELECT @certPart = 'subjectCN' DECLARE @partValue nvarchar(4000) SELECT @partValue = 'BadSSL Client Certificate' -- If the certificate is found, it is loaded into the cert object. -- Note: We imported this certificate from a .p12/.pfx using this Example to Import a .pfx/.p12 onto a Smart Card DECLARE @cert int -- Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT EXEC sp_OAMethod @scmd, 'FindCert', @success OUT, @certPart, @partValue, @cert IF @success = 0 BEGIN PRINT 'Failed to find the certificate.' EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT EXEC @hr = sp_OADestroy @scmd EXEC @hr = sp_OADestroy @cert RETURN END PRINT 'Successfully loaded the cert object from the smart card / USB token.' -- Note: When successful, the cert object is internally linked to the ScMinidriver object's authenticated session. -- The cert object can now be used to sign or do other cryptographic operations that occur on the smart card / USB token. -- If your application calls PinDeauthenticate or DeleteContext, the cert will no longer be able to sign on the smart card -- because the smart card ScMinidriver session will no longer be authenticated or deleted. -- ------------------------------------------------------------------------------------------------------------ -- Send an HTTPS request to https://client.badssl.com -- https://client.badssl.com (part of the badssl.com service) lets you test authentication using client SSL certificates. -- The client certificate can be downloaded from https://badssl.com/download/. -- This server returns 200 OK if the correct client certificate is provided, and 400 Bad Request otherwise. DECLARE @http int -- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT -- Provide the client certificate (linked internally to our authenticated smartcard session) EXEC sp_OAMethod @http, 'SetSslClientCert', @success OUT, @cert IF @success = 0 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT EXEC @hr = sp_OADestroy @scmd EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @http RETURN END DECLARE @responseBody nvarchar(4000) EXEC sp_OAMethod @http, 'QuickGetStr', @responseBody OUT, 'https://client.badssl.com/' EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT IF @iTmp0 = 0 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT EXEC @hr = sp_OADestroy @scmd EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @http RETURN END EXEC sp_OAGetProperty @http, 'LastStatus', @iTmp0 OUT PRINT 'Response status code: ' + @iTmp0 PRINT 'Response body: ' PRINT @responseBody -- ------------------------------------------------------------------------------------------------------------ -- Cleanup our ScMinidriver session... -- When finished with operations that required authentication, you may if you wish, deauthenticate the session. EXEC sp_OAMethod @scmd, 'PinDeauthenticate', @success OUT, 'user' IF @success = 0 BEGIN EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 END -- Delete the context when finished with the card. EXEC sp_OAMethod @scmd, 'DeleteContext', @success OUT IF @success = 0 BEGIN EXEC sp_OAGetProperty @scmd, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 END EXEC @hr = sp_OADestroy @scmd EXEC @hr = sp_OADestroy @cert EXEC @hr = sp_OADestroy @http END GO |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.