SQL Server
SQL Server
PKCS11 Find Driver Files
See more PKCS11 Examples
Uses Chilkat's SCard class to find smartcards/tokens present on the system (Windows/Linux/Mac/etc.) to return information about the expected PKCS11 drivers (DLL, shared lib, dylib) and the confirmed existing PKCS11 drivers present on the system.Once the PKCS11 driver file is discovered, it can be used as a starting point with the PKCS11 class, which is shown in this example.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
-- First discover the smart cards and tokens present on the system..
DECLARE @scard int
EXEC @hr = sp_OACreate 'Chilkat.SCard', @scard OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
DECLARE @json int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT
EXEC sp_OASetProperty @json, 'EmitCompact', 0
EXEC sp_OAMethod @scard, 'FindSmartcards', @success OUT, @json
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @scard, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
RETURN
END
EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
PRINT @sTmp0
-- Sample output:
-- Note: This example was tested on Windows, but it can also run on Linux and MacOSX.
-- {
-- "reader": [
-- {
-- "name": "Gemalto USB SmartCard Reader 0",
-- "state": "present,inuse",
-- "vendorName": "Gemalto",
-- "serialNumber": "3339424644374543",
-- "systemName": "Gemalto USB SmartCard Reader 0",
-- "card": {
-- "atr": "3B7F96000080318065B084565110120FFE829000",
-- "windows": {
-- "miniDriver": "AxaltoCM.dll",
-- "cryptoProvider": "Microsoft Base Smart Card Crypto Provider",
-- "keyStorageProvider": "Microsoft Smart Card Key Storage Provider"
-- },
-- "pkcs11_driver": {
-- "possible": [
-- "C:/Program Files/SafeNet/Authentication/SAC/x64/IDPrimePKCS1164.dll",
-- "C:/Program Files(x86)/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll",
-- "C:/Program Files/Gemalto/IDGo 800 PKCS#11/IDPrimePKCS1164.dll",
-- "C:/WINDOWS/SysWOW64/IDPrimePKCS1164.dll",
-- "C:/WINDOWS/SysWOW64/eTPKCS11.dll"
-- ],
-- "exists": [
-- "C:/Program Files/SafeNet/Authentication/SAC/x64/IDPrimePKCS1164.dll",
-- "C:/WINDOWS/SysWOW64/eTPKCS11.dll"
-- ]
-- }
-- }
-- }
-- ]
-- }
-- We're interested in the PKCS11 drivers that were found.
-- Find the 1st reader where the card is present. (The "state" contains the keyword "present")
DECLARE @json2 int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json2 OUT
EXEC sp_OAMethod @json, 'FindRecord2', @success OUT, 'reader', 'state', '*present*', 0, @json2
IF @success = 0
BEGIN
PRINT 'No readers exist with a smart card or token present.'
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @json2
RETURN
END
-- Get the size of the "card.pkcs11_driver.exists" array.
-- If it doesn't exist the size will be -1.
DECLARE @numExists int
EXEC sp_OAMethod @json2, 'SizeOfArray', @numExists OUT, 'card.pkcs11_driver.exists'
IF @numExists < 1
BEGIN
PRINT 'No PKCS11 driver files found for the smart card.'
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @json2
RETURN
END
-- Get the path of the 1st available PKCS11 driver.
DECLARE @pkcs11DriverPath nvarchar(4000)
EXEC sp_OAMethod @json2, 'StringOf', @pkcs11DriverPath OUT, 'card.pkcs11_driver.exists[0]'
PRINT 'PKCS11 driver path = ' + @pkcs11DriverPath
-- Now that we have a driver file, we can use it for PKCS11 access..
DECLARE @pkcs11 int
EXEC @hr = sp_OACreate 'Chilkat.Pkcs11', @pkcs11 OUT
EXEC sp_OASetProperty @pkcs11, 'SharedLibPath', @pkcs11DriverPath
EXEC sp_OAMethod @pkcs11, 'Initialize', @success OUT
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @json2
EXEC @hr = sp_OADestroy @pkcs11
RETURN
END
-- Get information about the smart card via PKCS11..
DECLARE @jsonPkcs11 int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonPkcs11 OUT
EXEC sp_OAMethod @pkcs11, 'Discover', @success OUT, 1, @jsonPkcs11
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @json2
EXEC @hr = sp_OADestroy @pkcs11
EXEC @hr = sp_OADestroy @jsonPkcs11
RETURN
END
EXEC sp_OASetProperty @jsonPkcs11, 'EmitCompact', 0
EXEC sp_OAMethod @jsonPkcs11, 'Emit', @sTmp0 OUT
PRINT @sTmp0
-- Use this online tool to generate parsing code from sample JSON:
-- Generate Parsing Code from JSON
-- Sample output:
-- {
-- "cryptokiVersion": {
-- "major": 2,
-- "minor": 20
-- },
-- "manufacturerID": "Gemalto",
-- "libraryDescription": "Gemalto PKCS11",
-- "libraryVersion": {
-- "major": 10,
-- "minor": 8
-- },
-- "slot": [
-- {
-- "id": 0,
-- "slotDescription": "Gemalto USB SmartCard Reader 0",
-- "manufacturerID": "Gemalto",
-- "tokenPresent": true,
-- "removableDevice": true,
-- "hardwareSlot": true,
-- "hardwareVersion": {
-- "major": 0,
-- "minor": 0
-- },
-- "firmwareVersion": {
-- "major": 0,
-- "minor": 0
-- },
-- "token": {
-- "label": "chilkat",
-- "manufacturerID": "Gemalto",
-- "model": "ID Prime MD",
-- "serialNumber": "2DD70CC46070255E",
-- "flags": [
-- "CKF_RNG",
-- "CKF_LOGIN_REQUIRED",
-- "CKF_USER_PIN_INITIALIZED",
-- "CKF_DUAL_CRYPTO_OPERATIONS",
-- "CKF_TOKEN_INITIALIZED",
-- "CKF_SO_PIN_COUNT_LOW",
-- "CKF_SO_PIN_LOCKED"
-- ],
-- "maxSessionCount": 0,
-- "sessionCount": 0,
-- "maxRwSessionCount": 0,
-- "rwSessionCount": 0,
-- "maxPinLen": 16,
-- "minPinLen": 4,
-- "totalPublicMemory": 32768,
-- "freePublicMemory": 32720,
-- "totalPrivateMemory": 32768,
-- "freePrivateMemory": 32720,
-- "hardwareVersion": {
-- "major": 0,
-- "minor": 0
-- },
-- "firmwareVersion": {
-- "major": 0,
-- "minor": 0
-- },
-- "utcTime": "",
-- "mechanism": [
-- "CKM_DES3_MAC",
-- "CKM_DES3_MAC_GENERAL",
-- "CKM_AES_MAC",
-- "CKM_AES_MAC_GENERAL",
-- "CKM_DES3_CBC",
-- "CKM_DES3_CBC_PAD",
-- "CKM_AES_CBC",
-- "CKM_AES_CBC_PAD",
-- "CKM_AES_CTR",
-- "CKM_AES_CCM",
-- "CKM_RSA_PKCS_KEY_PAIR_GEN",
-- "CKM_RSA_PKCS",
-- "CKM_RSA_PKCS_OAEP",
-- "CKM_RSA_PKCS_PSS",
-- "CKM_SHA256_RSA_PKCS_PSS",
-- "CKM_SHA384_RSA_PKCS_PSS",
-- "CKM_SHA512_RSA_PKCS_PSS",
-- "CKM_SHA256_RSA_PKCS",
-- "CKM_SHA384_RSA_PKCS",
-- "CKM_SHA512_RSA_PKCS",
-- "CKM_EC_KEY_PAIR_GEN",
-- "CKM_ECDSA",
-- "CKM_ECDSA_SHA256",
-- "CKM_ECDSA_SHA384",
-- "80000045",
-- "CKM_ECDSA_SHA512",
-- "CKM_ECDH1_DERIVE",
-- "CKM_DES3_KEY_GEN",
-- "CKM_AES_KEY_GEN",
-- "CKM_PBE_SHA1_DES3_EDE_CBC",
-- "CKM_GENERIC_SECRET_KEY_GEN",
-- "CKM_PBA_SHA1_WITH_SHA1_HMAC",
-- "CKM_PKCS5_PBKD2",
-- "CKM_SHA_1_HMAC_GENERAL",
-- "CKM_SHA_1_HMAC",
-- "CKM_SHA256_HMAC_GENERAL",
-- "CKM_SHA256_HMAC",
-- "CKM_SHA384_HMAC_GENERAL",
-- "CKM_SHA384_HMAC",
-- "CKM_SHA512_HMAC_GENERAL",
-- "CKM_SHA512_HMAC",
-- "CKM_SHA_1",
-- "CKM_SHA256",
-- "CKM_SHA384",
-- "CKM_SHA512",
-- "80006001"
-- ],
-- "rsa": {
-- "minKeySize": 2048,
-- "maxKeySize": 2048
-- }
-- }
-- }
-- ]
-- }
--
EXEC @hr = sp_OADestroy @scard
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @json2
EXEC @hr = sp_OADestroy @pkcs11
EXEC @hr = sp_OADestroy @jsonPkcs11
END
GO