|
|
(Tcl) ScMinidriver - Get Public Keys from Smart Card Key Container
Demonstrates how to query a key container on a smart card (or USB token) to get the public part of the private keys that are present. A key container can hold two separate private keys -- one in the "signature" position, and the other in the "key exchange" position.
load ./chilkat.dll
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Chilkat recommends the following free tool for interactively examining the contents of your smart card
# through the ScMinidriver interface: MGTEK Tool for Minidriver enabled Smart Cards
# Let's first look at our smart card..
# Here's the view of our Gemalto (Thales) IDPrime MD T=0 smart card in the MGTEK tool:
set scmd [new_CkScMinidriver]
# First we need to acquire a context to the smart card in the reader where it is inserted.
# Reader names (smart card readers or USB tokens) can be discovered
# via List Readers or Find Smart Cards
set readerName "Alcor Micro USB Smart Card Reader 0"
set success [CkScMinidriver_AcquireContext $scmd $readerName]
if {$success == 0} then {
puts [CkScMinidriver_lastErrorText $scmd]
delete_CkScMinidriver $scmd
exit
}
# If successful, the name of the currently inserted smart card is available:
puts "Card name: [CkScMinidriver_cardName $scmd]"
# We likely shouldn't need to authenticate with the smart card (use a PIN) to simply get a public key,
# so we can skip the PIN authenticatin step..
# Let's get the key(s) present in Container #7.
# In our case (shown in the image above), there is a private key in the "key exchange" position, but no key in the "signature" position.
set pubkey_sig [new_CkPublicKey]
set pubkey_kex [new_CkPublicKey]
set success [CkScMinidriver_GetContainerKeys $scmd 7 $pubkey_sig $pubkey_kex]
if {$success == 0} then {
puts [CkScMinidriver_lastErrorText $scmd]
delete_CkScMinidriver $scmd
delete_CkPublicKey $pubkey_sig
delete_CkPublicKey $pubkey_kex
exit
}
if {[CkPublicKey_get_Empty $pubkey_sig] == 1} then {
puts "No signature key is present."
} else {
puts "Signature key:"
puts [CkPublicKey_getPem $pubkey_sig 1]
}
if {[CkPublicKey_get_Empty $pubkey_kex] == 1} then {
puts "No Key Exchange key is present."
} else {
puts "Key Exchange key:"
puts [CkPublicKey_getPem $pubkey_kex 1]
}
CkScMinidriver_DeleteContext $scmd
puts "Success."
# Here's the output of the above sample code:
# Card name: IDPrime MD T=0
# No signature key is present.
# Key Exchange key:
# -----BEGIN RSA PUBLIC KEY-----
# MIIBCgKCAQEAsXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNi
# wUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv
# /gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyT
# Evb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUb
# E9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4
# ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRwIDAQAB
# -----END RSA PUBLIC KEY-----
delete_CkScMinidriver $scmd
delete_CkPublicKey $pubkey_sig
delete_CkPublicKey $pubkey_kex
|
