Tcl
Tcl
ScMinidriver - Load Certificate from Smart Card or USB Token by Index
See more ScMinidriver Examples
Demonstrates how to load a certificate located on a smart card or USB token by key container index.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set scmd [new_CkScMinidriver]
# Reader names (smart card readers or USB tokens) can be discovered
# via List Readers or Find Smart Cards
set readerName "SCM Microsystems Inc. SCR33x USB Smart Card Reader 0"
set success [CkScMinidriver_AcquireContext $scmd $readerName]
if {$success == 0} then {
puts [CkScMinidriver_lastErrorText $scmd]
delete_CkScMinidriver $scmd
exit
}
# If successful, the name of the currently inserted smart card is available:
puts "Card name: [CkScMinidriver_cardName $scmd]"
# If desired, perform regular PIN authentication with the smartcard.
# For more details about smart card PIN authentication, see the Smart Card PIN Authentication Example
set retval [CkScMinidriver_PinAuthenticate $scmd "user" "000000"]
if {$retval != 0} then {
puts "PIN Authentication failed."
}
set cert [new_CkCert]
# We can pass a specific key container index, or -1 to locate the 1st non-empty container containing a certificate and private key.
set keyContainerIndex -1
# keySpec can be "kex" or "sig" to indicate the key-exchange or signature position within the container.
# keySpec can also be "any" to accept either position, with preference given to the "sig" position if both are occupied.
set keySpec "any"
set success [CkScMinidriver_GetCert $scmd $keyContainerIndex $keySpec $cert]
if {$success == 0} then {
puts "Failed to load the certificate."
} else {
puts "Successfully loaded the cert object from the smart card / USB token."
# Note: When successful, the cert object is internally linked to the ScMinidriver object's authenticated session.
# The cert object can now be used to sign or do other cryptographic operations that occur on the smart card / USB token.
# If your application calls PinDeauthenticate or DeleteContext, the cert will no longer be able to sign on the smart card
# because the smart card ScMinidriver session will no longer be authenticated or deleted.
}
# ...
# ...
# ...
# When finished with operations that required authentication, you may if you wish, deauthenticate the session.
set success [CkScMinidriver_PinDeauthenticate $scmd "user"]
if {$success == 0} then {
puts [CkScMinidriver_lastErrorText $scmd]
}
# Delete the context when finished with the card.
set success [CkScMinidriver_DeleteContext $scmd]
if {$success == 0} then {
puts [CkScMinidriver_lastErrorText $scmd]
}
delete_CkScMinidriver $scmd
delete_CkCert $cert