Microcomputertechnik
Ergänzungen
Vorlesung Microcomputertechnik
Vorlesung
Headerfile(s)
Link Library
Ressource Manager
API
winscard.h
winscard.dll
MKT / CT-API
-
herstellerspezifisch
(eventuell selbst zu
erstellen)
(ctdeutin.DLL für
OMNIKEY Leser)
wincrypt.h
advapi32.dll
 Thomas Hüttner, Karin Mayr
Crypto API
(Rückgabewerte sind
in scarderr.h definiert)
(Utimaco Universal
Smartcard CSP)
PKCS#11
pkcs11.h
herstellerspezifisch
(pkcs11t.h +
pkcs11f.h)
(pkcs201n.dll für
Utimaco PKCS#11)
Vorlesung Microcomputertechnik
Programmierhinweise
Nützliche Links
PC/SC Standard


http://www.pcscworkgroup.com/
API Spezifikation: http://msdn.microsoft.com/library/



MKT / CT-API


http://www.darmstadt.gmd.de/~eckstein/CT/mkt.html#SPEK
Crypto API: http://msdn.microsoft.com/library/

Allgemeine Beschreibung:
 Thomas Hüttner, Karin Mayr


Security / Cryptography / Cryptographic API
Funktionen:


Security / Security (General) / SDK Documentation / Authentication /
Authentication Reference / Authentication Functions (Smart Card
Functions)
Funktionen beginnen mit SCard
Security / Security (General) / SDK Documentation / Cryptography /
Cryptography Reference / Cryptography Functions
PKCS#11

http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html
Vorlesung Microcomputertechnik


How to install a new PKCS#11 module

How to inspect a library

How to retrieve a certificate with an Internet PKI

How to inspect and verify a certificate

How to sign and decrypt e-mails
Vorlesung Microcomputertechnik
 Thomas Hüttner, Karin Mayr
Using PKCS#11 with Netscape
How to install a PKCS#11 Module (1/2)

Press “Security”
Select
“Cryptographic
Modules”

 Thomas Hüttner, Karin Mayr

get a list of
installed modules
To install a module,
press the “Add”
button
Vorlesung Microcomputertechnik

How to install a PKCS#11 Module (2/2)
The “Create a New Security
Module” dialog is shown



 Thomas Hüttner, Karin Mayr

Specify a module name
Enter the path and file name
of the PKCS#11 DLL
(sorry, there is no file select
button)
Press the “OK” button
Notice: It works only if the
path is set to the path where
the DLL is located
Vorlesung Microcomputertechnik

How to inspect a Library (1/3)
Select
“Cryptographic
Modules”
 Thomas Hüttner, Karin Mayr

get a list of
installed modules

Select one module
in the list

To inspect a
module, press the
“View/Edit” button
Vorlesung Microcomputertechnik

How to inspect a Library (2/3)


 Thomas Hüttner, Karin Mayr

The “Edit Security
Module” dialog is
shown
Select one of the
slots in the list box
to continue
Press “More Info…”
to get information
about the token
Press “Config” to
see supported
mechanisms and
configure the slot
Vorlesung Microcomputertechnik

How to inspect a Library (3/3)
Token / Slot information

Configure Slot
Vorlesung Microcomputertechnik
 Thomas Hüttner, Karin Mayr

How to retrieve a Certificate (1/2)
Get to VeriSign or GlobalSign
web page

VeriSign
(http://www.verisign.com/client/e
nrollment/index.html)

GlobalSign
(http://secure.globalsign.net/en/i
ndex.cfm)

 Thomas Hüttner, Karin Mayr

Follow the instructions they
give you
Don‘t forget to select the
device where you want to
store the certificate
Vorlesung Microcomputertechnik

How to retrieve a Certificate (2/2)
Don‘t forget:

 Thomas Hüttner, Karin Mayr

The e-mail
address must
correspond to
this one in the
preferences of
Netscape
Communicator
After having
received the
certificate click
on „Messenger“
button of the
security page
Vorlesung Microcomputertechnik

How to inspect and verify a Certificate

Select „Certificate –
Yours“
 Thomas Hüttner, Karin Mayr


get a list of
available
certificates
Select one certificate
Vorlesung Microcomputertechnik
(1/2)
How to inspect and verify a Certificate
(2/2)
Press „View“ to inspect a
certificate

Press „Verify“ to verify a
certificate
Vorlesung Microcomputertechnik
 Thomas Hüttner, Karin Mayr


 Thomas Hüttner, Karin Mayr


Choose the tab sheet „Message Sending Options“
Enable “Encrypted” and / or “Signed”
 Notice: To encrypt a mail you need the receiver’s certificate
 Press the “Security” button and choose “Certificates –
People” to see if you have one
Click on the “Send” button and present the PIN, when asked
Vorlesung Microcomputertechnik
How to sign and decrypt e-mails

Microcomputertechnik Vorlesung