问题
I am making an application, in C#4, that has to sign a XML file. I'd no great problems, until I bumped into this: accessing a smart-card/token to get its certificates and private keys.
Nothing really out of the box, just get the certificate and key, based in a password.
Does anyone know how to do it without any paid framework?
回答1:
The Microsoft Crypto API's support the ability to interact with hardware devices out of the box. This will require that your card have a driver provided by the manufacture though. Depending on the card and OS the driver may have already downloaded for you. The following .NET article should help you at least get started and see if you can use some of the MSoft API's out of the box. http://msdn.microsoft.com/en-us/library/ms229931.aspx.
If you have additional information about the type of card you are utilizing you may be able to use PC/SC and specific APDU commands to ask the card to sign or encrypt information for you. It is common for card applets to not permit retrieval of a certificates private key for security reasons.
Good Luck. Add a comment if you have some more questions about this.
来源:https://stackoverflow.com/questions/8422617/access-certificate-and-private-key-from-pkcs11-token-or-smart-card