Discuss this help topic in SecureBlackbox Forum

Access hardware storages

The access to hardware storages in SecureBlackbox is provided by TElPKCS11CertStorage component. To get notified about a token or card reader insertion or removal, set MonitorSlotEvents property to True. After this, each time a token or card is removed or inserted, OnSlotEvent will be fired. This event returns information about the slot which has fired the event. Additional means to control slot monitoring is provided by SlotEventMonitoringMode property.

Various side effects, such as AV or hangup when removing a card or closing the application, etc., may arise when accessing hardware devices via PKCS#11. Additional problems include: token not visible while it should be, missing certificate or private key, etc. All these problems are normally resolved by doing one or more of the following:

  • Switching off slot event monitoring,
  • Using individual cryptoprovider with each storage component (not the global one),
  • Trying a single threaded mode,
  • Playing with PKCS11Options.

Use static PKCS11 libraries on iOS

For using SecureBlackbox PKCS11 components with static PKCS11 libraries on iOS you need to:

  1. For every static PKCS11 library implement callbacks with PKCS11-functions call redirections to your library's functions. You can find the corresponding C++ template in /Extra/PKCS11/ folder.
  2. Create an instance of TElPKCS11FunctionsManager class and set its callback events to the corresponding callback procedures.
  3. Pass the function manager object to your TElPKCS11CertStorage via its set_FunctionsManager() method.
In the static PKCS11 libraries the DLLName property of all relevant classes (TElPKCS11CertStorage, TElPKCS11Manager, TElSSHPKCS11KeyStorage) is substituted with FunctionsManager property: FunctionsManager : TElPKCS11FunctionsManager; Accordingly, TElPKCS11Module.HLib property type is substituted with TElPKCS11FunctionsManager.

How To articles related to PKCS#11

Discuss this help topic in SecureBlackbox Forum