2010-03-24 18:13:02 UTC
our company is providing Gemalto .NET (Minidriver) to the market as Gemalto
partner in region. We recently got an email from one of the application
developer regarding use of Minidriver smart cards and PIN "caching". The
problem they faced in their application is, that the user is prompted to
enter PIN code for multiple times if the use Minidriver smart card and only
promted once if they use "proprietary" smart card like ActivIdentity
ActivClient (middlware for this card implements own PIN caching mechanism).
Their aim is to use Minidriver card with only one prompt for PIN code.
Here is what they say:
We use .NET framework in Windows 7. User case is as follows:
1. User selects the certificate (standard certificate select window as in IE).
2. XML document is signed with the selected certificate (user is prompted
3. SSL session is established with server - mutual authentication with
selected certificate (user is again prompted for PIN).
4. On next instance of XML document signing, user is again prompted for PIN,
after that everything works as it should - no PIN prompts.
We use following standard .NET functions:
- select certificate:
- sign XML document: System.Security.Cryptography.Xml.SignedXml
- establish SSL: System.Net.Security.SslStream
What change of application is required in order to achieve that user is
prompted for a PIN only once? Can you provide an example or link to relevant