As we said in
Introduction to PKCS#11 specifications, the API is defined in C language and the PKCS#11
modules are implemented in C as native unmanaged libraries. In order to
use it in a .NET application we have no chance to avoid from using
platform invoke services (
P-Invoke), supplied by the .NET
framework, to import the unmanaged functions of the native API in our C#
and/or VB.NET managed code. But importing such functions from an
unmanaged dll, expecially from a highly complex PKCS#11 dll, requires
very advanced skills in C/C++ and .NET and compels a lot of tedious work
to write the declaration of the prototypes related to the functions
using the P-Invoke rules and to deal with the marshalling of custom
parameters.
NCryptoki library allows to avoid from dealing with P-Invoke declarations and unmanaged code saving a lot of tedious work.
NCryptoki
NCryptoki is a library for .NET framework that implements the PKCS#11
specifications and supplies an API for C#, VB.NET, Visual Basic 6,
Delphi and other COM interop languages for integrating a PKCS#11
compliant token in any application.
NCryptoki maps the cryptoki's functions defined in PKCS#11
specification in a set of high level classes usable in C#, VB.NET and
propose a programming paradigm that allows to integrate your PKCS#11
compliant token in your applications easily with a few lines of code.
NCryptoki supplies also a
COM interface that allows to use the supplied classes in any language that supports COM interop like Visual Basic 6, Delphi etc.
NCryptoki is composed by two dlls:
- NCryptoki.dll that implements the .NET class hierarchy explained below
- NCryptkiMngd.dll that implements the C++ Managed layer between the PKCS#11 native library and the .NET classes.
The programming paradigm is very similar to the one described in C programming language in PKCS#11 specifications: the PKCS#11 C functions are mapped into a set of .NET classes that follows the same classification described above.
Figure 1 at right shows the class hierarchy of NCryptoki.
Figure 1 |
Cryptokiis the main class that allows to use the library, the classes
Slot and
Token enclose the slot-handling and token-handling functions, while the class
CryptokiObject
encapsulates the object-handling functions as well as the definitions
related to objects’ classes and their attributes. The class
Session includes the
OpenSession and
CloseSession
functions, the functions related to login and logout, the search
functions to search for PKCS#11 objects and, finally, the cryptographic
and hashing functions and the other functions defined in the PKCS#11
specifications