More in depth in NCryptoki

Modified on 2011/06/01 20:53 by Administrator — Categorized as: Uncategorized

As we said in Introduction to PKCS#11 specifications, the API is defined in C language and the PKCS#11 modules are implemented in C as native unmanaged libraries. In order to use it in a .NET application we have no chance to avoid from using platform invoke services (P-Invoke),  supplied by the .NET framework, to import the unmanaged functions of the native API in our C# and/or VB.NET managed code. But importing such functions from an unmanaged dll, expecially from a highly complex PKCS#11 dll, requires very advanced skills in C/C++ and .NET and compels a lot of tedious work to write the declaration of the prototypes related to the functions using the P-Invoke rules and to deal with the marshalling of custom parameters.

NCryptoki library allows to avoid from dealing with P-Invoke declarations and unmanaged code saving a lot of tedious work.

NCryptoki

NCryptoki is a library for .NET framework that implements the PKCS#11 specifications and supplies an API for C#, VB.NET, Visual Basic 6, Delphi and other COM interop languages for integrating a PKCS#11 compliant token in any application.

NCryptoki maps the cryptoki's functions defined in PKCS#11 specification in a set of high level classes usable in C#, VB.NET and propose a programming paradigm that allows to integrate your PKCS#11 compliant token in your applications easily with a few lines of code.

NCryptoki supplies also a COM interface that allows to use the supplied classes in any language that supports COM interop like Visual Basic 6, Delphi etc.

NCryptoki is composed by two dlls:
  1. NCryptoki.dll that implements the .NET class hierarchy explained below
  2. NCryptkiMngd.dll that implements the C++ Managed layer between the PKCS#11 native library and the .NET classes.

The programming paradigm is very similar to the one described in C programming language in PKCS#11 specifications:  the PKCS#11 C functions are mapped into a set of .NET classes that follows the same classification described above.

Figure 1 at right shows the class hierarchy of NCryptoki.

Image

Figure 1


Cryptokiis the main class that allows to use the library, the classes Slot and Token enclose the slot-handling and token-handling functions, while the class CryptokiObject encapsulates the object-handling functions as well as the definitions related to objects’ classes and their attributes. The class Session includes the OpenSession and CloseSession functions, the functions related to login and logout, the search functions to search for PKCS#11 objects and, finally, the cryptographic and hashing functions and the other functions defined in the PKCS#11 specifications