views:

251

answers:

2

Does Dot NET supports PKCS11 certificates for HSM devices. If not, are there any other third party utilities available which supports pkcs11 certificates?

A: 

Note sure what you mean by "HSM device", so you will need to check the specifics of your requirements.

Otherwise .NET does support PKCS9, but no sign of PKCS11 in core .NET (for the former System.Security.Cryptography.Pkcs namespace).

Outside of core .NET there are some search hits (e.g. http://msdn.microsoft.com/en-us/library/microsoft.clm.shared.profiletemplates.smartcardprovidertype(VS.85).aspx).

Richard
even I could find none till now and believe there exists none as of now
Devil Jin
PKCS are just a bunch of standards ( just like RFCS ), PKCS#11 is a standard for using hardware crypto devices ( often called HSM - Hardware Security Module ).PKCS#11 is an API standard, various HSM vendors ship PKCS#11 compliant drivers (dynamic/shared libraries) that a PKCS#11 aware program can load up and use to generate keys, import certs and do general crypto etc.
IanNorton
A: 

I'm not a .NET specialist but according to Google PKIblackbox has a toolkit for .NET that speaks PCKS#11. Then there exist some PKCS#11-CSP wrappers which allow to access PKCS#11 modules via CryptoAPI, for what I assume .NET world has many helpers. One of such wrappers is CSP11

martin