ScMinidriver Delphi DLL Reference Documentation
ScMinidriver
Current Version: 11.1.0
A wrapper around the Microsoft Smart Card Minidriver API.
This class is specific to Windows.  ScMinidriver is a Windows-specific smart card minidriver that enables smart card authentication and cryptographic operations within Windows operating systems.
This class is introduced in Chilkat v9.5.0.87.
Create/Dispose
var myObject: HCkScMinidriver; begin myObject := CkScMinidriver_Create(); // ... CkScMinidriver_Dispose(myObject); end;
Creates an instance of the HCkScMinidriver object and returns a handle (i.e. a Pointer). The handle is passed in the 1st argument for the functions listed on this page.
Objects created by calling CkScMinidriver_Create must be freed by calling this method. A memory leak occurs if a handle is not disposed by calling this function.
Properties
Atr
function CkScMinidriver__atr(objHandle: HCkScMinidriver): PWideChar; stdcall;
The ATR of the card in the reader. This property is set by the AquireContext method.
See the notes about PWideChar memory ownership and validity.
topCardName
function CkScMinidriver__cardName(objHandle: HCkScMinidriver): PWideChar; stdcall;
The name of the card in the reader. This property is set by the AquireContext method.
See the notes about PWideChar memory ownership and validity.
topDebugLogFilePath
procedure CkScMinidriver_putDebugLogFilePath(objHandle: HCkScMinidriver; newPropVal: PWideChar); stdcall;
function CkScMinidriver__debugLogFilePath(objHandle: HCkScMinidriver): PWideChar; stdcall;
If set to a file path, this property logs the LastErrorText of each Chilkat method or property call to the specified file. This logging helps identify the context and history of Chilkat calls leading up to any crash or hang, aiding in debugging.
Enabling the VerboseLogging property provides more detailed information. This property is mainly used for debugging rare instances where a Chilkat method call causes a hang or crash, which should generally not happen.
Possible causes of hangs include:
- A timeout property set to 0, indicating an infinite timeout.
- A hang occurring within an event callback in the application code.
- An internal bug in the Chilkat code causing the hang.
See the notes about PWideChar memory ownership and validity.
LastErrorHtml
function CkScMinidriver__lastErrorHtml(objHandle: HCkScMinidriver): PWideChar; stdcall;
Provides HTML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.
See the notes about PWideChar memory ownership and validity.
topLastErrorText
function CkScMinidriver__lastErrorText(objHandle: HCkScMinidriver): PWideChar; stdcall;
Provides plain text information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.
See the notes about PWideChar memory ownership and validity.
LastErrorXml
function CkScMinidriver__lastErrorXml(objHandle: HCkScMinidriver): PWideChar; stdcall;
Provides XML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.
See the notes about PWideChar memory ownership and validity.
topLastMethodSuccess
procedure CkScMinidriver_putLastMethodSuccess(objHandle: HCkScMinidriver; newPropVal: wordbool); stdcall;
Indicates the success or failure of the most recent method call: True means success, False means failure. This property remains unchanged by property setters or getters.  This method is present to address challenges in checking for null or Nothing returns in certain programming languages.
MaxContainers
The maximum number of key containers available. The 1st key container is at index 0. Each key container can potentially contain one signature key, and one key exchange key.
topRsaPaddingHash
procedure CkScMinidriver_putRsaPaddingHash(objHandle: HCkScMinidriver; newPropVal: PWideChar); stdcall;
function CkScMinidriver__rsaPaddingHash(objHandle: HCkScMinidriver): PWideChar; stdcall;
If an RSA key is used for signing, this is the hash algorithm to used in conjunction with the padding scheme.  It can be SHA1, SHA256, SHA384, or SHA512.  The default is SHA256.
See the notes about PWideChar memory ownership and validity.
topRsaPaddingScheme
procedure CkScMinidriver_putRsaPaddingScheme(objHandle: HCkScMinidriver; newPropVal: PWideChar); stdcall;
function CkScMinidriver__rsaPaddingScheme(objHandle: HCkScMinidriver): PWideChar; stdcall;
If an RSA key is used for signing, this is the padding scheme to use.  It can be PKCS or PSS.  The default is PSS.
See the notes about PWideChar memory ownership and validity.
topUncommonOptions
procedure CkScMinidriver_putUncommonOptions(objHandle: HCkScMinidriver; newPropVal: PWideChar); stdcall;
function CkScMinidriver__uncommonOptions(objHandle: HCkScMinidriver): PWideChar; stdcall;
This is a catch-all property to be used for uncommon needs. This property defaults to the empty string and should typically remain empty.
See the notes about PWideChar memory ownership and validity.
topVerboseLogging
procedure CkScMinidriver_putVerboseLogging(objHandle: HCkScMinidriver; newPropVal: wordbool); stdcall;
If set to True, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is False.  Verbose logging should only be used for debugging.  The potentially large quantity of logged information may adversely affect peformance.
Version
function CkScMinidriver__version(objHandle: HCkScMinidriver): PWideChar; stdcall;
Version of the component/library, such as "10.1.0"
See the notes about PWideChar memory ownership and validity.
Methods
AcquireContext
readerName: PWideChar): wordbool; stdcall;
Initializes communication with the card inserted in the given reader. Reader names can be discovered via the SCard.ListReaders or SCard.FindSmartcards methods. If successful, the Atr and CardName properties will be set.
Returns True for success, False for failure.
CardDeleteFile
dirName: PWideChar;
fileName: PWideChar): wordbool; stdcall;
Deletes the file specified by dirName and fileName. dirName is the name of the directory that contains the file, or the empty string for root.
Returns True for success, False for failure.
topDeleteCert
cert: HCkCert;
delPrivKey: wordbool): wordbool; stdcall;
Deletes a certificate and optionally its associated private key from the smart card.  If delPrivKey is True, then the associated private key, if it exists, is also deleted.
Returns True for success, False for failure.
topDeleteContext
This function reverses the effect of AcquireContext and severs the communication between the Base CSP/KSP and the card minidriver. The Atr and CardName properties are cleared.
Returns True for success, False for failure.
topDeleteKeyContainer
containerIndex: Integer): wordbool; stdcall;
Deletes the key container at the given containerIndex.  This deletes both the signature and key exchange keys that may be contained in the specified key container.
Returns True for success, False for failure.
EnumFiles
dirName: PWideChar;
st: HCkStringTable): wordbool; stdcall;
Get the list of files in the directory specified by dirName. Pass the empty string for the root directory. The filenames are returned in st.
Returns True for success, False for failure.
topFindCert
certPart: PWideChar;
partValue: PWideChar;
cert: HCkCert): wordbool; stdcall;
Finds the certificate where the given certPart equals the partValue.  Possible values for certPart are: subjectDN, subjectDN_withTags, subjectCN, serial, or serial:issuerCN.
The cert is loaded with the certificate if successful.
Note: If successful, the cert will be linked internally with this ScMinidriver session such that certificate can be used for signing on the smart card when used in other Chilkat classes such as XmlDSigGen, Pdf, Crypt2, Mime, MailMan, etc.
Returns True for success, False for failure.
GenerateKey
containerIndex: Integer;
keySpec: PWideChar;
keyType: PWideChar;
keySize: Integer;
pinId: PWideChar): wordbool; stdcall;
Generates a key to be stored in either the signature or key exchange location within a key container.  Creates the key container if it does not already exist.  Otherwise replaces the key in the key container.  
The keySpec can be sig or kex to specify either the signature or key exchange location.
The keyType can be ecc or rsa.
For RSA keys, the keySize is the size of the key in bits, such as 1024, 2048, 4096, etc. (2048 is a typical value.) For ECC keys, the size can be 256, 384, or 521.
The pinId can be user, or 3 through 7.   (It is typically user.) 
Returns True for success, False for failure.
topGetCardProperties
json: HCkJsonObject): wordbool; stdcall;
Gets all card properties and returns them in json. See the example below.
Returns True for success, False for failure.
GetCert
containerIndex: Integer;
keySpec: PWideChar;
cert: HCkCert): wordbool; stdcall;
Get the certificate at the specified containerIndex and keySpec. The keySpec can be sig or kex to specify either the signature or key exchange location within the container.  The containerIndex can be -1 to choose the first key container  with a certificate. The keySpec can also be any to choose either sig or kex based on which is present, with preference given to sig if both are present.
The cert is loaded with the certificate if successful.
Note: If successful, the cert will be linked internally with this ScMinidriver session such that certificate can be used for signing on the smart card when used in other Chilkat classes such as XmlDSigGen, Pdf, Crypt2, Mime, MailMan, etc.
Returns True for success, False for failure.
GetContainerKeys
containerIndex: Integer;
sigKey: HCkPublicKey;
kexKey: HCkPublicKey): wordbool; stdcall;
Queries a key container to get the keys that are present. If the signature public key is present, it is returned in sigKey. If the key exchange key is present, it is returned in kexKey.
Returns True for success, False for failure.
GetCspContainerMap
json: HCkJsonObject): wordbool; stdcall;
Returns the contents of the CSP container map file (cmapfile). The information is returned in the json. This gives an overview of what key containers and certificates exist in the smart card from a CSP's point of view. See the example linked below.
Returns True for success, False for failure.
ImportCert
cert: HCkCert;
containerIndex: Integer;
keySpec: PWideChar;
pinId: PWideChar): wordbool; stdcall;
Imports a certificate with its private key onto the smart card. The cert must have an accessible private key, such as will be the case if the cert was loaded from a .pfx/.p12, or if the cert was loaded from a Windows certificate store where the private key exists (and can be exported from the Windows certificate store).
The containerIndex is the container index. It can range from 0 to the MaxContainers-1.
The keySpec can be sig or kex to specify either the signature or key exchange location within the container.
The pinId can be user, or 3 through 7.   (It is typically user.) 
Returns True for success, False for failure.
ImportKey
containerIndex: Integer;
keySpec: PWideChar;
privKey: HCkPrivateKey;
pinId: PWideChar): wordbool; stdcall;
Imports a key to be stored in either the signature or key exchange location within a key container.  Creates the key container if it does not already exist.  Otherwise replaces the specified key in the key container.  
The keySpec can be sig or kex to specify either the signature or key exchange location.
The privKey is the private key to import.
The ARG5 can be user, or 3 through 7.   (It is typically user.) 
Returns True for success, False for failure.
ListCerts
certPart: PWideChar;
st: HCkStringTable): wordbool; stdcall;
Lists the certs found on the smart card.  The certPart indicates the information to be returned from each certificate.  Possible values are: subjectDN, subjectDN_withTags, subjectCN, serial, or serial:issuerCN.  The information is returned in st.
Returns True for success, False for failure.
PinAuthenticate
pinId: PWideChar;
pin: PWideChar): Integer; stdcall;
Performs regular PIN authentication.  The pinId can be user, admin, or 3 through 7.   (It is typically user.)   The pin is the alphanumeric PIN.
Returns 0 for success. If not successful, the return value indicates the number of attempts remaining before the PIN is locked. (The number of times an incorrect PIN may be presented to the card before the PIN is blocked, and requires the admin to unblock it.) If the PIN is already blocked, the return value is -1. If the method fails for some other reason, such as if a context has not yet been acquired, the return value is -2.
PinAuthenticateHex
pinId: PWideChar;
pin: PWideChar): Integer; stdcall;
The same as PinAutheneticate, but the PIN is passed as a hex string.  For example, to pass a PIN of 0x01, 0x02, 0x03, 0x04, pass 01020304.
PinChange
pinId: PWideChar;
currentPin: PWideChar;
newPin: PWideChar): Integer; stdcall;
Changes a PIN.  The pinId can be user, admin, or 3 through 7.   (It is typically user.)   The currentPin is the current alphanumeric PIN.  The newPin is the new PIN.
Returns 0 for success. If not successful, the return value indicates the number of attempts remaining before the PIN is locked. (The number of times an incorrect PIN may be presented to the card before the PIN is blocked, and requires the admin to unblock it.) If the PIN is already blocked, the return value is -1. If the method fails for some other reason, such as if a context has not yet been acquired, the return value is -2.
PinDeauthenticate
pinId: PWideChar): wordbool; stdcall;
Reverses a previous PIN authentication without resetting the card. The pinId can be user, admin, or 3 through 7.   (It is typically user.)
Returns True for success, False for failure.
ReadFile
dirName: PWideChar;
fileName: PWideChar;
bd: HCkBinData): wordbool; stdcall;
Reads the entire file specified by dirName and fileName into bd. dirName is the name of the directory that contains the file, or the empty string for root.
Returns True for success, False for failure.
topSignData
containerIndex: Integer;
keySpec: PWideChar;
hashDataAlg: PWideChar;
bdData: HCkBinData;
bdSignedData: HCkBinData): wordbool; stdcall;
Signs the data passed in bdData.  The hashDataAlg can be sha1, sha256, sha384, sha512, or none.  If not equal to none, then the hash of the data passed in bdData is signed.
The containerIndex specifies the key container.  By specifying the key container, you are almost specifying the key.  A key container can contain two keys:  A signature key, and a key-exchange key.   The keySpec indicates which of these two keys to use.  keySpec should be set to sig or kex.
Note: The type of signature created, such as RSA or ECC, is determined by the type of key that exists in the key container (specified by containerIndex and keySpec). If it is an RSA key, additional options can be specified via the RsaPaddingScheme and RsaPaddingHash properties.
If successful, the signature is written to bdSignedData.
Returns True for success, False for failure.
topWriteFile
dirName: PWideChar;
fileName: PWideChar;
bd: HCkBinData): wordbool; stdcall;
Writes the entire file specified by dirName and fileName. dirName is the name of the directory that contains the file, or the empty string for root. The entire contents of bd are written to the file on the smart card.
Returns True for success, False for failure.
top