CkScMinidriver PHP Extension Reference Documentation

CkScMinidriver

Current Version: 9.5.0.88

A wrapper around the Microsoft Smart Card Minidriver API.

This class is introduced in Chilkat v9.5.0.87.

Object Creation

$obj = new CkScMinidriver();

Properties

Atr
(read-only)
string atr();
Introduced in version 9.5.0.87

The ATR of the card in the reader. This property is set by the AquireContext method.

top
CardName
(read-only)
string cardName();
Introduced in version 9.5.0.87

The name of the card in the reader. This property is set by the AquireContext method.

top
DebugLogFilePath
string debugLogFilePath();
void put_DebugLogFilePath(string strVal);

If set to a file path, causes each Chilkat method or property call to automatically append it's LastErrorText to the specified log file. The information is appended such that if a hang or crash occurs, it is possible to see the context in which the problem occurred, as well as a history of all Chilkat calls up to the point of the problem. The VerboseLogging property can be set to provide more detailed information.

This property is typically used for debugging the rare cases where a Chilkat method call hangs or generates an exception that halts program execution (i.e. crashes). A hang or crash should generally never happen. The typical causes of a hang are:

  1. a timeout related property was set to 0 to explicitly indicate that an infinite timeout is desired,
  2. the hang is actually a hang within an event callback (i.e. it is a hang within the application code), or
  3. there is an internal problem (bug) in the Chilkat code that causes the hang.

top
LastErrorHtml
(read-only)
string lastErrorHtml();

Provides information in HTML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

top
LastErrorText
(read-only)
string lastErrorText();

Provides information in plain-text format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

top
LastErrorXml
(read-only)
string lastErrorXml();

Provides information in XML format about the last method/property called. If a method call returns a value indicating failure, or behaves unexpectedly, examine this property to get more information.

top
LastMethodSuccess
bool get_LastMethodSuccess()
void put_LastMethodSuccess(bool boolVal);
Introduced in version 9.5.0.52

Indicate whether the last method call succeeded or failed. A value of true indicates success, a value of false indicates failure. This property is automatically set for method calls. It is not modified by property accesses. The property is automatically set to indicate success for the following types of method calls:

  • Any method that returns a string.
  • Any method returning a Chilkat object, binary bytes, or a date/time.
  • Any method returning a standard boolean status value where success = true and failure = false.
  • Any method returning an integer where failure is defined by a return value less than zero.

Note: Methods that do not fit the above requirements will always set this property equal to true. For example, a method that returns no value (such as a "void" in C++) will technically always succeed.

top
MaxContainers
(read-only)
int get_MaxContainers()
Introduced in version 9.5.0.87

The maximum number of key containers available. The 1st key container is at index 0. Each key container can potentially contain one signature key, and one key exchange key.

top
RsaPaddingHash
string rsaPaddingHash();
void put_RsaPaddingHash(string strVal);
Introduced in version 9.5.0.87

If an RSA key is used for signing, this is the hash algorithm to used in conjunction with the padding scheme. It can be "SHA1", "SHA256", "SHA384", or "SHA512". The default is "SHA256".

top
RsaPaddingScheme
string rsaPaddingScheme();
void put_RsaPaddingScheme(string strVal);
Introduced in version 9.5.0.87

If an RSA key is used for signing, this is the padding scheme to use. It can be "PKCS" or "PSS". The default is "PSS".

top
UncommonOptions
string uncommonOptions();
void put_UncommonOptions(string strVal);
Introduced in version 9.5.0.87

This is a catch-all property to be used for uncommon needs. This property defaults to the empty string and should typically remain empty.

top
Utf8
bool get_Utf8()
void put_Utf8(bool boolVal);

When set to true, all "const char *" arguments are interpreted as utf-8 strings. If set to false (the default), then "const char *" arguments are interpreted as ANSI strings. Also, when set to true, and Chilkat method returning a "const char *" is returning the utf-8 representation. If set to false, all "const char *" return values are ANSI strings.

top
VerboseLogging
bool get_VerboseLogging()
void put_VerboseLogging(bool boolVal);

If set to true, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is false. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.

top
Version
(read-only)
string version();

Version of the component/library, such as "9.5.0.63"

top

Methods

AcquireContext
bool AcquireContext(string readerName);
Introduced in version 9.5.0.87

Initializes communication with the card inserted in the given reader. Reader names can be discovered via the SCard.ListReaders or SCard.FindSmartcards methods. If successful, the Atr and CardName properties will be set.

Returns true for success, false for failure.

top
CardDeleteFile
bool CardDeleteFile(string dirName, string fileName);
Introduced in version 9.5.0.88

Deletes the file specified by dirName and fileName. dirName is the name of the directory that contains the file, or the empty string for root.

Returns true for success, false for failure.

top
DeleteCert
bool DeleteCert(CkCert cert, bool delPrivKey);
Introduced in version 9.5.0.88

Deletes a certificate and optionally its associated private key from the smart card. If delPrivKey is true, then the associated private key, if it exists, is also deleted.

Returns true for success, false for failure.

top
DeleteContext
bool DeleteContext();
Introduced in version 9.5.0.87

This function reverses the effect of AcquireContext and severs the communication between the Base CSP/KSP and the card minidriver. The Atr and CardName properties are cleared.

Returns true for success, false for failure.

top
DeleteKeyContainer
bool DeleteKeyContainer(int containerIndex);
Introduced in version 9.5.0.87

Deletes the key container at the given containerIndex. This deletes both the "signature" and "key exchange" keys that may be contained in the specified key container.

Returns true for success, false for failure.

More Information and Examples
top
EnumFiles
bool EnumFiles(string dirName, CkStringTable st);
Introduced in version 9.5.0.87

Get the list of files in the directory specified by dirName. Pass the empty string for the root directory. The filenames are returned in st.

Returns true for success, false for failure.

top
FindCert
bool FindCert(string certPart, string partValue, CkCert cert);
Introduced in version 9.5.0.87

Finds the certificate where the given certPart equals the partValue. Possible values for certPart are: "subjectDN", "subjectDN_withTags", "subjectCN", "serial", or "serial:issuerCN".

The cert is loaded with the certificate if successful.

Note: If successful, the cert will be linked internally with this ScMinidriver session such that certificate can be used for signing on the smart card when used in other Chilkat classes such as XmlDSigGen, Pdf, Crypt2, Mime, MailMan, etc.

Returns true for success, false for failure.

top
GenerateKey
bool GenerateKey(int containerIndex, string keySpec, string keyType, int keySize, string pinId);
Introduced in version 9.5.0.87

Generates a key to be stored in either the "signature" or "key exchange" location within a key container. Creates the key container if it does not already exist. Otherwise replaces the key in the key container.

The keySpec can be "sig" or "kex" to specify either the "signature" or "key exchange" location.

The keyType can be "ecc" or "rsa".

For RSA keys, the keySize is the size of the key in bits, such as 1024, 2048, 4096, etc. (2048 is a typical value.) For ECC keys, the size can be 256, 384, or 521.

The pinId can be "user", or "3" through "7". (It is typically "user".)

Returns true for success, false for failure.

top
GetCardProperties
bool GetCardProperties(CkJsonObject json);
Introduced in version 9.5.0.87

Gets all card properties and returns them in json. See the example below.

Returns true for success, false for failure.

More Information and Examples
top
GetCert
bool GetCert(int containerIndex, string keySpec, CkCert cert);
Introduced in version 9.5.0.87

Get the certificate at the specified containerIndex and keySpec. The keySpec can be "sig" or "kex" to specify either the "signature" or "key exchange" location within the container. The containerIndex can be -1 to choose the first key container with a certificate. The keySpec can also be "any" to choose either "sig" or "kex" based on which is present, with preference given to "sig" if both are present.

The cert is loaded with the certificate if successful.

Note: If successful, the cert will be linked internally with this ScMinidriver session such that certificate can be used for signing on the smart card when used in other Chilkat classes such as XmlDSigGen, Pdf, Crypt2, Mime, MailMan, etc.

Returns true for success, false for failure.

top
GetContainerKeys
bool GetContainerKeys(int containerIndex, CkPublicKey sigKey, CkPublicKey kexKey);
Introduced in version 9.5.0.87

Queries a key container to get the keys that are present. If the signature public key is present, it is returned in sigKey. If the key exchange key is present, it is returned in kexKey.

Returns true for success, false for failure.

top
GetCspContainerMap
bool GetCspContainerMap(CkJsonObject json);
Introduced in version 9.5.0.87

Returns the contents of the CSP container map file (cmapfile). The information is returned in the json. This gives an overview of what key containers and certificates exist in the smart card from a CSP's point of view. See the example linked below.

Returns true for success, false for failure.

top
ImportCert
bool ImportCert(CkCert cert, int containerIndex, string keySpec, string pinId);
Introduced in version 9.5.0.87

Imports a certificate with its private key onto the smart card. The cert must have an accessible private key, such as will be the case if the cert was loaded from a .pfx/.p12, or if the cert was loaded from a Windows certificate store where the private key exists (and can be exported from the Windows certificate store).

The containerIndex is the container index. It can range from 0 to the MaxContainers-1.

The keySpec can be "sig" or "kex" to specify either the "signature" or "key exchange" location within the container.

The pinId can be "user", or "3" through "7". (It is typically "user".)

Returns true for success, false for failure.

top
ImportKey
bool ImportKey(int containerIndex, string keySpec, CkPrivateKey privKey, string pinId);
Introduced in version 9.5.0.87

Imports a key to be stored in either the "signature" or "key exchange" location within a key container. Creates the key container if it does not already exist. Otherwise replaces the specified key in the key container.

The keySpec can be "sig" or "kex" to specify either the "signature" or "key exchange" location.

The privKey is the private key to import.

The ARG5 can be "user", or "3" through "7". (It is typically "user".)

Returns true for success, false for failure.

top
ListCerts
bool ListCerts(string certPart, CkStringTable st);
Introduced in version 9.5.0.87

Lists the certs found on the smart card. The certPart indicates the information to be returned from each certificate. Possible values are: "subjectDN", "subjectDN_withTags", "subjectCN", "serial", or "serial:issuerCN". The information is returned in st.

Returns true for success, false for failure.

top
PinAuthenticate
int PinAuthenticate(string pinId, string pin);
Introduced in version 9.5.0.87

Performs regular PIN authentication. The pinId can be "user", "admin", or "3" through "7". (It is typically "user".) The pin is the alphanumeric PIN.

Returns 0 for success. If not successful, the return value indicates the number of attempts remaining before the PIN is locked. (The number of times an incorrect PIN may be presented to the card before the PIN is blocked, and requires the admin to unblock it.) If the PIN is already blocked, the return value is -1. If the method fails for some other reason, such as if a context has not yet been acquired, the return value is -2.

top
PinAuthenticateHex
int PinAuthenticateHex(string pinId, string pin);
Introduced in version 9.5.0.87

The same as PinAutheneticate, but the PIN is passed as a hex string. For example, to pass a PIN of 0x01, 0x02, 0x03, 0x04, pass "01020304".

top
PinChange
int PinChange(string pinId, string currentPin, string newPin);
Introduced in version 9.5.0.87

Changes a PIN. The pinId can be "user", "admin", or "3" through "7". (It is typically "user".) The currentPin is the current alphanumeric PIN. The newPin is the new PIN.

Returns 0 for success. If not successful, the return value indicates the number of attempts remaining before the PIN is locked. (The number of times an incorrect PIN may be presented to the card before the PIN is blocked, and requires the admin to unblock it.) If the PIN is already blocked, the return value is -1. If the method fails for some other reason, such as if a context has not yet been acquired, the return value is -2.

top
PinDeauthenticate
bool PinDeauthenticate(string pinId);
Introduced in version 9.5.0.87

Reverses a previous PIN authentication without resetting the card. The pinId can be "user", "admin", or "3" through "7". (It is typically "user".)

Returns true for success, false for failure.

top
ReadFile
bool ReadFile(string dirName, string fileName, CkBinData bd);
Introduced in version 9.5.0.87

Reads the entire file specified by dirName and fileName into bd. dirName is the name of the directory that contains the file, or the empty string for root.

Returns true for success, false for failure.

top
SignData
bool SignData(int containerIndex, string keySpec, string hashDataAlg, CkBinData bdData, CkBinData bdSignedData);
Introduced in version 9.5.0.87

Signs the data passed in bdData. The hashDataAlg can be "sha1", "sha256", "sha384", "sha512", or "none". If not equal to "none", then the hash of the data passed in bdData is signed.

The containerIndex specifies the key container. By specifying the key container, you are almost specifying the key. A key container can contain two keys: A signature key, and a key-exchange key. The keySpec indicates which of these two keys to use. keySpec should be set to "sig" or "kex".

Note: The type of signature created, such as RSA or ECC, is determined by the type of key that exists in the key container (specified by containerIndex and keySpec). If it is an RSA key, additional options can be specified via the RsaPaddingScheme and RsaPaddingHash properties.

If successful, the signature is written to bdSignedData.

Returns true for success, false for failure.

top
WriteFile
bool WriteFile(string dirName, string fileName, CkBinData bd);
Introduced in version 9.5.0.87

Writes the entire file specified by dirName and fileName. dirName is the name of the directory that contains the file, or the empty string for root. The entire contents of bd are written to the file on the smart card.

Returns true for success, false for failure.

top