Platform SDK: Smart Card Enrollment Control |
The following HTML script depicts a basic example using the Smart Card Enrollment Control. The example uses Microsoft Visual Basic Scripting Edition.
<HTML> <TITLE>Microsoft Smart Card Enrollment Control Demonstration </TITLE> <OBJECT classid="clsid:80CB7887-20DE-11D2-8D5C-00C04FC29D45" CODEBASE="scrdenrl.dll" id=Senroll > </OBJECT> <B>Microsoft Smart Card Enrollment Control</B> <SCRIPT language="VBScript"> <!-- ' The following subroutines are contained in this script: ' ChangeCSP - called when the user specifies the CSP. ' ChangeCT - called when the user specifies the certificate template name. ' CTType_OnClick - called when the certificate template type changes. ' EnableEnroll - enables or disables the 'Enroll' button. ' Enroll_OnClick - enrolls for a certificate. ' GetSign_OnClick - selects a signing certificate. ' GetUser_OnClick - invokes the 'Select user' dialog. ' Initialize - executes when the script is downloaded to the client. ' RemoveItems - empties a list box. ' Reset_OnClick - resets the user name. ' UpdateCA - displays the certificate authorities in a list box. ' UpdateCSP - displays the crypto service providers in a list box. ' UpdateCT - displays the certificate templates in a list box. ' ViewCert_OnClick - displays the enrolled certificate. Option Explicit ' Variables to determine if the necessary information ' has been provided by the admin user. These variables ' determine if the 'Enroll' button is enabled or disabled. Dim CSP_OK ' Cryptographic Service Provider specified. Dim SignCert_OK ' Signing Certificate specified. Dim CT_OK ' Certificate template specified. Dim CA_OK ' Certification Authority specified. Dim User_OK ' User name specified. ' Consts Const SCARD_ENROLL_USER_CERT_TEMPLATE = &H1 Const SCARD_ENROLL_MACHINE_CERT_TEMPLATE = &H2 Const SCARD_ENROLL_UPN_NAME = 1 Const SCARD_ENROLL_SAM_COMPATIBLE_NAME = 2 Const SCARD_ENROLL_CA_MACHINE_NAME = &H1 Const SCARD_ENROLL_NO_DISPLAY_CERT = &H1 sub ChangeCSP Senroll.CSPName = document.SCEnrForm.CSP.value end sub sub ChangeCT Senroll.setCertTemplateName 0, document.SCEnrForm.CT.value Call UpdateCA() end sub sub CTType_OnClick ' The certificate template type changed; ' update the list of certificate templates accordingly. Call UpdateCT() end sub sub EnableEnroll() ' This procedure enables the "Enroll" button if the necessary ' information has been entered. This gets called whenever a ' change occurs to the CSP, SigningCert, CT or User. ' This doesn't get called when the CA is changed because ' a change to the CT determines the availability of a CA. Dim Data_OK Data_OK = CSP_OK And SignCert_OK And CT_OK And CA_OK And User_OK document.SCEnrForm.Enroll.disabled = Not Data_OK end sub sub Enroll_OnClick Senroll.enroll(0) ' Allow the resulting cert to be viewed. SCEnrForm.ViewCert.disabled=False end sub sub GetSign_OnClick Dim strSignCert ' Select the EnrollmentAgent signing certificate. Senroll.selectSigningCertificate 0, "EnrollmentAgent" ' Retrieve the name of the signing certificate ' without displaying the cert user interface. strSignCert = Senroll.getSigningCertificateName(SCARD_ENROLL_NO_DISPLAY_CERT) If ( "" <> strSignCert ) Then document.SCEnrForm.SignCert.value = strSignCert SignCert_OK = True Else SignCert_OK = False End If ' Updated SignCert_OK flag. Call EnableEnroll() end sub sub GetUser_OnClick Dim strUser ' Clear user/certificate info. call Reset_OnClick() ' Invoke the 'Select user' dialog. Senroll.selectUserName(0) ' Retrieve the user name. strUser = Senroll.getUserName(0) If ( "" <> strUSer ) Then ' Display the user name in the form. document.SCEnrForm.User.Value = strUser ' Allow the administrator to clear this user info. document.SCEnrForm.Reset.disabled = False User_OK = True ' Because User_OK changed, call EnableEnroll(). Call EnableEnroll() End If end sub sub Initialize ' Set the information variables to false. CSP_OK = false SignCert_OK = false CT_OK = false CA_OK = false User_OK = false ' Update the CSP listbox. Call UpdateCSP() ' Update the certificate template listbox. Call UpdateCT() ' Instruct the administrator to select a signing cert. document.SCEnrForm.SignCert.Value = "Select a signing certificate" ' Instruct the administrator to select a user. document.SCEnrForm.User.Value = "Select a user" end sub ' Remove all elements of a list box. sub RemoveItems( List1 ) Dim nCount, nIndex, LB ' Determine which list box is being emptied. Select Case List1 Case "CA" set LB = document.SCEnrForm.CA Case "CT" set LB = document.SCEnrForm.CT Case Else Exit Sub End Select ' Remove items in a loop. nCount = LB.length For nIndex = 0 to nCount - 1 LB.Remove 0 Next end sub sub Reset_OnClick Senroll.resetUser() document.SCEnrForm.User.Value = "Select a user" ' Disable this button (it will be enabled when a user is selected). document.SCEnrForm.Reset.disabled = True ' Disable the ViewCert button, because ' the resetUser() method removes the cert from memory. SCEnrForm.ViewCert.disabled=True User_OK = False ' Disable enroll button. Call EnableEnroll() end sub sub UpdateCA ' Update the list of CAs. ' This will be called every time a different Cert Template is selected. Dim nCount, nIndex, strCTName, Element ' Empty the list of CAs currently displayed. RemoveItems("CA") ' List the CAs for the current certificate template. strCTName = Senroll.getCertTemplateName( 0 ) nCount = Senroll.getCACount(strCTName) If ( 0 = nCount ) Then CA_OK = False MsgBox("No Certification Authority is available for the specified certificate template.") Else ' At least one CA exists. CA_OK = True ' Populate the list of CAs. For nIndex = 0 To nCount - 1 Set Element=document.createElement("OPTION") Element.text=Senroll.enumCAName( nIndex, 0, strCTName ) Element.value=Element.text document.SCEnrForm.CA.Options.Add Element Next ' Select the top element in the list. document.SCEnrForm.CA.selectedIndex=0 End If end sub sub UpdateCSP Dim nCount, nIndex, Element ' Display the CSPs in the list box. ' Determine the count of CSPs. nCount = Senroll.CSPCount If ( 0 = nCount ) Then MsgBox("No CSPs available.") Else ' At least one CSP exists. CSP_OK = True ' Add the CSP names to the CSP list For nIndex = 0 to nCount - 1 Set Element=document.createElement("OPTION") Element.text=Senroll.enumCSPName( nIndex, 0 ) Element.value=Element.text document.SCEnrForm.CSP.Options.Add Element Next ' Make the first item the selected item. ' This is for the user's viewing benefit. ' The Smart Card enrollment control upon initialization will ' have set the CSPName property to the value ' returned by enumCSPName(0, 0). document.SCEnrForm.CSP.selectedIndex=0 End If end sub sub UpdateCT Dim nIndex, nCount, Element, CertTempType ' Determine the Type of certificate template. if ( document.SCenrForm.CTType(0).checked ) then CertTempType = SCARD_ENROLL_USER_CERT_TEMPLATE else CertTempType = SCARD_ENROLL_MACHINE_CERT_TEMPLATE end if ' Display the certificate templates in the list box. ' Empty the existing contents. RemoveItems("CT") ' Determine the count of Cert Templates. nCount = Senroll.getCertTemplateCount(CertTempType) If ( 0 = nCount ) Then CT_OK = False MsgBox("No certificate templates available.") Else ' At least one cert template exists. CT_OK = True ' Add the cert templates names to the CT list For nIndex = 0 to nCount - 1 Set Element=document.createElement("OPTION") Element.text=Senroll.enumCertTemplateName( nIndex, CertTempType ) Element.value=Element.text document.SCEnrForm.CT.Options.Add Element Next ' Make the first item the selected item. ' This is for the user's viewing benefit. ' The Smart Card enrollment control upon initialization will ' have set the CertTemplateName property to the value ' returned by enumCertTemplateName(0, 1). document.SCEnrForm.CT.selectedIndex=0 ' Display the certification authorities in the list box. Call UpdateCA() End If end sub sub ViewCert_OnClick Dim strEnrolledCert ' Retrieve the name of the enrolled certificate and ' display the certificate viewer user interface. strEnrolledCert = Senroll.getEnrolledCertificateName(0) end sub --> </SCRIPT> <BODY LANGUAGE=VBScript OnLoad="Initialize"> <FORM NAME="SCEnrForm"> <P> Cryptographic Service Provider <SELECT NAME="CSP" SIZE=1 ID="CSP" onChange="ChangeCSP" LANGUAGE="VBScript"> </SELECT> <P> Administrator Signing Certificate <INPUT NAME="SignCert" SIZE=40 READONLY><INPUT NAME="GetSign" TYPE="button" VALUE="Select Signing Certificate"> <P> Certificate Template <SELECT NAME="CertTemplate" SIZE=1 ID="CT" onChange="ChangeCT" LANGUAGE="VBScript"> </SELECT> <INPUT NAME="CTType" onclick = "CTType_OnClick" ID="CTType" TYPE="radio" CHECKED VALUE=1>User <INPUT NAME="CTType" ID="CTType" onclick=CTType_OnClick TYPE="radio" VALUE=2>Machine <P> Certification Authority <SELECT NAME="CertAuth" SIZE=1 ID="CA" onChange="ChangeCA" LANGUAGE="VBScript"> </SELECT> <P> Enroll on behalf of <INPUT NAME="User" SIZE=40 READONLY><INPUT NAME="GetUser" TYPE="button" VALUE="Select User"> <P> <INPUT NAME="Enroll" TYPE="button" VALUE="Enroll" DISABLED> <INPUT NAME="Reset" TYPE="button" VALUE="Reset User" DISABLED> <INPUT NAME="ViewCert" TYPE="button" VALUE="View Certificate" DISABLED> </FORM></P> </BODY> </HTML>