enrollsvc.dll existe et semble lier à un service utilisé pour l’enrollement
Methode d’enrollement OTA avec WM 6 : Utilise wap-provisioningdoc
http://bansky.net/blog/2008/11/enrolling-user-certificate-into-windows-mobile-over-the-air/
Repose sur CertificateEnroller CSP : The CertificateEnroller Configuration Service Provider in Windows Mobile 6 enables you to generate certificates
http://msdn.microsoft.com/en-us/library/bb737636.aspx
Device Description Framework (DDF) file for the CertificateEnroller Configuration Service Provider. Open Mobile Alliance Device Management (OMA DM) DDF files and the example in this topic are used only for OMA DM provisioning.
http://msdn.microsoft.com/en-us/library/bb737418.aspx
Certificate Management in Windows Mobile
http://msdn.microsoft.com/en-us/library/bb416317.aspx
The certificate stores are located in two areas of the registry:
* HKEY_CURRENT_USER\Comm\Security\SystemCertificates
* HKEY_LOCAL_MACHINE\Comm\Security\SystemCertificates
La liste des CSP est stockée dans :
* HKEY_LOCAL_MACHINE\Comm\Security\Crypto\Defaults\Provider
=> Microsoft Base
=> Microsoft Base DSS
=> Microsoft Enhanced RSA
=> Microsoft Enhanced DSS
=> Microsoft Enhanced AES
C’est partiellement documenté ici :
http://msdn.microsoft.com/en-us/library/ms884655.aspx
Page MSDN sur les CSP About Cryptographic Service Provider :
http://msdn.microsoft.com/en-us/library/ms884340.aspx
Page MSDN sur les certificats dans Windows CE .NET 4.2 :
http://msdn.microsoft.com/en-us/library/ms883655.aspx
CryptEnumProvidersU non supporté ?
http://msdn.microsoft.com/en-us/library/ms883695.aspx
Personal Certificate Import Utility for Pocket PC 2003 and Windows Mobile
http://www.jacco2.dds.nl/networking/p12imprt.html
Source:
http://www.jacco2.dds.nl/networking/p12imprt_src.zip
Windows Mobile 5.0 and higher support the PFXImportCertStore() function.
My idea was to [..] import these datastructures using the regular API, such as CryptImportKey().
Documentation du Web Enrollement :
http://www.jacco2.dds.nl/networking/crtimprt-org.html#Webenrollment
– Windows 200x server must be configured to immediately issue certificates
– On your client host PC, compile the ENROLL sample files included with the Pocket PC 2003 SDK. (suprimé des versions suivantes)
– Edit the ENROLL.CFG file: change the server address and enter Windows 200x’s server name/IP address. Also enter the name and password of the user account
– ENROLL.EXE should report « Cert Has Been Added Succesfully ». If you go to Settings -> System -> Certificates, the certificate should be listed.
CertificateEnroller Configuration Service Provider Examples for OMA Client Provisioning
http://msdn.microsoft.com/en-us/library/bb737707.aspx
Desktop Certificate Enrollment
http://msdn.microsoft.com/en-us/library/bb416312.aspx
Web enrolment on Windows Mobile 6
http://www.jacco2.dds.nl/networking/windowsmobile-certinstall.html#Webenrollment
MSDN : Enrolling Devices
http://technet.microsoft.com/en-us/library/dd261805.aspx
MSDN : Enrolling for a Certificate : Regroupe toutes les techniques
http://msdn.microsoft.com/en-us/library/ms897531.aspx
Commentaires