Intesi Group S.p.A. Hi!

We have moved.
To be redirect

PkNet [COM / .Net] Architecture

PkNet products structure for Microsoft Com / .Net development environments is optimized to exploit the features of Windows interfaces available for communication with Smartcard readers of with Smartcard and Certificate Stores of the operating system.
In particular we use the interfaces offered by PCSC drivers for accessing the Smartcard reader and PKCS # 11 and CSP (Crypto Service Provider) drivers for the management of the smartcard.

The Smartcard Multiplexer module is able to identify all the devices such as readers, smartcards and cryptographic tokens in the system.
The following diagram illustrates the overall architecture of the product.

The cryptographic devices are recognized and depending from the type the correct drivers are addressed for access to the card. The implementation of security features relies on the features provided by the MS CryptoAPI subsystem and, limited to GUI interfaces for displaying certificates, to MS CAPICOM module.

If the requested features were not present (such as managing time stamps and PDF signature), Intesi Group has included the missing functionalities directly into PkNet code.

With PkNet is distributed a CSP driver specifically developed by Intesi Group that converts CSP calls in Pkcs # 11 calls. As the Pkcs # 11 drivers are more frequently available and better working, the CSP by Intesi Group can significantly extend the number of cryptographic devices supported. As an optional component is also proposed the CSP drivers for integration with the open source software OpenVPN through which you can run with a Smartcard (also issued by an Italian CA) authentication for access to the network via VPN.

PkNet works directly accessing certificates on a cryptographic device without requiring a copy of them in the store of the operating system. This feature, together with the ability to address the device in a transparent way to the calling application, allows to make the access to the functionalities of Signature totally independent of the type of the signature device used.

Developing with PkNet will be possible to interface with any Smartcard (or other device) without having to change any line of code. With PkNet is provided a library of utilities, called PkUtil, which can help the programmer in all of the processing of data to be signed:

  • Conversions between Binary datas and Unicode strings
  • Uploading data to be signed from a files or URL
  • Saving of the signed data on a file or URL

Available Versions:

PkNet Express
It 's the version that solve all the problems of logical security for the business user (contract signing, authentication, file protection).
PkNet provides features otherwise optional such as output M7M for full interoperability with InfoCert for Time Stamps and management of XML Signature.
PkNet comparative sheet
For functionalities offered by the two versions, please see PkNet SHEET.
Architecture PkNet
More details on PkNet architectures.
- Architecture PkNet
- Architecture PkNet Java
Copyright © 2021 INTESI GROUP S.p.A
Via Torino, 48 - 20123 Milano - Italia
P.IVA 02780480964
Capitale soc.: Euro 1.000.000,00 i.v. - REA: Milano - 1562415