Key and respective certificate can be imported from file into a card.
Imported file must have structure described in PKCS#12.
After you run the action, the Card manager reads from card data required for key import. (At the same time the Card manager verifies whether the key can be imported into card: sufficient free space etc.) Then standard system window to open a file is shown. After a path is entered, data is read from file. (Files with private key are encrypted; program requires a password).
Data downloaded from the file is consecutively written to the card: empty data structure (container) is created, then key and certificate are saved into the container.
If import is successful, then data to be viewed in information tree is read from card.
While the key is being imported, the private key is saved in a file (PC hard disk, floppy disk…) which can be potentially evaluated as a hazardous environment. File with key can be attacked in an attempt to reveal, alienate or abuse the private key. The user must be aware of this risk and should take steps to minimize such a risk: run import on proven computer, keep the key in the file only as long as necessary, delete the file after import (the best way is to use a floppy disk, and format it afterwards).
Import key is needed when keys are generated by external programs. From the security point of view it's better to generate key directly inside the card's chip: it secures that key stays inside the chip, never leaves the chip and that's why there is not any risk of unauthorized use.
Import of key can be prohibited during CryptoPlus card personalization process.
Option is available only if a card with sufficient free space for adding a key and certificate is selected in information tree.