Dave, I want to use the musclecard pkcs#11 package with the CFlexPlugin with my own application. I have it linked in and running to some degree.
I'm considering making modifications to the musclecard pkcs#11 package and the CFlexPlugin: - to use the passed in exponent when generating keys. - to save the subject from the template to the card when generating keys - to read the subject back from the card when opening a session or logging in - to use the CKA_ID from the passed in template when generating keys - to support the creation of 2048 bit keys on the cryptoflex card. Is there any plan to support these features in the near future? If I were to make the changes, is there a process I can go through to have the changes incorporated into the opensource musclecard release? Background: Before trying to use musclecard, I was interfacing with gpkcs11 with a software token or a limited pkcs11 library we developed to interface to the cryptoflex card. When using these pkcs11 versions, I was able to pass in an exponent, subject, label and CKA_ID when generating a key pair. These values were saved so that when I went to retrieve the key pair I could use the subject to find it. I noticed in the musclecard pkcs#11 package that most of this passed in information is ignored, it only uses the key size from the template. I also noticed that musclecard CFlexPlugin does not yet support 2048 bit key sizes. Thanks, Shelby David Corcoran wrote: > > Hello, > > Located on http://www.musclecard.com/musclecard/ is a new package for > Linux including the sources updated to the 1.1.3 release. > > Included in this package are the following updates: > > PKCS11 > MusclePAM > XCardII > MuscleTools > CFlexPlugin > MCardPlugin > > The fixes will ensure that email encryption works for most CA's > including: Verisign, Thawte, Entrust, etc. Multi-length pin's are now > supported in all plugins. Card insertion/removal while Mozilla is > running should behave as expected now. Users should use the Mozilla 1.1 > This has been tested on Solaris, Linux, HP-UX. > > The applications subsection of that page will contain earlier versions > of MusclePAM, XCardII, MuscleTools until I get them updated. > > Several new MuscleCard plugins will be available soon. > > Contact me with any questions. > > Best Regards, > Dave -- Shelby A. Evans Senior Software Engineer Information Security Department BBN Technologies 9861 Broken Land Parkway, Suite 156 Columbia, MD 21046 Phone: 410-290-6161 Fax: 410-290-6131 e-mail: [EMAIL PROTECTED] _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
