Ok thanks a lot Andreas Jellinghaus-2 , that's probably what we will do ! we've seen too a soft : http://www.scardsoft.com/main.php3?Theme=SCardX , the javascript sources code are available, pherhaps it's possible to modify only the client side for our project And also the platform javacard 3.0 will be soon available with an update API , new packages : http ,tls,ssl... that can interest us... Gemalto has already a major release available of this javacard 3.0 : http://developer.gemalto.com/home/java-card-3/gemalto-toolkit.html we will make first some researches on this new release...
Andreas Jellinghaus-2 wrote: > > if you want web connections authenticated with a smart card, > the best way is usualy > 1.) use an ssl server > 2.) use the option to authenticate to that ssl server using a > client certificate (with the private key) > 3.) find a way so that the private key is stored on a smart > card and is not read from the card, but rather the card > is signed to sign those bytes used in the ssl client > authentication. > > step 1 and 2 are easy to implement. > > but for step 3 you usualy use some ssl or https library on > the client side to access the server. that library needs > to be able to use smart cards. if the library doesn't allow > that, pick a different library. > > I only know programming in c, there you have the netscape > libraries that allow this (I guess, since firefox can do this), > and the openssl library for ssl connections can do that too > (using an "engine" and that engine can be "engine_pkcs11" > which can use "opensc-pkcs11.so" or any other pkcs#11 module > to talk to a smart card). > > I'm sure there are java libraries / packages out there that > have similiar functionality. check out the opensc-java project, > maybe the authors can help you (and I think it works not only > with opensc, but other pkcs#11 modules as well). > > good luck! > > Andreas > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.drizzle.com/mailman/listinfo/muscle > > -- View this message in context: http://www.nabble.com/Authentification-to-a-server-with-a-smartcard-tp22357213p22389582.html Sent from the MuscleCard mailing list archive at Nabble.com. _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
