Hello, Sorry i said something wrong in my previous message, even if javacard 3.0 is available , there are actually no compatible's cards to buy for the moment, and i have no more information about this... we will continue our researches on cryptos apis, PCKS, java applet and scardsoft.. sorry
jose85 wrote: > > Ok thanks a lot Andreas Jellinghaus-2 , that's probably what we will do ! > we've seen too a soft : http://www.scardsoft.com/main.php3?Theme=SCardX , > the javascript sources code are available, pherhaps it's possible to > modify only the client side for our project > And also the platform javacard 3.0 will be soon available with an update > API , new packages : http ,tls,ssl... > that can interest us... > Gemalto has already a major release available of this javacard 3.0 : > http://developer.gemalto.com/home/java-card-3/gemalto-toolkit.html > we will make first some researches on this new release... > > > > Andreas Jellinghaus-2 wrote: >> >> if you want web connections authenticated with a smart card, >> the best way is usualy >> 1.) use an ssl server >> 2.) use the option to authenticate to that ssl server using a >> client certificate (with the private key) >> 3.) find a way so that the private key is stored on a smart >> card and is not read from the card, but rather the card >> is signed to sign those bytes used in the ssl client >> authentication. >> >> step 1 and 2 are easy to implement. >> >> but for step 3 you usualy use some ssl or https library on >> the client side to access the server. that library needs >> to be able to use smart cards. if the library doesn't allow >> that, pick a different library. >> >> I only know programming in c, there you have the netscape >> libraries that allow this (I guess, since firefox can do this), >> and the openssl library for ssl connections can do that too >> (using an "engine" and that engine can be "engine_pkcs11" >> which can use "opensc-pkcs11.so" or any other pkcs#11 module >> to talk to a smart card). >> >> I'm sure there are java libraries / packages out there that >> have similiar functionality. check out the opensc-java project, >> maybe the authors can help you (and I think it works not only >> with opensc, but other pkcs#11 modules as well). >> >> good luck! >> >> Andreas >> _______________________________________________ >> Muscle mailing list >> [email protected] >> http://lists.drizzle.com/mailman/listinfo/muscle >> >> > > -- View this message in context: http://www.nabble.com/Authentification-to-a-server-with-a-smartcard-tp22357213p22514167.html Sent from the MuscleCard mailing list archive at Nabble.com. _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
