Andreas, Thank you so much for your answer. It definitely helps me.
opensc is written for pkcs#15 cards ... OK ; I had missed that (which is why I did not understand the "adherence" of pkcs11-tool to PKCS15). > if you aim for less, you can write a pkcs#15 emulation > driver: it creates all these pkcs#15 structures in memory, > and fakes a real card. then only stuff referenced by > the in-memory driver, but not faked is really on the > card and opensc will try to read that. > OK, so I guess I have two options : - I could write the pkcs#15 emulation layer ; do you have working code as a reference to do this? - or use another PKCS#11 implementation that does not make the assumption that the card is PKCS#15-compliant. My first objective is to allow users to use the smartcard for authentication on their (Linux) computer. I would like to use pam-pkcs11 module to do that, which is why I planned to integrate my smartcard with opensc, as many application rely on it. I am also planning to use the card to store a secret that will ultimately be used to decrypt the users home directory content. Right now, I am not concerned by the smartcard personalization and I do not need PKCS#15 support. This might change in the future, but at the moment, I would just like to use basic services provided by the card (i.e., user login, signature, random number generation, etc.). Ben
_______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
