Hi, Maria Indeeva PKCS#11 is a set of specification of interface. Maybe there is no defined module, except for PKCS#11 self.
In development, you should write detailed implementations of all interface, like GPKCS11 project. 2001-12-09 11:13:00�� >Hello, > >It is not the first time as I can read the messages where you mention about >pkcs#11 standard implementation. I couldn't find any information about it on >www.linuxnet.com. >Does really this implementation for Linux platform exist? If there is this >pkcs#11 module for Muscle cards, where I can find it? > >Best regards, >Maria Indeeva > >----- Original Message ----- >From: "David Corcoran" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Saturday, December 08, 2001 6:41 PM >Subject: MUSCLE Re: PKS-11 (BOUNCE) > > >> From: Tommaso Cucinotta <[EMAIL PROTECTED]> >> Reply-To: [EMAIL PROTECTED] >> Subject: Re: MUSCLE musclecard architecture >> >> Dr S N Henson wrote: >> > >> > I'm not sure I follow this. PKCS#11 implementations have been written >> > with no certificate handling at all: that is they just blindly store >> > them as an opaque blob with a set of attributes provided by the >> > application. >> >> Just as a note: MuscleCard PKCS#11 (and other SmartSign PKCS#11) do >> interpret >> some of the certificate fields (i.e. to set CKA_SUBJECT). They also >> extract >> the public key and expose it to the app. I don't know if this is useful >> at >> all, as the only thing an app should look at is the cert itself (as it >> is >> the only signed object). >> Another useful thing (that is not actually done) would be checking if >> the prv key on the card matches the public one in the cert... >> >> > 1. The card doesn't support the full range of algorithms: say RSA only, >> > no DSA or DES, 3DES. >> > 2. The card is read only: you can't create or delete objects at all. >> > >> > These could presumably be handled by some "query capabilities" function >> > or similar. Does such a thing exist under MuscleCard or would an >> > application have to interpret SW_UNSUPPORTED_FEATURE return codes? >> >> Next release of MCardAPI and CardEdge protocol will have further >> informations returned with GetStatus() command. One of the already >> defined info is the crypto capability of the card, so you would answer >> to question #1. "read-only" could also be another capability, we will >> eventually think of it.... other capabilities that would result useful ? >> >> Bye, >> Tommaso. >> >> -- >> /------------------------------------------------\ >> | Dr. Tommaso Cucinotta <[EMAIL PROTECTED]> | >> +------------------------------------------------+ >> | Scuola Superiore di Studi Universitari | >> | e Perfezionamento S.Anna | >> | Pisa Italy | >> \------------------------------------------------/ >> >> *************************************************************** >> Unix Smart Card Developers - M.U.S.C.L.E. >> (Movement for the Use of Smart Cards in a Linux Environment) >> http://www.linuxnet.com/ >> To unsubscribe send an email to [EMAIL PROTECTED] with >> unsubscribe sclinux >> *************************************************************** > >*************************************************************** >Unix Smart Card Developers - M.U.S.C.L.E. >(Movement for the Use of Smart Cards in a Linux Environment) >http://www.linuxnet.com/ >To unsubscribe send an email to [EMAIL PROTECTED] with >unsubscribe sclinux >*************************************************************** Xu Yongjiang [EMAIL PROTECTED] *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
