The latest OCF package at [1] has support for smartcardio - so if you
need more than just the APDU interface.
Andreas
[1] http://www.openscdp.org/ocf/download.html
Am 12.08.2011 12:11, schrieb resoli - libero:
> Il giorno mer, 10/08/2011 alle 08.36 +0200, NdK ha scritto:
>> On 09/08/2011 20:48,
Il giorno mer, 10/08/2011 alle 08.36 +0200, NdK ha scritto:
> On 09/08/2011 20:48, Vlastimil Pavicek wrote:
> > I haven't read the whole thread, but you might find this library useful (it
> > is easier to use than JNI/JNA):
> > http://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits/PKCS-11-Wr
__
> Od: "NdK"
> Komu: , helpcrypto helpcrypto
>
> Datum: 10.08.2011 08:36
> Předmět: Re: [opensc-devel] Java and pkcs11
>
>On 09/08/2011 20:48, Vlastimil Pavicek wrote:
>> I haven't read the whole thread, but you might find this library useful (it
On 09/08/2011 20:48, Vlastimil Pavicek wrote:
> I haven't read the whole thread, but you might find this library useful (it
> is easier to use than JNI/JNA):
> http://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits/PKCS-11-Wrapper
Tks.
Found last night. It's used by j4sign[1] that targets mul
Hi,
I haven't read the whole thread, but you might find this library useful (it is
easier to use than JNI/JNA):
http://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits/PKCS-11-Wrapper
Best regards
VLP
__
> Od: "NdK"
> Komu:
>
On 03/08/2011 21:25, Martin Paljak wrote:
>> And what about smartphones? "Standard" Java is more likely to be adapted
>> than proprietary interfaces.
> I don't believe that current smartphone platform vendors will embrace PKCS#11
> as we know it on the desktop. At least I hope they will not. It w
On 03/08/2011 19:40, helpcrypto helpcrypto wrote:
>> Well... The user should be responsible for selecting the "best" slot.
>> That IMHO shouldn't be a "slot" in the first place, but just a
>> certificate. The browser should only filter certs so that only
>> acceptable ones are proposed to the user
Hello,
On Aug 3, 2011, at 6:22 PM, NdK wrote:
>> On Windows, you could also use the Windows CAPI via the SunMSCAPI,
>> and OpenSC on Windows can still be used via the OpenSC mindriver.
> Still proprietary solutions.
> And what about smartphones? "Standard" Java is more likely to be adapted
> than
2011/8/3 NdK :
> On 03/08/2011 16:16, Douglas E. Engert wrote:
>> You say you are using FF, so have you looked at JSS?
>> http://www.mozilla.org/projects/security/pki/jss/
How can you say so, if JSS is not recommended/supported for Java Applets?
(as said in the infamous bug
https://bugzilla.mozilla
On 03/08/2011 16:16, Douglas E. Engert wrote:
> You say you are using FF, so have you looked at JSS?
> http://www.mozilla.org/projects/security/pki/jss/
Nope. Proprietary (available only for FF).
> As I read this, it is a java interface to NSS, and thus avoid the
> sunPKCS11 and its limitations, bu
You say you are using FF, so have you looked at JSS?
http://www.mozilla.org/projects/security/pki/jss/
As I read this, it is a java interface to NSS, and thus avoid the
sunPKCS11 and its limitations, but still allow the use of OpenSC.
On Windows, you could also use the Windows CAPI via the SunMSC
2011/8/3 NdK :
> Then why I get *exaxtly* one slot per PIN (and in the slot name there's
> the label I associated with the PIN? Maybe it's opensc-specific, but I
> doubt.
must be opensc is adding an slot for each application/pin. You should
check this with someone/martin, but im pretty sure is this
Il 03/08/2011 13:35, helpcrypto helpcrypto ha scritto:
>> And (more general question) why a slot identifies a pin? What about
>> "insecure" keys and their certs? See below.
> An slot doesnt need to have a PIN, as stated on PKCS#11 standard.
Then why I get *exaxtly* one slot per PIN (and in the slo
2011/8/3 NdK :
> The wallet must allow for use of a smart card or a simple password
> (obviously highly sensitive passwords will have to be restricted to
> stronger method). Not really different at the programmatic level, since
> I can store "anything" in the "encryptedPrivateKey" field: an actual
Il 03/08/2011 11:08, helpcrypto helpcrypto ha scritto:
> As i understand, you want to develop like a wallte, where password
> stored on server (crypted) are copied to clipboard (altough a simply
> CTRL+V will display it), to let the user authenticate in toher
> services. Right?
Yup. Right. Ctrl-V
2011/8/3 NdK :
> Il 03/08/2011 09:32, helpcrypto helpcrypto ha scritto:
> I need to implement a multiuser web password manager that allows users
> to group-share passwords (so Linux sysadmins don't have access to
> Windows passwords -- yes, I know AD, it's just an example).
> Server NEVER knows pla
Il 03/08/2011 09:32, helpcrypto helpcrypto ha scritto:
> Do yo code on assembly for you web pages? PCSC should be used only
> if your smartcard doesnt have a higher level of abstraction possible
> (like opensc)
I'd even prefer higher APIs, since doing security really well is hard.
>> I usually d
If any of you dont agree with any of the following, just let me know.
>>>- should I avoid SunPKCS11 and base my program on "simple" PC/SC?
Absolutely not.
Do yo code on assembly for you web pages? PCSC should be used only if
your smartcard doesnt have a higher level of abstraction possible
(like
On 02/08/2011 16:22, Felipe Blauth wrote:
> Java Cryptographic is based on JCA/JCE arquitecture. The document at
> http://download.oracle.com/javase/1.5.0/docs/guide/security/p11guide.html ,
> preety much explains everything you need to know.
I'll have to reread it.
> It says, for example,
> that
2011/8/2 NdK
> Hi all!
>
> Maybe it's nearly OT, but I think it could be useful for other readers.
>
> I've found that a quite recurring problem in accessing tokens from java
> is the "PKCS11 not found" exception.
> Disabling hot plug support, as suggested in the past to another user,
> didn't wo
20 matches
Mail list logo
