Percival Blakeney wrote:
I am involved in a project that is considering the use
of Aladdin's eToken PRO USB tokens for system access
control and document signing (my customer currently
uses tokens are provisioned using Entrust 7 on
Windows.)
One "nice-to-have" feature for the project would be to
allow users to use the tokens in Linux systems as well
as Windows.
well ... you might try to use opensc on windows as well ;-)
Initially I had hoped that OpenSC would
offer this, but I gather that it only supports
pkcs#15, and that the eToken's key & certificate
storage structures (and possibly other low-level
interface details) are proprietary.
What I'm wondering is whether it would be insane for
me to contemplate writing an OpenSC eToken driver for
a natively-formatted eToken PRO. Looking at what's
visible on the token, what's passing at the USB layer
under Windows, and also at the existing code for the
OpenSC-initialised tokens, it looks as if it ought to
be possible to hack something up.
this should be doable but even if opensc can read/parse
the proprietary profile it normally can't change the
exisiting data on the card (like creating a new key etc.)
as this would require a deeper understanding of the profile
used.
But I haven't written anything this grubby for a few
years, and I also get the feeling that I may not know
what I don't know.
actually this is normally quite simple. You just need to find out
where/how the keys, certs etc. are stored etc. The rest is mostly
copy & paste.
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
