2012/12/6 Anthony Foiani <anthony.foi...@gmail.com>: > Greetings, all.
Hello, > As with a similar posted in the last day or two, I'm working deploying > an embedded linux system, and I'm trying to figure out the smallest > set of libraries that I need to do this. > > The desired use for tokens in the field is: > > 1. Sign binary blobs, generating a detached RFC5652 signature file > from each data file. > > 2. (Eventually) for both client and server-side SSL handshaking. > > On a typical Linux workstation, I can do all this already, thanks to > the developers here and on libusb, ccid, and pcsc-lite. Barring > late-breaking changes, this functionality is already available in > packages for the distribution I'm using here (Fedora 17). > > To test the latest and greatest, I had to build: > > libusb-1.0.9 > pcsc-lite-1.8.6 > ccid-1.4.8 > openssl-1.0.1c > libp11-0.2.8 > opensc-0.13.0rc1-g2895729 (from CardContact) > engine_pkcs11-0.1.8 > > Other than having to adjust the interprocess expectations of pcscd and > its users, that also works fine. > > However, the embedded box is not running the typical workstation > daemons. There's no udev at all; I'm handling the event stream > directly within my application. (E.g., I'm receiving and handling USB > mass storage device insertions / removals.) > > What I'm looking for is guidance on which libraries are required to do > the work, if I can tell those libraries exactly which USB device to > use, and only when there is something there to be used. > > Is libusb used only for discovery, or for access as well? Likewise, > if there is only ever one process accessing the token (and I can > guarantee that it's single-threaded access), then is pcscd necessary? libusb (or udev but you do not use it) is used by pcscd to discover USB readers. libusb is used by libccid to access the USB readers. You can write your own simpler pcscd if you want. > Even further, if I know exactly which token will be used, is it > possible and/or advisable to short-circuit the generic aspects of > libpkcs11 and somehow use that token's driver directly? The question is: why would you change existing and working code? What is the problem with the existing programs? Bye -- Dr. Ludovic Rousseau _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
