[opensc-devel] New OpenSC project: pkcs11-helper
Hello all application developers, I am proud to announce a new project of the OpenSC Project, which targets application developers who wish to integrate smartcard support into their applications and found it to be too difficult. pkcs11-helper is designed to be used by consumer application, that need to use the card, not alter its contents. I believe this targets about 98% of potential smartcard applications. pkcs11-helper allows using multiple PKCS#11 providers at the same time, enumerate certificate objects, handling card removal and card insert events, handling card re-insert to a different slot, supporting session expiration serialization and much more, all using a simple API. More information may be found at the following URL: http://www.opensc-project.org/pkcs11-helper/ I will appreciate any feedback regarding the above, I will be glad to help open-source developers to integrate smartcard support correctly into their applications. Best Regards, Alon Bar-Lev. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] secure messaging with OpenSC
Hello, I would like to discuss an extension for the libopensc API, that implements secure messaging. In the attachment there is the patch to the common OpenSC part. The full patch was tested with Oberthur card. (Java card, secure messaging is conform to GlobalPlatform .) The main headlines are: - secure messaging (SM) is used only for APDUs that really need it: secure channel initialized just before, and closed immeadiatly after. - secured APDUs are generated by some external SM_server (in my case it's HTTPS server). OpenSC access SM_server via the SM_module. SM_module to be used is defined in opensc.conf and is loaded during the sc_context initialization. - SM_module exports three functions: initialize(), get_apdus() and finalize(): first one is to get the host challenge; second is to get the secured APDUs; last one is to return the confirmation. - libopensc card driver use cache of the curent EF's and DF's FCIs and detects the moment when SM has to be used. - APDUs processing is deviated to the SM procedures at the level of libopensc commands (not at the APDU transmission level) -- key_generation, key_import, pin_unblock, binary_write. Current trunk version of libopensc/card-oberthur.c contains (in comments) the SM specific procedures. Full patch (too voluminous for this mail) contains SM_server tool to generate secured APDUs, and SM_module implementations. It would be nice to hear your opinions, kind wishes, Viktor. opensc-0.11.1.trunk.20061204-sm-common.patch.tgz Description: GNU Unix tar archive ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel