I am involved in a project that is considering the use
of Aladdin's eToken PRO USB tokens for system access
control and document signing (my customer currently
uses tokens are provisioned using Entrust 7 on
Windows.)
One "nice-to-have" feature for the project would be to
allow users to use the tokens in Linux systems as well
as Windows. Initially I had hoped that OpenSC would
offer this, but I gather that it only supports
pkcs#15, and that the eToken's key & certificate
storage structures (and possibly other low-level
interface details) are proprietary.
What I'm wondering is whether it would be insane for
me to contemplate writing an OpenSC eToken driver for
a natively-formatted eToken PRO. Looking at what's
visible on the token, what's passing at the USB layer
under Windows, and also at the existing code for the
OpenSC-initialised tokens, it looks as if it ought to
be possible to hack something up.
But I haven't written anything this grubby for a few
years, and I also get the feeling that I may not know
what I don't know.
So I have some questions:
1) Has this problem already been solved, or is there
some other workaround?
2) Is there some fundamental flaw in my thinking
that this can be done (and done reasonably easily)?
3) How irritated are Aladdin likely to get at having
their stuff reverse engineered (would this be a DMCA
brick-wall if I were in the USA)?
All advice gratefully received.
___________________________________________________________
Now you can scan emails quickly with a reading pane. Get the new Yahoo! Mail.
http://uk.docs.yahoo.com/nowyoucan.html
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
