OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Shelby Evans (saevansbbn.com)
Date: Wed Oct 31 2001 - 12:33:53 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Radovan,
    If you buy a Reflex 72 reader to use with the Cryptoflex card, to
    communicate with the Cryptoflex smart card on Linux you will need
    1. PC/SC Lite for Unix from http://www.linuxnet.com/middle.html
    2. MUSCLE Reflex 72 Driver http://www.linuxnet.com/sourcedrivers.html
    See
    http://www.strongsec.com/smartcards/howto/html/SmartCard-Login-HOWTO-2.html
    for pretty good instructions on how to get everything set up.

    On a Windows platform, you can interface the PKCS#11 library that comes
    with Schlumberger SDK4.1 and download a certificate onto the card.
    Since Schlumberger doesn't have a Linux version of their PKCS#11 library
    you can't do this on a Linux platform.

    I've looked and have not been successful in finding a PKCS#11 interface
    which runs on Linux and talks to the Cryptoflex smart card - or any
    smartcard for that matter. The only PKCS#11 library I have found that
    runs on a Linux platform is gpkcs#11
    (http://sourceforge.net/projects/gpkcs11) and this currently only works
    with a software token. For the project I'm working on this has forced
    me to begin designing and developing a "mini-"PKCS#11 library that does
    just the PKCS#11 stuff necessary for the project which includes
    generating an RSA key pair, storing a certificate on the card, and
    hashing and signing data. You may want to consider doing something
    similar if you need to work on a Linux platform. Of course, the
    interface that you would need to develop would have to be developed in
    such a way that it can be added into Netscape as a Cryptographic
    Module. This is not necessary for my current project.

    -Shelby

    Radovan Semancik wrote:
    >
    > Hello,
    >
    > just a quick question, before I'll spend some money:
    >
    > Can I use Schlumberger cryptoflex smart card in Linux for storing X.509
    > certificates?
    > (PKCS#11 interface for netscape)
    >
    > What software tools I will need to make it work?
    >
    > --
    > Ing. Radovan Semancik (semancikbgs.sk)
    > Project Manager, Business Global Systems a.s.
    > ***************************************************************
    > Unix Smart Card Developers - M.U.S.C.L.E.
    > (Movement for the Use of Smart Cards in a Linux Environment)
    > http://www.linuxnet.com/
    > To unsubscribe send an email to majordomolinuxnet.com with
    > unsubscribe sclinux
    > *************************************************************** 

    -- 
Shelby A. Evans
Senior Software Engineer
Information Security Department

    BBN Technologies
9861 Broken Land Parkway, Suite 156
Columbia, MD  21046

    Phone:    410-312-6993
Fax:      410-312-6931
e-mail:  saevansbbn.com
***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to majordomolinuxnet.com with
unsubscribe sclinux
***************************************************************