SmartCard PKI

[Marek Marecki]

Hello,

I have OMNIKEY CardMan 3121 Smart Card Reader and a few certificates
on card. I'm using it to sing and encrypt files. I would like to
automate whole process and write an application that will use this SC
Reader. I've found a lot of articles about JavaCard but not much about
SC + PKI. Are there any libraries that would help me in achieving this
goal ?

TIA
Marek

 

[Roedy Green]

OMNIKEY CardMan 3121 Smart Card Reader

I read the datasheet and discovered
The drive supports
PC/SC driver
CT-API (on top of PC/SC
OCF (on top of PC/SC)
Synchronous API (on top of PC/SC)

none of those ring any bells. I presume thay are proprietary to
Omnikey.

There are USB drivers for the following OSes.
WindowsR 98/ME
WindowsR 2000
WindowsR 2003 Server
WindowsR XP
WindowsR XP 64bit (AMD64, EM64T,
IA64)
WindowsR Vista (32bit & 64bit)
Windows CE
LinuxR
MacOS X (PowerPC & Intel)

In also supports FIPS, that grew of the Fatherland Security people.

FIPS 201 (Federal Information Processing Standards Publication 201) is
a United States federal standard that specifies Personal Identity
Verification (or PIV) requirements for Federal employees and
contractors. In response to HSPD-12, the Computer Security Division
initiated a new program for improving the identification and
authentication of Federal employees and contractors for access to
Federal facilities and information systems. Federal Information
Processing Standard (FIPS) 201, entitled Personal Identity
Verification of Federal Employees and Contractors was developed to
satisfy the technical requirements of HSPD 12, approved by the
Secretary of Commerce, and issued on February 25, 2005. Policy for a
Common Identification Standard for Federal Employees and Contractors

FIPS 201 are required for US Federal Agencies but do not apply to US
national security systems.

 

[Roedy Green]

OMNIKEY CardMan 3121 Smart Card Reader a

see http://www.pcscworkgroup.com/specifications/overview.php for specs
on PC/SC

 

[Rogan Dawes]

Hello,

I have OMNIKEY CardMan 3121 Smart Card Reader and a few certificates
on card. I'm using it to sing and encrypt files. I would like to
automate whole process and write an application that will use this SC
Reader. I've found a lot of articles about JavaCard but not much about
SC + PKI. Are there any libraries that would help me in achieving this
goal ?

TIA
Marek

Odds are good that it provides a PKCS#11 interface, which means that you
can access it using Java. V1.5.x includes support for PKCS#11 devices.

For an example of using SSL with PKCS#11 devices, see
http://dawes.za.net/rogan/PKCS11Test.java

The basic techniques for accessing the PKCS#11 certificates and keys can
easily be adapted to signing and encrypting files, I'm sure.

Regards,

Rogan