Is login on the smart card implemented completely on the hardware chip Or it should be impelemented on both pkcs11 dll and smart card? and so how do they separated the chip functions for 3 type of user : user, CA, guest.
EDIT:
it helps me more, if you have a small sample code for both hardware and PKCS11 DLL as a start point
user sign in on token
411 Views Asked by osyan At
1
There are 1 best solutions below
2
Martin Paljak
On
- PKCS#11 has C_Login, which has to be implemented, obviously, for any reasonable interoperability.
- Guest only opens a session, does not call C_Login. User vs CA is not really an option in PKCS#11 terms (they are both "users" of the token), there is arbitrary "user" vs "admin" in PKCS#11 (but you don't really have to implement both, if your model does not follow the PKCS#11 model)
- The security device must implement any protective measures (the ability to "log in" or "unlock" some resources in the device being one of them) so yes, it is implemented in the chip.
- Don't know what "user" means in your context but having three types of users in a single token and one of them being called "CA" sounds like a bad idea.
- You actually answer your own question: a device is useless for an application without the middleware (PKCS#11) so both must implement "something".
Related Questions in TOKEN
- .net Web Api 2 Owin authentication token expires suddenly and often on IIS 8.5
- search with filter by token count
- How to token paste a number?
- Ember.js REST Auth Headers
- django rest framework - token authentication logout
- Is my JWT refresh plan secure?
- PHP token security
- GCM get invalid tokens when sending to multiple devices at once
- Uncaught SyntaxError: Unexpected token < in HTML - can't solve
- TERADATA - How to split a character column and keep the last token?
- Oauth refresh token provider error in ValidateClientAuthentication
- First authentification in order to get token
- does Token Based Authentication requires to store token in DB?
- Play Framework: How to Add a Header to Every Response
- Meteor app deploying with Modulus
Related Questions in SMARTCARD
- How to validate a Smart/CAC card using input from Precise Biometrics Tactivo
- Java Card applet EEPROM vs RAM testing
- ISO/IEC 7816 commands over CCID
- C on smartcards
- Is smartcard logon in windows bound to minidrivers and MS base CSP or any CSP will work?
- number value to byte[6] array card reader
- Using A3 certificate with a Service
- How do I interpret the response from GET PROCESSING OPTIONS?
- javax.smartcardio case 4 APDU vanishing - 6700 response - warning
- Determine Facility Code and Card Number from ATR in C#
- Android - Usb CCID large data
- Create Sharepoint connector to apply Digital Signature using Smartcards or USB Tokens?
- Read serial from smartcard with javax.smartcardio
- How to use SCARD_CTL_CODE under linux?
- java pkcs11 slot detection issue with OpenSC if smartcard is removed and inserted again
Related Questions in AVR
- saving an array in EEPROM
- How to call multiple slaves for Spi data transmission?
- Changing just one byte in SD card sector
- is it possible compare a 16-bit value with a 8-bit compare match ISR
- UART RX Interrurpt fired too early
- Making a member function static makes the program fail to compile. Can't figure out why
- Arduino Programming Without Arduino Libraries - Atmel Studio
- SPI with Atmega32 and At42QT2100
- XMega: CDC on USB composite controller does not function properly
- How to build avr-gcc using android NDK
- PySerial dataSend doesn't receive data
- Efficient bit checking in embedded C Program
- Issue sending c char* over USART
- What is the efficient way of parsing string on embedded system?
- Controlling 3 stepper to move on xyz direction
Related Questions in PKCS#11
- PartialChain error in X509Chain when building certificate chain?
- Why are there no extensions in the CertificateExtensions property of CertificateRequest?
- Compute sign using secure token hit Unknown error -1073741275 using sha256 algo
- Go TLS x509: no DEK-Info header in block even if using pkcs8
- What is the accepted way to transfer public-private keypairs over intranet?
- Problem with cURL in PKCS11 with USB TOKEN
- C# Decrypt AES CBC pkcs1 padding, there is System.Security.Cryptography.PaddingMode.PKCS7 but does not have PKCS1
- How can i get public key in DER format from base64 encoded public key?
- Decryption error while Decrypt the symmetric key
- Meaning of algorithm properties in a certificate
- Azure Function Could not load file or assembly 'System.Security.Cryptography.Pkcs'
- convert pkcs1 signature to pkcs7 signature using nodejs
- OpenSSL.crypto.Error when trying to load certificate from Azure Key Vault
- problem in importing private key to the token
- How to check pkcs format of a private key using golang code?
Related Questions in AVR-STUDIO5
- Atxmega128a4 supported for assembler only - AVRSudio 5.1
- #define PORTX.x in Avr Studio 5 (ATmega16)
- Setting up AVR Studio with Arduino
- Build AVR Studio 4 project in AVR Studio 5
- user sign in on token
- Using autocomplete feature in AVR Studio for coding C with avr-gcc
- Receive a String
- Interrupt to Send and Receive String
- how to read atmega 32 signature row?
- Implicit declaration of function when using set_usart_base((void *)) EVK1105 dev. board. Atmel
- Why should I calibrate the oscillator in AVR programming
- AVR Studio build error 255
- How to add header files in Atmel Studio 6
- ATMEL, BOOTRST and Flip 3.4.7, application does not start at boot
- ATMega wrong function argument
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?