Is login on the smart card implemented completely on the hardware chip Or it should be impelemented on both pkcs11 dll and smart card? and so how do they separated the chip functions for 3 type of user : user, CA, guest.
EDIT:
it helps me more, if you have a small sample code for both hardware and PKCS11 DLL as a start point
user sign in on token
414 views Asked by osyan At
1
There are 1 answers
2
Martin Paljak
On
- PKCS#11 has C_Login, which has to be implemented, obviously, for any reasonable interoperability.
- Guest only opens a session, does not call C_Login. User vs CA is not really an option in PKCS#11 terms (they are both "users" of the token), there is arbitrary "user" vs "admin" in PKCS#11 (but you don't really have to implement both, if your model does not follow the PKCS#11 model)
- The security device must implement any protective measures (the ability to "log in" or "unlock" some resources in the device being one of them) so yes, it is implemented in the chip.
- Don't know what "user" means in your context but having three types of users in a single token and one of them being called "CA" sounds like a bad idea.
- You actually answer your own question: a device is useless for an application without the middleware (PKCS#11) so both must implement "something".
Related Questions in TOKEN
- Authenticate Flask rest API
- How to solve Config validation error when tokenizer is not callable in Python?
- RequestClientCredentialsTokenAsync and ClientAssertion Encoded
- read contents from a file on git using ansible
- issue of retrieving fcm token?
- How to change the token expiry time after page refresh in angular?
- Persist Offline Tokens in separate database
- How Do I Solve This BSCScan Verification Error?
- How to secure JWT token
- GET http://localhost:5000/api/user/allusers?search=s 401 (Unauthorized)
- I am having a problem while creating a token in NodeJS. Is there any solution please?
- How to get access token correctly from SAP Successfactors api?
- Verify Token To Login In Firebase (Aauthorization)
- Inherit session token between 2 apps as long as one of them has been signed in Ember.js
- Unable to mint SPL 2022 token but able to create it using metaplex
Related Questions in SMARTCARD
- Authentication with SmartCard sending a SOAPUI request
- How can I read these P1 and P2 parameters in smartcard reference data?
- Sign a pdf document using signature from USB token in python
- Is it possible Java Card supports NIO,like event-driven, reactor
- How to encode or write information into MIFARE DESFIRe ev2 that would act as id card with microtransaction functionality
- Issue with Secure Messaging in Android HCE App - Invalid Class (SW 6E00) during AID Selection
- Secure Channel Protocol 01 and 03 in Win32API DLL
- Change key of Desfire Card application
- STORE DATA APDU for PPSE info
- How to properly parametrize a SECP256K1 curve using the SE051 IoT SDK?
- C# http request mtls external private key
- Can't install .cap file on NXP P71D321
- nfcpy reading public information from contactless credit card with APDU commands
- How To Modify PKCS11 Object Value Attribute
- Yubikey 5: is it similar enough to smart cards for testing authentication?
Related Questions in AVR
- AVR Assembly Clock Cycle
- LED matrix incorrectly displays data from structures
- 8-bit AVR: single instruction to put a value of 1, ~1(-2/0xfe) or 4 into one of the registers not eligible for immediate operands (r0...r15)?
- Ultrasonic range finder HC-SR04 using one timer
- C++ optimization comparing inline classes and functions doesn't seem good enough
- Global variable value doesn't change in ISR in C
- ATTiny1606 Timer TCA0 interrupt not triggering
- AVR-GCC (Arduino) - IEEE 754/IEC 559 compliance
- non-restoring division: how to avoid code bloat for divisor MSB set?
- Problems setting up an AVR MCU programmer in Eclipse 2024-03
- "avr/io.h" not found when compiling assembly for ATmega128
- Ugly Triple Indirection: Extensible Buffer Management Struct
- I didn't receive what I'm expecting via UART communication
- drive ws2812b using avr timer, fast pwm and interrupts
- Might there be a bug at the EEPROM write simulator in ATMEL/Microchip Studio?
Related Questions in PKCS#11
- RemoveCertificate in System.Security.Cryptography.Pkcs.SignedCms - is real (NetFramwork 4.7)?
- Compute sign using secure token hit Unknown error -1073741275 using sha256 algo
- Why are there no extensions in the CertificateExtensions property of CertificateRequest?
- PartialChain error in X509Chain when building certificate chain?
- Including other certificates when signing using SignedCms and CmsSigner on .NET C#
- Meaning of algorithm properties in a certificate
- Decryption error while Decrypt the symmetric key
- How can i get public key in DER format from base64 encoded public key?
- Failed to create SecKey using SecKeyCreateWithData using swift
- Automate parsing yubikey pin in pkcs11
- What is the safest way to recognize if a file is application/pkcs7-mime or analogous in Angular?
- OpenSSL.crypto.Error when trying to load certificate from Azure Key Vault
- convert pkcs1 signature to pkcs7 signature using nodejs
- In which version of openssl is the pkcs8 v2 option introduced?
- How to check pkcs format of a private key using golang code?
Related Questions in AVR-STUDIO5
- AVR Studio build error 255
- ATMEL, BOOTRST and Flip 3.4.7, application does not start at boot
- ATMega wrong function argument
- Atxmega128a4 supported for assembler only - AVRSudio 5.1
- Interrupt to Send and Receive String
- Receive a String
- Why should I calibrate the oscillator in AVR programming
- How to add header files in Atmel Studio 6
- user sign in on token
- how to read atmega 32 signature row?
- Setting up AVR Studio with Arduino
- Implicit declaration of function when using set_usart_base((void *)) EVK1105 dev. board. Atmel
- Cannot search for online exensions because an error occured while trying to contact the server
- Can I tell gcc/ld to exclude unused modules?
- Changing default checkbox state of a 3rd party InstallShield installer
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)