Discussion:
PKI token in RHEL environment
hyndavirapuru
2018-11-13 10:10:59 UTC
Permalink
HI,

We are developing our own PKI token. In order to make our token to work
with any windows based applications(like word, excel etc.)
CSP(Cryptograhic service provider) approach is followed. Approach is as
follows,

A. Our Token Monitoring tool will run continuously to check whether
token has been connected or not
B. Once token is connected, fetch the certificate and place it in a
certificate store temporarily
C. When we do sign or encrypt operation, word application will fetch and
show all the certificates from
certificate store
D. User has to select one certificate from the listed certificates to
perform the sign or encrypt operation
E. Certificate will have CSP information
F. Sign or encrypt operation will happen according to the logic written
in CSP implementation
G. certificate will be removed from certificate store after token has
been disconnected.

With CSP approach we are able to perform Sign And encryption operations
on word documents with our PKI token.
As a next step, we would like to integrate our token with 3rd party
applications on linux (RHEL 7.3) environment.
For that PKCS11 standard need to be implemented. We have done PKCS11
implementation and created PKCS11.so file.
With our Token Monitoring tool we are able to identify token has been
connected or not. But for the following
queries we are not able to find the solution

A. How 3rd application will list down all the certificates available to
do sign operation? Is there any
certificate store concept in linux like in windows?
B.We are having PKCS11 so file which will be in lib folder of OS. How to
bind token with PKCS11 so file
C. overall how to bind PKI token with 3rd party application in RHEL
environment.

Any help is greatly appreciated.
--
Hyndavi
--
redhat-list mailing list
unsubscribe mailto:redhat-list-***@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
Loading...