support for non-openpgp cards
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Nov 19 09:27:04 CET 2004
Zeljko Vrba <zvrba at globalnet.hr> writes:
>I believe that any PKCS#11 implementation for that card should work in
>theory.
>
>Unfortunately, I have seen few PKCS#11 implementations (even commercial) that
>correctly implement PKCS#11 spec in all relevant aspects. So that supporting
>different PKCS#11 _implementation_ (even for the same card) could result in
>big code changes..
>
>So, what _in theory_ should be ONE source, _in practice_ that source gets
>many #ifdefs for various PKCS#11 implementations.. :(
I've spent a *lot* of time tuning the PKCS #11 code in cryptlib
(http://www.cs.auckland.ac.nz/~pgut001/cryptlib/index.html) for a large number
of (often quite buggy) PKCS #11 drivers. It's available under a GPL-
compatible licence, so you could always just use that, it'll work with pretty
much any PKCS #11 device except one or two extremely broken ones.
Peter.
More information about the Gnupg-users
mailing list