blob: 0610dd2b2f735099c7482edd28e42e723bbd6a2b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
Title: Importing certificates and keys
Date: 2011-10-05
Tags: technical, security, gnome
Slug: importing-certificates-and-keys
I've been working on an importer for keys and certificates that can work
with PKCS#11 key storage, such as smart cards, NSS or gnome-keyring.
Here's a demo of it in action. If you want to try this out yourself,
you'll need:
- latest gcr library from [gnome-keyring git master][]
- [p11-kit 0.7][] or later
- [OpenSC configured][] to show up in p11-kit
- [NSS configured][] to show up in p11-kit
- an [OpenSC patch][] for mlock issue
- an Entersafe based smart card, like the [Feitan 310 or 301][].
- the smart card [needs to be initialized][]
It's possible that this works with other smart cards too, but I haven't
tested it. By the way, if you want to help work on smart cards support,
[Gooze gives away free smart cards][] for open source developers working
on this stuff.
On to the demo...
<iframe allowfullscreen="" src="http://player.vimeo.com/video/30069077?title=0&byline=0&portrait=0" webkitallowfullscreen="" frameborder="0" height="477" width="720"></iframe>
[View the Importer demo][] from [Stef Walter][] on [Vimeo][].
The importer and all the widgets are available for use by other apps in
the gcr library. So Seahorse has the same interface:
As you might note, I've been reworking the Seahorse user interface, more
about that coming soon...
[gnome-keyring git master]: http://git.gnome.org/browse/gnome-keyring/
[p11-kit 0.7]: http://p11-glue.freedesktop.org/releases/
[OpenSC configured]: http://www.opensc-project.org/opensc/ticket/390
[NSS configured]: https://live.gnome.org/CryptoGlue/Integration#NSS_libsoftokn3
[OpenSC patch]: http://www.opensc-project.org/opensc/ticket/389
[Feitan 310 or 301]: http://www.gooze.eu/
[needs to be initialized]: http://www.gooze.eu/howto/smartcard-quickstarter-guide/smart-card-initialization
[Gooze gives away free smart cards]: http://www.gooze.eu/feitian-pki-free-software-developer-card
[View the Importer demo]: http://www.blogger.com/30069077
[Stef Walter]: http://www.blogger.com/user6330669
[Vimeo]: http://www.blogger.com/
|
