Date: Sun, 12 Dec 1999 14:46:51 -0500 (EST) From: Brahm Windeler X-Sender: rahm@stargate.gpcc.itd.umich.edu To: Naomaru Itoi cc: smartcards@umich.edu Subject: Re: smartcard project ideas In-Reply-To: <199912110714.CAA23198@soso.eecs.umich.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Sat, 11 Dec 1999, Naomaru Itoi wrote: > Evan and I were talking about some smartcard project ideas so that we > can pile up sample projects for EECS 598. Please add any ideas of > yours. haven't really thought this through (maybe just a brainfart), but perhaps developing a cryptoki (pkcs11) library/interface on top of iso7816 would be worth while. i'm working on developing a java jca provider at work that uses the cryptoki lib for the rainbow cryptoswift pci card. it would be cool if the provider could use the cryptoswift and a smartcard interchangibly. another idea would be to develop a generic java jca provider directly for iso7816 which could be tailored (perhaps with a config file) for different smart cards. -brahm Date: Sun, 12 Dec 1999 19:09:46 -0500 (EST) From: Brahm Windeler X-Sender: rahm@galaga.gpcc.itd.umich.edu To: Naomaru Itoi cc: smartcards@umich.edu Subject: Re: smartcard project ideas In-Reply-To: <199912122155.QAA20467@soso.eecs.umich.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII if you are developing a java app that uses the jca, you can specify a provider as a method parameter: Signature dsa = Signature.getInstance("SHA/DSA", "MyProvider"); or, if you don't want to specify a provider, you can set the system-wide preferences for your java runtime environment (jre) in the /jdk1.2/lib/security/java.security config file: security.provider.1=citi.security.provider.iso7816 security.provider.2=sun.security.provider.Sun in this case, whenever a jca service is necessary, it first checks to see if it is implemented by the iso7816 provider. if not, it then checks the sun provider (and so on) until it finds an implementation (or throws an exception). you can read more about it at: http://java.sun.com/products//jdk/1.1/docs/guide/security/CryptoSpec.html http://java.sun.com/products//jdk/1.2/docs/guide/security/HowToImplAProvider.html http://java.sun.com/products/jce/ i doubt if the netscape browser or mailer take advantage of it since i don't believe they are written in java. perhaps hotjava... -brahm On Sun, 12 Dec 1999, Naomaru Itoi wrote: > I suppose JCA is an API for cryptographic operations for Java, right? > > http://developer.java.sun.com/developer/technicalArticles/Security/Crypto/index.html > > How is JCA used? Are there applications written on top of it? E.g., > does Netscape browser or Netscape mailer take advantage of it? > > If so, I think implementing it for smartcard is cool ... > > > On Sat, 11 Dec 1999, Naomaru Itoi wrote: > > > > > Evan and I were talking about some smartcard project ideas so that we > > > can pile up sample projects for EECS 598. Please add any ideas of > > > yours. > > > > haven't really thought this through (maybe just a brainfart), but perhaps > > developing a cryptoki (pkcs11) library/interface on top of iso7816 would > > be worth while. i'm working on developing a java jca provider at work > > that uses the cryptoki lib for the rainbow cryptoswift pci card. it would > > be cool if the provider could use the cryptoswift and a smartcard > > interchangibly. > > > > another idea would be to develop a generic java jca provider directly for > > iso7816 which could be tailored (perhaps with a config file) for different > > smart cards. > > > > -brahm > > >