CAC/Smarcard application Update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I just wanted to send out a quick thanks to all those who steered me in the right direction with my application. I've finally successfully been able to generate a symmetric key, encrypted (wrap) it with a public key from my CAC card, save it, log into my card, and unwrap it. NSS was definitely a lot easier than doing low level card apdu calls. I hope to put together a simple howto for CAC and NSS as soon as I finish my project.

Stephen

Robert Relyea wrote:
Timothy J. Miller wrote:
Since you're using the CAC you need to stick with a FIPS validated crypto library--either the FIPS version of OpenSSL (if you can find someone who has it) or the FIPS version NSS (3.6, IIRC) if you're working on UNIX.
The most recent versions are NSS 3.11.4,5 or any NSS with 3.11.4 softoken (RHEL5 and Fedora 7,8 ship with later versions of NSS but 3.11.4 softoken). see http://wiki.mozilla.org/FIPS_Validation

Earlier validated versions were:
NSS 3.2.2:
  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#248
  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#247

Netscape Security Module 1.01 (no longer available)
  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#47
  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#45

Netscape Security Module 1 (no longer available)
  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#7

bob



_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux