cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: SSLv3 mutual authentication using libcurl and smart card

From: Tiago dos Santos Gomes <tiago.gomes_at_telematica.com.br>
Date: Tue, 27 Sep 2016 17:11:08 +0000

Sorry David for drop you from Cc. I had a problem in the browser when trying to reply to the message.

> Take your APDU IOCTL code that you already have in your application,
> and put it into a trivial PKCS#11 module. It only needs to claim to
> have a *single* key in it, if that's all you have.

> The key in that PKCS#11 module can then be used from any well-behaved
> application by its PKCS#11 URI, fairly much as I described before.

> Right now, I don't think curl is well-behaved in that sense — I think
> you need to play silly buggers with CURLOPT_SSLENGINE and other
> OpenSSL-specific horridness that you really shouldn't have to do; you
> should only need to provide a RFC7512 PKCS#11 URI as CURLOPT_SSLCERT
> and regardless of which crypto library you use, it should work the
> same.

So how do I insert my access functions to the smartcard into a pkcs module 11?
Should I create a library? Some document or example to guide me?
It is my first project using this standard.

Best Regards,
Tiago Gomes
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-09-27