6 messages in org.freebsd.freebsd-smallRe: Smartcard device support? | From | Sent On | Attachments |
|---|---|---|
| Gunther Schadow | Mar 12, 2002 2:32 pm | |
| Louis A. Mamakos | Mar 12, 2002 6:45 pm | |
| Bruce M Simpson | Mar 13, 2002 1:33 am | |
| Dirk-Willem van Gulik | Mar 13, 2002 3:55 am | |
| David Finkelstein | Mar 14, 2002 8:16 am | |
| Dag-Erling Smorgrav | Mar 18, 2002 7:26 pm |
| Subject: | Re: Smartcard device support? | |
|---|---|---|
| From: | Dirk-Willem van Gulik (dir...@webweaving.org) | |
| Date: | Mar 13, 2002 3:55:39 am | |
| List: | org.freebsd.freebsd-small | |
On Tue, 12 Mar 2002, Louis A. Mamakos wrote:
You should take a look at the Dallas Semiconductor Java iButton, which is a small Java smartcard like device in a package about the size of a button-battery. There's also an inexpensive reader dongle you can attach to a serial port to talk with it.
The Java iButton can do RSA public key processing; in fact, with a suitably written application (in Java, of course), you can have the device generate a public/private keypair, hand you back the public key, and never expose the private key inside the tamper resistant device. Very cool.
And extremely easy to write/handle. I used it to do the above; have it signed by a CA - and then use the iButton to sign 5 day cert's which go down into a web server. They are not that fast though - i.e. do not expect those nice <1msec touch-and-go you see with the nedap devices. You have to conciously press them against the blue connector for a noticable period of time. I.e. there is a 'rest' moment.
See http://www.ibutton.com/ for information. See also /usr/ports/comms/mlan3 for some low-level code used to talk to these types of "one-wire" devices.
I found them working just fine. However - the IDE requirers java comm support - which I could not get to work on FreeBSD (a year ago). So I had to do the initial part of the development on Sun Solaris box (PC is fine too).
But once you are set up it is 100% java and platform agnostics; and especially if during development you allow the iButton to DHCP network itself in - using one of the adaptor cards and the java SIM - you can use (t)ftp to do all your develpment just fine from any unix. And may only need ot do something special when you are rolling out the ibottons on a PC.
DW.
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-small" in the body of the message