EldoS | Feel safer!

Software components for data protection, secure storage and transfer

PKCS#11/PKCS#12 support in MacOsx/LINUX

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#19685
Posted: 04/06/2012 05:48:28
by Georg Schmidt (Standard support level)
Joined: 04/03/2012
Posts: 2

Hello Eldos,

In the last few years we have developed our own PKCS#11 library supporting a wide range of European Smart Cards and it's already in use in Windows, Linux, FreeBSD and Mac OS x operating systems!

Fore some weeks ago, we have'e also managed to port our PKCS#11 module in Android and iOS! For now we have at least one Smart Card Reader developed for iPhone, which we've successfully managed to use it with our PKCS#11!

Lately we bought your SecureBlack Box components! Using your components, we wrote a very simple Firemonky Application to communicate with a HTTPS Server with two-way (Client Certificate) authentication with our PKCS#11 library in windows. It worked great without any difficulties!

We've then tried to compile the code for Mac OS x and had to find out, that the PKCS#11 is not supported in any other Operating System? In SecBbox.inc check {$define SB_NO_PKCS11}.

Now we would like to ask you what is the reason of not supporting PKCS#11 in Mac OSx or even in the other OSs by default? Is there any chance to add support for iOS/Mac Os x and also Android and linux in the upcoming versions?

We've tried to add some work around in the core source code and manged to compile our sample code for Mac Os x! During the debugging found out that it had some problems of calling C_Initialize() call, but at least it manages to call the C_GetFunctionList successfully ;-)

We've also tried with PKCS#12 support in our sample code which also worked great in windows, but the same code using the same *.p12 Certificate will not work in Mac Os x (Lion)?

Cheers
#19686
Posted: 04/06/2012 06:03:58
by Eugene Mayevski (EldoS Corp.)

PKCS#11 on other platforms didn't have any demand so we didn't invest time into it. We'll make it for SecureBlackbox 10.

Quote
Georg Schmidt wrote:
We've also tried with PKCS#12 support in our sample code which also worked great in windows, but the same code using the same *.p12 Certificate will not work in Mac Os x (Lion)?


Please provide more meaningful details about the problem. "will not work" is not something we can help you with.


Sincerely yours
Eugene Mayevski
#19687
Posted: 04/06/2012 06:07:15
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Quote

PKCS#11 on other platforms didn't have any demand so we didn't invest time into it. We'll make it for SecureBlackbox 10.


Nice, i'm looking for this too :)

Georg, maybe your issue with PKCS#12 is just because you haven't included SBUnicode in your uses clause? because they work fine for me in linux,macos,ios,windows
#19689
Posted: 04/06/2012 07:04:22
by Eugene Mayevski (EldoS Corp.)

BTW enabling PKCS#11 for linux didn't require a single change (besides changing SecBbox.inc) and on MacOS X there was a need to make minor change in one method. That's all, you have PKCS#11 in VCL edition then. Of course, there might be glitches caused by code generator or by the target OS, but at least not in SBB code.


Sincerely yours
Eugene Mayevski
#19751
Posted: 04/11/2012 09:02:25
by Georg Schmidt (Standard support level)
Joined: 04/03/2012
Posts: 2

Thank you very much for your support!

Just to inform you, we managed to run our sample code using both PKCS#12 and PKCS#11 two-way Client Certificate Authentication in both Windows and Mac OSx (Lion) successfully!

@Santiago Castaño: I guess by adding SBUnicode to our uses clause did solve our problem with the PKCS#12 issue! Thank you very much!

so, next step is to try to run our sample in iOS! ;-)

Cheers!
#19752
Posted: 04/11/2012 09:08:11
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

No problem :), Nice to know PKCS#11 works now, i'll take a look when i've got time to include support also in our Apple products.

On iOS you will have no problem also hehe, i can warranty it works (well, i've not tested PKCS#11, but PKCS#12 works)
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 2515 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!