Smartcard device support?
Dirk-Willem van Gulik
dirkx at webweaving.org
Fri Sep 24 08:50:37 PDT 2004
On Tue, 12 Mar 2002, Louis A. Mamakos wrote:
> You should take a look at the Dallas Semiconductor Java iButton,
> which is a small Java smartcard like device in a package about the
> size of a button-battery. There's also an inexpensive reader
> dongle you can attach to a serial port to talk with it.
>
> The Java iButton can do RSA public key processing; in fact, with
> a suitably written application (in Java, of course), you can have
> the device generate a public/private keypair, hand you back the
> public key, and never expose the private key inside the tamper
> resistant device. Very cool.
And extremely easy to write/handle. I used it to do the above; have it
signed by a CA - and then use the iButton to sign 5 day cert's which go
down into a web server. They are not that fast though - i.e. do not expect
those nice <1msec touch-and-go you see with the nedap devices. You have to
conciously press them against the blue connector for a noticable period of
time. I.e. there is a 'rest' moment.
> See http://www.ibutton.com/ for information. See also
> /usr/ports/comms/mlan3 for some low-level code used to talk
> to these types of "one-wire" devices.
I found them working just fine. However - the IDE requirers java comm
support - which I could not get to work on FreeBSD (a year ago). So I had
to do the initial part of the development on Sun Solaris box (PC is fine
too).
But once you are set up it is 100% java and platform agnostics; and
especially if during development you allow the iButton to DHCP network
itself in - using one of the adaptor cards and the java SIM - you can use
(t)ftp to do all your develpment just fine from any unix. And may only
need ot do something special when you are rolling out the ibottons on a
PC.
DW.
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
More information about the freebsd-small
mailing list