ssh-agent add PKCS#11 support

--===============1691531773==
Content-Type: text/plain; charset=ISO-8859-8-I; format=flowed
Content-Transfer-Encoding: 7bit

Hello,

PKCS#11 is a standard API interface that can be used in
order to access cryptographic tokens. You can find the
specification at
http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most
smartcard and other cryptographic device vendors support
PKCS#11, opensc also provides PKCS#11 interface.

I can easily make the scard.c, scard-opensc.c and
ssh-agent.c support PKCS#11.

PKCS#11 is much more portable, standard, used standard than
the current opensc implementation.

I just written the PKCS#11 support for the openvpn project,
and I think openssh can also benefit from the same
implementation.

Are you interested in merging PKCS#11 support? I don't won't
to create a separate branch. After implementing the PKCS#11
support you can drop the opensc code, users can use the
opensc PKCS#11 provider in order to access their keys.

Does the current implementation of ssh-agent is the final
one? I am asking this before I implement code that may be
dramatically changed (For example, support X509 and PKIX).

Best Regards,
Alon Bar-Lev.


--===============1691531773==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev

--===============1691531773==--