Download Here - Common Access Card (CAC)

More documents

Recommendations

Info

Appendix C- PKCS 11 Functions The P11 module should be compatible with at least Version 2.11 of the cryptoki header files available at: http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html. Note: DoD understands during the development of this document, a newer version was released, but version 2.11 is still widely used; therefore, it is a minimum requirement. The PKCS#11 registry setting shall identify the vendor and the fully qualified path of the DLL that supports the PKCS#11 interface. Key [HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\PKCS#11\ Key Values Type Setting Default Setting “PKCS#11DLL” String N/A “Vendor” String N/A Setting Description Fully qualified path to the PKCS11 DLL Vendor’s full name. Example [HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\PKCS#11\Vendor1] ”PKCS#11DLL”=”c:\windows\system32\pkcs11.dll” “Vendor”=”Middleware Vendor 1” Figure 9 PKCS#11 Test Inputs CK_ATTRIBUTE one[7], two[7], three[7]; two[3].type = CKA_MODIFIABLE; CK_OBJECT_CLASS cko_data = CKO_DATA; two[3].pValue = &__true; CK_BBOOL __false = CK_FALSE, __true two[3].ulValueLen = = CK_TRUE; sizeof(CK_BBOOL); char *key = "TEST PROGRAM"; two[4].type = CKA_LABEL; CK_ULONG key_len = strlen(key); two[4].pValue = "Test data object two"; one[0].type = CKA_CLASS; two[4].ulValueLen = strlen((const UNCLASSIFIED 48
one[0].pValue = &cko_data; char*)two[4].pValue); two[5].type = CKA_APPLICATION; one[0].ulValueLen = sizeof(CK_OBJECT_CLASS); two[5].pValue = key; one[1].type = CKA_TOKEN; two[5].ulValueLen = key_len; one[1].pValue = &__false; two[6].type = CKA_VALUE; one[1].ulValueLen = sizeof(CK_BBOOL); two[6].pValue = "Object two"; one[2].type = CKA_PRIVATE; two[6].ulValueLen = strlen((const char*)two[6].pValue); one[2].pValue = &__false; three[0].type = CKA_CLASS; one[2].ulValueLen = sizeof(CK_BBOOL); three[0].pValue = &cko_data; one[3].type = CKA_MODIFIABLE; three[0].ulValueLen = sizeof(CK_OBJECT_CLASS); one[3].pValue = &__true; three[1].type = CKA_TOKEN; one[3].ulValueLen = sizeof(CK_BBOOL); three[1].pValue = &__false; one[4].type = CKA_LABEL; three[1].ulValueLen = sizeof(CK_BBOOL); one[4].pValue = "Test data object one"; three[2].type = CKA_PRIVATE; one[4].ulValueLen = strlen((const char*)one[4].pValue); three[2].pValue = &__false; one[5].type = CKA_APPLICATION; three[2].ulValueLen = sizeof(CK_BBOOL); one[5].pValue = key; three[3].type = CKA_MODIFIABLE; one[5].ulValueLen = key_len; three[3].pValue = &__true; one[6].type = CKA_VALUE; three[3].ulValueLen = sizeof(CK_BBOOL); one[6].pValue = "Object one"; three[4].type = CKA_LABEL; one[6].ulValueLen = strlen((const three[4].pValue = "Test data object char*)one[6].pValue); three"; two[0].type = CKA_CLASS; three[4].ulValueLen = strlen((const char*)three[4].pValue); two[0].pValue = &cko_data; three[5].type = CKA_APPLICATION; two[0].ulValueLen = sizeof(CK_OBJECT_CLASS); three[5].pValue = key; two[1].type = CKA_TOKEN; three[5].ulValueLen = key_len; two[1].pValue = &__false; three[6].type = CKA_VALUE; two[1].ulValueLen = sizeof(CK_BBOOL); three[6].pValue = "Object three"; two[2].type = CKA_PRIVATE; three[6].ulValueLen = strlen((const char*)three[6].pValue); two[2].pValue = &__false; two[2].ulValueLen = sizeof(CK_BBOOL); Figure 10 C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)NULL, (CK_NOTIFY)NULL, &h); UNCLASSIFIED 49
Page 1 and 2: DoD CAC Middleware Requirements Rel
Page 3 and 4: 5.3 PIN Services ..................
Page 5 and 6: Document Revision History Date Vers
Page 7 and 8: 1.5 Document Objectives The objecti
Page 9 and 10: 2 Middleware Background 2.1 Middlew
Page 11 and 12: 3 Middleware Requirements 3.1 Requi
Page 13 and 14: 4.2.2 Middleware must be configurab
Page 15 and 16: 4.4 Common Access Card (CAC) and Al
Page 17 and 18: Operating Systems Supported by Midd
Page 19 and 20: 4.8.1.3 Only items relative to the
Page 21 and 22: 4.12.2 PIN Change 4.12.2.1 Middlewa
Page 23 and 24: 4.14 Process Descriptions 4.14.1 Mi
Page 25 and 26: 5.1.10 Middleware should monitor sm
Page 27 and 28: Section B: Requirements for CAC Mic
Page 29 and 30: 6.3.1.3 CAC Developer’s Kit versi
Page 31 and 32: 6.5.3.4 Minidriver implementation s
Page 33 and 34: 6.8.3 Client Authentication 6.8.3.1
Page 35 and 36: Section C: Requirements for CAC PKC
Page 37 and 38: 7.3.1.6 National Institute of Stand
Page 39 and 40: 7.5.5 Certificates 7.5.5.1 PKCS11 i
Page 41 and 42: 7.9.3.4 PKCS11 shall indicate to th
Page 43 and 44: Example [HKEY_LOCAL_MACHINE\SOFTWAR
Page 45 and 46: Figure 5: Web Servers, Browsers, an
Page 47: Appendix B- CSP Functions All CSPs
Page 51 and 52: Appendix E- BSI Header Files The la
Page 53 and 54: Industry References • GlobalPlatf
Page 55 and 56: Appendix G- List of CAC Platform Co
Page 57 and 58: Attributes Current Platforms Card M

Download Here - Common Access Card (CAC)

Create successful ePaper yourself

Delete template?

Save as template?