DoD CAC Middleware Requirements - IDManagement.gov

More documents

Recommendations

Info

Appendix C- PKCS 11 Functions The P11 module should be compatible with at least Version 2.11 of the cryptoki header files available at: http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html. Note: <strong>DoD</strong> understands during the development of this document, a newer version was released, but version 2.11 is still widely used so is a minimum requirement. The PKCS#11 registry setting shall identify the vendor and the fully qualified path of the DLL that supports the PKCS#11 interface. Key [HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\PKCS#11\ Key Values Type Setting Default Setting “PKCS#11DLL” String N/A “Vendor” String N/A Setting Description Fully qualified path to the PKCS11 DLL Vendor’s full name. Example [HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\PKCS#11\Vendor1] ”PKCS#11DLL”=”c:\windows\system32\pkcs11.dll” “Vendor”=”<strong>Middleware</strong> Vendor 1” Figure 9 PKCS#11 Test Inputs CK_ATTRIBUTE one[7], two[7], three[7]; two[3].type = CKA_MODIFIABLE; CK_OBJECT_CLASS cko_data = CKO_DATA; two[3].pValue = &__true; CK_BBOOL __false = CK_FALSE, __true = two[3].ulValueLen = CK_TRUE; sizeof(CK_BBOOL); char *key = "TEST PROGRAM"; two[4].type = CKA_LABEL; CK_ULONG key_len = strlen(key); two[4].pValue = "Test data object two"; one[0].type = CKA_CLASS; two[4].ulValueLen = strlen((const char*)two[4].pValue); one[0].pValue = &cko_data; two[5].type = CKA_APPLICATION; one[0].ulValueLen = sizeof(CK_OBJECT_CLASS); two[5].pValue = key; UNCLASSIFIED 30
one[1].type = CKA_TOKEN; two[5].ulValueLen = key_len; one[1].pValue = &__false; two[6].type = CKA_VALUE; one[1].ulValueLen = sizeof(CK_BBOOL); two[6].pValue = "Object two"; one[2].type = CKA_PRIVATE; two[6].ulValueLen = strlen((const char*)two[6].pValue); one[2].pValue = &__false; three[0].type = CKA_CLASS; one[2].ulValueLen = sizeof(CK_BBOOL); three[0].pValue = &cko_data; one[3].type = CKA_MODIFIABLE; three[0].ulValueLen = sizeof(CK_OBJECT_CLASS); one[3].pValue = &__true; three[1].type = CKA_TOKEN; one[3].ulValueLen = sizeof(CK_BBOOL); three[1].pValue = &__false; one[4].type = CKA_LABEL; three[1].ulValueLen = sizeof(CK_BBOOL); one[4].pValue = "Test data object one"; three[2].type = CKA_PRIVATE; one[4].ulValueLen = strlen((const three[2].pValue = &__false; char*)one[4].pValue); one[5].type = CKA_APPLICATION; three[2].ulValueLen = sizeof(CK_BBOOL); one[5].pValue = key; three[3].type = CKA_MODIFIABLE; one[5].ulValueLen = key_len; three[3].pValue = &__true; one[6].type = CKA_VALUE; three[3].ulValueLen = sizeof(CK_BBOOL); one[6].pValue = "Object one"; three[4].type = CKA_LABEL; one[6].ulValueLen = strlen((const three[4].pValue = "Test data object three"; char*)one[6].pValue); two[0].type = CKA_CLASS; three[4].ulValueLen = strlen((const char*)three[4].pValue); two[0].pValue = &cko_data; three[5].type = CKA_APPLICATION; two[0].ulValueLen = three[5].pValue = key; sizeof(CK_OBJECT_CLASS); two[1].type = CKA_TOKEN; three[5].ulValueLen = key_len; two[1].pValue = &__false; three[6].type = CKA_VALUE; two[1].ulValueLen = sizeof(CK_BBOOL); three[6].pValue = "Object three"; two[2].type = CKA_PRIVATE; three[6].ulValueLen = strlen((const char*)three[6].pValue); two[2].pValue = &__false; C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)NULL, (CK_NOTIFY)NULL, &h); two[2].ulValueLen = sizeof(CK_BBOOL); Figure 10 UNCLASSIFIED 31
Page 1 and 2: DoD CAC Middleware Requirements Rel
Page 3 and 4: 4.2.1 Middleware shall support all
Page 5 and 6: Appendix E- BSI Header Files ......
Page 7 and 8: 1.6 Assumptions and Constraints Eac
Page 9 and 10: 2 Middleware Background 2.1 Middlew
Page 11 and 12: 4 Core DoD Requirements 4.1 Support
Page 13 and 14: 4.4.2.4 Middleware shall be able to
Page 15 and 16: standards as a common authenticatio
Page 17 and 18: 4.11.1.5 Middleware shall provide a
Page 19 and 20: 4.13.2.6 For supported third-party
Page 21 and 22: 5 Optional 5.1 General 5.1.1 Middle
Page 23 and 24: 5.5.3.2 Middleware vendors are enco
Page 25 and 26: Appendix A Middleware Configurable
Page 27 and 28: [HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cr
Page 29: Appendix B- CSP Functions All CSPs
Page 33 and 34: Appendix E- BSI Header Files The la
Page 35 and 36: • International Organization for

DoD CAC Middleware Requirements - IDManagement.gov

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?