Re: Smart cards and SSL

I wrote about IO::Socket::SSL not too long ago. See Cert and Key Question. It has some links to the info that you need.

Update: For Smart cards, you'll want to check out opensc-project.org and OpenSC Manual

Comment on Re: Smart cards and SSL

Replies are listed 'Best First'.
Re^2: Smart cards and SSL by nettle (Initiate) on May 15, 2007 at 11:35 UTC
Thank you for your answer. I think I should clarify a bit. I don't have any problem using IO::Socket::SSL with ordinary certificates(meaning, that I have the public and private keys as files). My problem is how to use SSL with smart cards. One cannot extract the private key from a smart card because of security reasons(at least this is the case with the smart card I use). With OpenSC or CAPICOM I can encrypt data with the private key - meaning, that I call the specific function and it returns the encrypted data, but I never have direct access to the private key. So, my question is this: How do I make IO::Socket:SSL call other functions for encrypting data with private key, instead of giving it the private key. Maybe I should use other perl library, but I have no idea which.	[reply]

Replies are listed 'Best First'.

Re^2: Smart cards and SSL
by nettle (Initiate) on May 15, 2007 at 11:35 UTC

I think I should clarify a bit. I don't have any problem using IO::Socket::SSL with ordinary certificates(meaning, that I have the public and private keys as files).

My problem is how to use SSL with smart cards. One cannot extract the private key from a smart card because of security reasons(at least this is the case with the smart card I use).

With OpenSC or CAPICOM I can encrypt data with the private key - meaning, that I call the specific function and it returns the encrypted data, but I never have direct access to the private key.

So, my question is this: How do I make IO::Socket:SSL call other functions for encrypting data with private key, instead of giving it the private key. Maybe I should use other perl library, but I have no idea which.

[reply]