Re: Smart Cards and Keygen

Wed, 27 Jan 2010 06:25:34 -0800 

Hi Sudha,
Yes, you can check for existence of smart card by using the nsIPK11Token.isHardwareToken() method. (http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/nsIPK11Token.idl#88) 


You can iterate of all the tokens, and check for existence of hard token 
a follows:


function checkForHardToken()
{

netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");

    var /* nsIPK11Token */ tokenDB = null;
    tokenDB = Components.classes["@mozilla.org/security/pk11tokendb;1"]
                        .getService(Components.interfaces.nsIPK11TokenDB);

    var foundHardToken = false;
    var tokenList = tokenDB.listTokens();
    try {
        for ( ; !tokenList.isDone(); tokenList.next()) {
            var tokenItem = tokenList.currentItem();

            var /* nsIPK11Token */ token = 
tokenItem.QueryInterface(Components.interfaces.nsIPK11Token);

            // First, check for an initialized token that needs log-in
            if (token.needsLogin() || !(token.needsUserInit)) {
                // Check for it is hardware token.
                if (token.isHardwareToken()) {
                    foundHardToken = true;
                    break;
                }
            }
        }
    } catch(ex) {
    }
    return foundHardToken;
}


Given a X.509 cert, you also check if the cert is associated with a 
smart-card as follows:

function isCertInHardToken(/* nsIX509Cert*/ aX509Cert)
{

netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
    if (!aX509Cert) {
        false;
    }
    var tokenDB = Components.classes["@mozilla.org/security/pk11tokendb;1"]

.getService(Components.interfaces.nsIPK11TokenDB);

    var /* nsIPK11Token */ token = 
tokenDB.findTokenByName(aX509Cert.tokenName);

    if (!token) {
        return false;
    }
    return token.isHardwareToken();
}

Treat the above code fragments as pseudo code - I did not test them.

--
Subrata


On 01/25/2010 11:17 AM, sudha dhanwada wrote:


Hi

I am looking for some help with Javascript to communicate with smart card. I
have a PKI application through which we can request a windows logon
certificate for a smart card. I am using the keygen tag which allows us to
choose the security device I want to use(provided the security device is
loaded on Firefox).

I would like to make sure that a smart card is connected to the PC and
loaded on the browser before I invoke the keygen tag to go thro the
certificate generation process.


I know there are events for smart card insert and remove. But is there
anything in javascript that I could use to make sure that there is a smart
card connected...

Any help would be much appreciated

- sudha



--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






















					Reply via email to