How to check that smart card is working on linux?
It is important to understand that PKCS#11 standard just defines the C language API to access smartcards and other types of cryptographic hardware (or even software). It is usually hardware vendor who provides software library (.dll for windows, .so for unix etc.) that implements PKCS#11 API and is able to access the hardware (smartcard in your case). Your application usually loads PKCS#11 library and uses PKCS#11 API functions it provides.
In most cases it is the best to use PKCS#11 library provided by your smartcard vendor but there are also many independent software vendors such as A.E.T. or Aloaha who provide smartcard middleware (software package that usually contains PKCS#11 library) that can access a bunch of widely used smartcards. You can also take a look at OpenSC project which provides an open source PKCS#11 library that supports many popular smartcards and USB tokens.
Now let's get back to your questions:
Do I have a PKCS-11 supported smartcard?
You have to check whether there exists a library (open source or commercial) that implements PKCS#11 API and supports your smartcard. If you can find such a library then the answer is yes.
How can I check it on Ubuntu?
If you already have PKCS#11 library then you can install "opensc" package which provides command line application called "pkcs11-tool". You can use following command to list readers and cards accessible via your PKCS#11 library:
pkcs11-tool --module your_pkcs11_library.so --list-slots
If you want to use PKCS#11 library provided by OpenSC project then just replace "your_pkcs11_library.so" with "opensc-pkcs11.so".
What software I can use?
PKCS#11 is widely supported standard so this question is hard to answer. I guess you would like to use open source applications with your smartcard because you have mentioned Ubuntu so here is the short list of well known applications that support PKCS#11:
- Mozilla Firefox - supports digital signature and client authentication
- Mozilla Thunderbird - supports digital signing of e-mails
- LibreOffice - supports digital signing of documents
- TrueCrypt - supports disk encryption
- OpenVPN - supports client authentication
- OpenSSH - supports client authentication
How to detect smartcard insertion or removal event in linux
You have two options:
- If you go for "low level" (which you apparently want to do) is to use PC/SC level (pcsc-lite) and the SCardGetStatusChange function (or the equivalent in Java, what is javax.smartcardio.CardTerminal.waitForCardPresent())
- If you're working with higher level abstractions and go for PKCS#11 (and if your PKCS#11 provider implements it correctly), C_WaitForSlotEvent can be used.
Accessing javax.smartcardio from Linux 64 bits
I think I found a workaround for this as I just had a similar problem. In a bugreport from ubuntu it says that the javax.smartcardio library searches for the PC/SC library in the wrong directory.
By specifying the path to the PC/SC library on my machine, like the bugreport mentions, I got it working.
The paths in the bugreport are wrong for me, I'm on 64 bit fedora, where the pc/sc library are installed at /usr/lib64/libpcsclite.so.1
So the workaround for me is to specify the library path to java like this:
java -Dsun.security.smartcardio.library=/usr/lib64/libpcsclite.so.1
Depending on your Linux distribution, the location of libpcsclite.so.1
actually might differ, it could also be at /lib/x86_64-linux-gnu/libpcsclite.so.1
(i.e. Kubuntu 15.04).
In that case, call it like this:
java -Dsun.security.smartcardio.library=/lib/x86_64-linux-gnu/libpcsclite.so.1
Related Topics
Pipe Sox Play Command to Stdout
How to Get Notified of Modification in The Memory in Linux
Conversion from Ebcdic to Utf8 in Linux
Path Environment Variable in Linux
When Is The System Call Set_Tid_Address Used
Getting Root Privileges in Ansible
Init Script '/Dev/Tty: No Such Device or Address' Error on Redirect
Cannot Push to My Github Private Repository
How to Change The Desktop Wallpaper on Linux from Within a Shell/Bash Script
Azure Cli Aks Install Cli Permission Denied and Sudo Does Not Work
How to Install Pysqlite for Python3.4.2
How to Join Multiple Txt Files into Based on Column
Write Script to Create Multiple Users with Pre-Defined Passwords
Howto Use Sed to Remove Only Triple Empty Lines