Hi all!
OpenSC compiles right out of the box with the nacl_sdk. The commands I
used are the following:
env PATH=$NACL_SDK/pepper_45/toolchain/linux_x86_glibc/bin:$PATH ./configure CXXFLAGS=--sysroot=$NACL_SDK/pepper_45/toolchain/linux_x86_glibc/x86_64-nacl/ --host=x86_64-nacl --target=x86_64-nacl --with-pcsc-provider=x86_64-nacl_libpcsclite.so
env PATH=$NACL_SDK/pepper_45/toolchain/linux_x86_glibc/bin:$PATH make -j4 V=1 install DESTDIR=`pwd`/x86_64-nacl
Some things to note:
- $NACL_SDK points to the directory with the nacl sdk, obviously
- The configure script recognizes the system's PCSC-Lite headers, which
don't play a role during the actual compilation process.
- x86_64-nacl_libpcsclite.so is the cross compiled PCSC-Lite library
that is dlopen'ed at runtime by OpenSC
- I compiled without zlib and OpenSSL, but that should be possible,
because both libraries have been ported to nacl, see
https://code.google.com/p/naclports/wiki/PortList
- I used nacl in favour of pnacl so that I did not have to change the
calls to dlopen (dlopen is not possible with pnacl). Statically
linking against PCSC-Lite (read: pnacl compatibility) is easily
possible, but I currently don't have the cross compiled binaries of
PCSC-Lite available.
- I disabled creation of shared PKCS#11 libraries (see
https://github.com/frankmorgner/OpenSC/commit/54f28db695eb38765cf6550c7e976360ea2ed481),
because libtool thinks that we can't create shared libraries on
x86_64-nacl. This can, however, easily be done by hand with
x86_64-nacl-gcc (I avoided patching libtool...)
I have not tested any of the resulting binaries. This should be done
with a generic PKCS#11 wrapper feeding the certificateProvider API. I
guess this is already available at Google since gemalto tokens have been
reported to be working.
Currently, I'm not expecting someone to write the missing boiler plate
for an OpenSC extension. @David will it be possible to integrate OpenSC
into your PKCS#11 wrapper extension?
Greets, Frank.
Am Montag, dem 19. Oktober, um 14:11 Uhr schrieb Douglas E Engert:
> Any interest in writing an OpenSC version of this for Chrome OS?
> OpenSC supports a "a myriad others". (Sounds like another minidriver or tokend module.
>
>
>
> -------- Forwarded Message --------
> Subject: Re: Issue 220971 in chromium: Req - smartcard support for federal CAC and PIV cards, bank cards
> Date: Mon, 19 Oct 2015 18:45:25 +0000
> From: chr...@go...
> To: dee...@gm...
>
>
> Comment #122 on issue 220971 by ds...@go...: Req - smartcard support
> for federal CAC and PIV cards, bank cards
> https://code.google.com/p/chromium/issues/detail?id=220971
>
> The API to provide system support is already available
> <https://developer.chrome.com/extensions/certificateProvider> as of Chrome
> 46.
>
> Middleware providers will have to code against this. We have a working
> version for Gemalto cards. Working on getting PIV and CAC support (and
> hopefully a myriad others) at the moment.
>
> --
> You received this message because you starred the issue.
> You may adjust your notification preferences at:
> https://code.google.com/hosting/settings
>
> Reply to this email to add a comment.
>
>
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Opensc-devel mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>
--
Frank Morgner
Virtual Smart Card Architecture http://vsmartcard.sourceforge.net
OpenPACE http://openpace.sourceforge.net
IFD Handler for libnfc Devices http://sourceforge.net/projects/ifdnfc
|
