Studierende: |
Jan Keller, kellejan |
|
Carla Schaffner, schafcar |
Betreuer: |
Andreas Steffen, sna |
This diploma paper deals with the widespread RSA Public Key Algorithm and its functions sign and encrypt in conjunction with keys stored on a smart card.
Because of the fact that a private key - once stored on a smart card - can never be retrieved or even read, smart cards are a very secure place to save secret objects.
The essential part of this diploma thesis was to develop a Cryptographic Service Provider (CSP) for Java based on the Linux operating system. This provider offers functions to sign data whereby the authenticity of the sender and the integrity of the data are guaranteed.
Due to the fact that the used PKCS#11 API provided by the OpenSC workgroup is written in C, it was not possible to develop the provider in pure Java. Therefore Sun's JNI (Java Native Interface) was used to link the pieces of C code with Java. To ensure that the provider can be properly used by any application it is built according to the Java Cryptography Architecture / Extension (JCA / JCE). These interfaces describe the structure of the provider and designate how the functions have to be called.
The actual version 1.0 of the KelschaJLin provider supports two features:
-
Generation of a MD5 or SHA-1 hash that gets signed on the smart card.
-
Retrieval of the certificates stored on the smart card
Equipped with an OpenSC library released after October 1 2003, it should be possible - according to the developers - to supply the provider KelschaJLin with an decryption function.
|