Many articles have been written about API standards between tokens and software. However, the standardization of the data storage format on the tokens themselves, as a rule, is unfairly bypassed. This article briefly describes one of the Public Key Cryptography standard (PKCS # 15) token format standards published by RSA Laboratories.
Cryptographic token and why standardize its storage format
- , , (, -). . , , , ..
, , , .
โ , , , , , , , ..
: , API ? , API . , , . , API, .
PKCS#15?
PKCS#15 โ , . (, , ) .
PKCS#15:
,
, ,
, -, , .
, PKCS#15 API PKCS#11, .
PKCS#15
: , , (, ). . , , , , .
, .. , . -, (, ..) ( ). . . .
:
, , , .
:
:
EF โ (elementary file),
DF โ (dedicated file). . , .
EF(DIR) โ , , .
DF(PKCS#15) โ . , , , :
Object Directory File (ODF) โ , DF(PKCS#15) .
Public/Private/Secret Key Directory Files (Pu/Pr/S KDFs) - , , PKCS#15, . .
Certificate Directory Files (CDFs) โ , , . , , .
Data Object Directory Files (DODFs) โ , , PKCS#15, .
Authentication Object Directory Files (AODFs) โ , ( , , PIN- ..), . , PIN- .
TokeInfo File โ , : , , ..
PKCS#15
PKCS#15 (EID). EID PKCS#15 :
SIM- WAP (WIM)
as a token format for the national Finnish EID card
Also, the standard is supported by major vendors such as Microsoft and Apple.
Conclusion
Although the PKCS # 15 standard is quite old (1999), it has been able to keep smart cards secure for years without worrying about compatibility. Standardization in the field of information security has given a great leap forward in the development of modern technologies.
Links to sources:
-
presentation about the standard from RSA Laboratories
article with a brief description of the standard