This repository has been archived by the owner on Sep 1, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 75
Specification
Rainer Villido edited this page May 15, 2015
·
6 revisions
- GUI
- Linux/Qt
- Windows/MFC
- OSX/Cocoa
- Backends
- PKCS#11 (OSX, Linux, Windows)
- CNG (Windows) - Possible to use SHA224, only Minidriver's and CNG Key Storage Provider's
- CAPI (Windows) - Most foreign drivers are CAPI modules and can also use Minidriver's
- 32bit, 64bit support
- pinpad support
- No personal information is sent to 3rd party sites without user consent
- Always shows user the certificate selection before sending a certificate to a 3rd party web site
- Maintains certificate selection binding (only user-confirmed certificate can be used for signing)
- Shows only the certificates in cert selection dialog that belong to the token(s) that is/are inserted and usable (private key exists)
- Shows only the certificates in the cert selection dialog that are valid (not expired)
- Has an extension options page to adjust the behaviour of the backend
- HTTPS access is enforced for sensitive data
- Logging (see Developer tips). PIN codes are never logged.
- Supports GUI languages as ISO 639-1 code and supports at least
et,enandru. This is available only on OSX and Linux as Windows uses CAPI/CNG with language selected by the operating system. - Technical
- PKCS1 padding is added by Hardware Token
- DigestMethod OID is added by Hardware Driver (Some cases maybe by Token)
- Windows CAPI drivers produce little endian signatures, they are converted to big endian "reverse"
- Technical (maintainability)
- Supported by Coverity builds
- native components are built separately from the extension
- packaging is separate from building (signing of extension)