| 基于USBKEY的CSP与PKCS#11互通的实现方法 |
| |
| 引用本文: | 张栋,王昭顺.基于USBKEY的CSP与PKCS#11互通的实现方法[J].计算机工程与设计,2007,28(16):3829-3831,3842. |
| |
| 作者姓名: | 张栋 王昭顺 |
| |
| 作者单位: | 北京科技大学,信息工程学院,北京,100083 |
| |
| 摘 要: | 由于CSP(cryptographic service provider)和PKCS#11是目前PKI体系中应用最广泛的两种基于硬件加密设备的接口标准,因此让这两者之间兼容具有重要的现实意义.介绍了CSP和PKCS#11的概念,分析了两者在密钥管理、数据保存和安全机制方面的不同,提出了由CSP调用PKCS#11.在PKCS#11中自定义一个接口,主要由该接口来实现CSP中的容器、密钥管理等功能.最后展开阐述了实现PKCS#11与CSP互通的具体操作方法.
|
| 关 键 词: | 加密设备 接口标准 容器 密钥 互通 USBKEY PKCS 具体操作方法 compatibility method of Realization 阐述 展开 功能 容器 接口标准 安全机制 数据保存 密钥管理 分析 意义 硬件加密设备 应用 体系 cryptographic |
| 文章编号: | 1000-7024(2007)16-3829-03 |
| 修稿时间: | 2006-08-06 |
Realization method of compatibility of CSP and PKCS#11 based on USBKEY |
| |
| ZHANG Dong,WANG Zhao-shun.Realization method of compatibility of CSP and PKCS#11 based on USBKEY[J].Computer Engineering and Design,2007,28(16):3829-3831,3842. |
| |
| Authors: | ZHANG Dong WANG Zhao-shun |
| |
| Affiliation: | School of Information and Engineering, University of Science and Technology Beijing, Beijing 100083, China |
| |
| Abstract: | As CSP(cryptographic service provider) and PKCS#11 are two sets of cryptography device standards that are most broadly applied in the system of PKI,so how to make the two compatible has greatly practical significance.Firstly,the conceptions of CSP and PKCS#11 are introduced.Then the differences among the management of secret key,the preservation of data and the mechanism of se-curity between the two standards is analyzed,and calling PKCS#11 is further presented by CSP and self-defined an interface in the process of PKCS#11 implementation,which is mainly used to realize the functions of container and management of key in CSP.Finally,how to operate it to realize the compatibility between the CSP and PKCS#11 is expatiated in detail. |
| |
| Keywords: | CSP PKCS#11 container key compatibility |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
