pkcs15.7

读写Smart卡加解密接口的程序

.PU
.TH pkcs15 7 "" "" OpenSC
pkcs15 \- standard for storing information on smart cards
.SH DESCRIPTION
The PKCS #15 standard is available from
.BR http://www.rsasecurity.com/rsalabs/pkcs .
This document does not try to cover PKCS #15 in detail; it
just tries to give readers not familiar with the standard a
brief overview.
.PP
PKCS #15 defines a standard how to store keys, certificates
and possibly other data on a smart card, and how to describe
certain meta information (such as what PIN the user needs to
present before he's allowed to use a certain private key).
.PP
A PKCS #15 compliant smart card can contain one or more
applications. There is one ``meta directory'' that contains
a list of all applications. On cards that support an ISO 7816
compatible file system, each application usually resides in
a directory of its own.
.PP
Within each application directory,
PKCS #15 defines a structure of meta files (also
called Directory Files) that contain information on objects
stored on the card. For instance, there is a private key
directory file (or PrKDF for short) that contains a list of
private keys stored on the card. Likewise, there's a
public key directory file (PuKDF) and a certificate directory
file (CDF).
.PP
One fairly important PKCS #15 directory file is the AODF, or
authorization object directory file, which describes
the PINs held by the card. Note the AODF does not contain
the PINs themselves; this is something that is highly
card specific. What the AODF does contain however is
a descriptive label for each PIN, and additional information
required to authenticate against this PIN (sorry if this
is very vague, but unless you really want to know, we'll
better leave it at that, for the sake of your and my sanity :-).
.PP
Each object stored in a PKCS #15 structure has an ID
assigned to it, so that related objects can reference
one another. For instance, if a private key is protected
by a PIN, the PrKDF entry for this key will contain
an Authentication ID field that points to the AODF entry
for this PIN.
.PP
Similarly, if the card contains a certificate corresponding
to a private key stored on this card, the CDF entry for the
certificate will have the same ID as the PrKDF entry for
the private key. The same is true of public key objects.
.SH BUGS
This manual page is a little terse.
.PP
The use of the term Directory File in PKCS #15 is somewhat
unfortunate. Normally, a PKCS #15 DF is just a plain
(elementary) file, not a directory file in the sense of
ISO  7816.
.SH AUTHORS
This manual page was written by Olaf Kirch <okir@lst.de>.