qca/plugins/qca-pkcs11/README

qca-pkcs11 2.0.0 -- PKCS#11 Plug-in to QCA

ABOUT
	qca-pkcs11 enables QCA smartcard integration.

	qca-pkcs11 supports the following features:
	 - Multiple providers.
	 - Multiple tokens.
	 - Private key signature and decryption.
	 - Keystore objects serialization.
	 - Keystore update notifications.
	 - Asker integration for token and PIN.

DEPENDENCIES
	pkcs11-helper>=1.02
		http://www.opensc-project.org/

INSTALL
	For Unix/Linux/Mac:
		./configure
		make
		make install

	For Windows:
		configwin rd
		qmake
		nmake (or make)
		copy lib\*.dll qtdir\plugins\crypto

CONFIGURATION
	Configuration is stored at ~/.config/Affinix/QCA.conf, in order to
	generate default configuration use:

	$ qcatool config save qca-pkcs11

	Attributes:
		allow_load_rootca (Boolean)
			Allow loading root certificate authorities' certificate
			from token. Loading root certificates from PKCS#11 enabled
			tokens is highly insecure, as public objects can be added
			without user notice.

		allow_protected_authentication (Boolean)
			Enable/disable global protected authentication support.
			If disabled, no protected authentication will be allowed,
			even if provider supports this feature.

		pin_cache (Integer)
			Maximum PIN/session cache period in seconds.
			-1 is infinite, until provider invalidates session.

		log_level (Integer)
			Log level of pkcs11-helper, can be from 0-5.

		provider_##_enabled (Boolean)
			Provider at this index is enabled.

		provider_##_name (String)
			Provider unique friendly name.

		provider_##_library (String)
			Provider library to load.

		provider_##_allow_protected_authentication (Boolean)
			Enable protected authentication if provider supports the feature.

		provider_##_cert_private (Boolean)
			Provider stores the certificates as private objects.

		provider_##_private_mask (Integer)
			Provider private key mask:
			0	Determine automatically.
			1	Use sign.
			2	Use sign recover.
			4	Use decrypt.
			8	Use unwrap.

		provider_##_slotevent_method (String)
			auto	Determine automatically.
			trigger	Use trigger.
			poll	Use poll.

		provider_##_slotevent_timeout (Integer)
			Timeout for slotevent in poll mode.
			Specify 0 for default.

AUTHORS
	Alon Bar-Lev <alon.barlev@gmail.com>
more updates for release svn path=/trunk/kdesupport/qca/; revision=724328 2007-10-12 00:51:03 +00:00			`qca-pkcs11 2.0.0 -- PKCS#11 Plug-in to QCA`
Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00
			`ABOUT`
			`qca-pkcs11 enables QCA smartcard integration.`

			`qca-pkcs11 supports the following features:`
			`- Multiple providers.`
			`- Multiple tokens.`
			`- Private key signature and decryption.`
			`- Keystore objects serialization.`
			`- Keystore update notifications.`
			`- Asker integration for token and PIN.`

			`DEPENDENCIES`
			`pkcs11-helper>=1.02`
fix opensc url svn path=/trunk/kdesupport/qca/; revision=723795 2007-10-10 18:27:19 +00:00			`http://www.opensc-project.org/`
Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00
more updates for release svn path=/trunk/kdesupport/qca/; revision=724328 2007-10-12 00:51:03 +00:00			`INSTALL`
			`For Unix/Linux/Mac:`
			`./configure`
			`make`
			`make install`

			`For Windows:`
			`configwin rd`
			`qmake`
			`nmake (or make)`
			`copy lib\*.dll qtdir\plugins\crypto`

Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00			`CONFIGURATION`
			`Configuration is stored at ~/.config/Affinix/QCA.conf, in order to`
			`generate default configuration use:`

no digit postffix in qcatool2 name 2013-10-02 22:12:32 +06:00			`$ qcatool config save qca-pkcs11`
Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00
			`Attributes:`
By default don't load roots from token svn path=/trunk/kdesupport/qca/; revision=661109 2007-05-04 16:05:26 +00:00			`allow_load_rootca (Boolean)`
			`Allow loading root certificate authorities' certificate`
			`from token. Loading root certificates from PKCS#11 enabled`
			`tokens is highly insecure, as public objects can be added`
			`without user notice.`

Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00			`allow_protected_authentication (Boolean)`
			`Enable/disable global protected authentication support.`
			`If disabled, no protected authentication will be allowed,`
			`even if provider supports this feature.`

			`pin_cache (Integer)`
			`Maximum PIN/session cache period in seconds.`
			`-1 is infinite, until provider invalidates session.`

			`log_level (Integer)`
typo svn path=/trunk/kdesupport/qca/; revision=723160 2007-10-08 21:49:02 +00:00			`Log level of pkcs11-helper, can be from 0-5.`
Configuration interface support svn path=/trunk/kdesupport/qca/; revision=611786 2006-12-09 12:37:20 +00:00
			`provider_##_enabled (Boolean)`
			`Provider at this index is enabled.`

			`provider_##_name (String)`
			`Provider unique friendly name.`

			`provider_##_library (String)`
			`Provider library to load.`

			`provider_##_allow_protected_authentication (Boolean)`
			`Enable protected authentication if provider supports the feature.`

			`provider_##_cert_private (Boolean)`
			`Provider stores the certificates as private objects.`

			`provider_##_private_mask (Integer)`
			`Provider private key mask:`
			`0 Determine automatically.`
			`1 Use sign.`
			`2 Use sign recover.`
			`4 Use decrypt.`
			`8 Use unwrap.`

			`provider_##_slotevent_method (String)`
			`auto Determine automatically.`
			`trigger Use trigger.`
			`poll Use poll.`

			`provider_##_slotevent_timeout (Integer)`
			`Timeout for slotevent in poll mode.`
			`Specify 0 for default.`

			`AUTHORS`
			`Alon Bar-Lev <alon.barlev@gmail.com>`