[webkit-gtk] Support for PKCS11 / Smartcard?

mailto428496 mailto628496 at cox.net
Sat Dec 1 16:09:26 PST 2018


I think what you are asking is whether the system has been correctly
setup for smartcard?  The answer is yes.  The EL7 system has all the
pcscd, opensc, etc. packages and smartcard works correctly for machine
login and using the firefox browser (via libcoolkey) for smartcard
enabled sites.  The issue is just that the webkit-gtk browser (used by
Evolution for OAuth2) doesn't know how to talk to the smartcard device
(no hooks to libcoolkey, etc.), all the other framework is in place.



On 12/01/2018 12:37 PM, Igor Korot wrote:
> For anybody interested:
> On Sat, Dec 1, 2018 at 11:21 AM Michael Catanzaro <mcatanzaro at igalia.com> wrote:
>> On Sat, Dec 1, 2018 at 11:14 AM, Michael Catanzaro
>> <mcatanzaro at igalia.com> wrote:
>>> It would need to be investigated by a developer with a smartcard and
>>> some interest in figuring out how it's supposed to work. You might
>>> know more than me! Did any of that make sense?
>> BTW to be clear:
>>  * WebKit client auth is extremely likely to arrive sometime soonish.
>> Shame it's not working quite yet.
>>  * But once client auth is ready, smartcards may or may not work. No
>> clue. There's a good chance they will, but it definitely won't be
>> tested in WebKit, so maybe 50/50 odds, I really don't know.
> Whether it is an external reader or the keyboard one the driver has to
> be installed.
> I know RHEL provides such a driver in their kernel/repository.
> Then all you do is to append the certificate to the browser and when you access
> secure site it will ask you to provide a PIN.
> But as I said - the first thing is to have an appropriate driver.
> And when you do - attach the reader and insert the card.
> The driver should kick in, the light on the reader should start blinking and
> there should appear a dialog about the card successfully read.
> If that part works - then we should start checking the browser.
> Thank you.
>> Michael
>> _______________________________________________
>> webkit-gtk mailing list
>> webkit-gtk at lists.webkit.org
>> https://lists.webkit.org/mailman/listinfo/webkit-gtk

More information about the webkit-gtk mailing list