SIC Logo IAIK Logo

Tested PKCS#11 Compatible Products

This is a list of all products that we have tested ourselves yet and that we can publish. Several customers of us have tested the wrapper in combination with other smart cards, USB tokens and HSMs on various platforms; e.g. SUN Crypto Accelerator, Crysalis HSM or RSA SecurID tokens. Even on platforms which are not listed here.
In addition, we wrote an own simple PKCS#11 library for testing on all supported platforms. However, the Wrapper is based on the standard PKCS#11 version 2.11. Thus, it should work with any product that comes with drivers compliant to this standard. This includes any version 2.x of PKCS#11; e.g. 2.01 and 2.10.
Please notice that if a product is listed here, this does not necessarily mean that all features of the product have been tested to work correctly. There are several products in which we found bugs. Where we found bugs that may prevent the Wrapper to work correctly, or any application based on it, we mentioned this in the description of this product below the table.

If you are a provider of PKCS#11 libraries of hardware products and you want your product to be listed here, you can contact us jce-support@iaik.tugraz.at.

 
Operating System
Product
Windows 2000
Windows XP
Linux
Solaris
A-Sign Premium
yes
 
 
 
A-Trust trust|mark
yes
 
 
 
ActivCard Gold
yes
 
 
 
Aladdin eToken (eToken Pro 16k and 32k)
yes
yes
 
 
Athena Smartcard Solutions - ASECard
 
yes
 
 
Dallas Semiconductors Java-Powered Cryptographic iButton 2.2
yes
 
 
 
Datakey Model 330, 32K PKI Smart Card
yes
 
 
 
Eracom CSA 7000 (CSA/SW)
yes
 
 
 
Eracom CSA 8000 (SW)
yes
yes
yes
yes
Eutron CryptoIdentity
yes
 
 
 
G&D StarCOS 2.3 SPK
yes
yes
 
 
Gemplus GemSAFE (GPK4000, GPK8000 and GPK16000)
yes
 
 
 
IBM MFC 4.3
yes
 
 
 
Kobil mIDentity  
yes
   
Mozilla
yes
 
 
 
nCipher nShield
yes
 
 
 
Oberthur AuthentIC 2.1V4
yes
 
 
 
Orga Micardo Public v2.1
yes
 
 
 
Rainbow CryptoSwift HSM
yes
 
 
 
Rainbow iKey1000
yes
 
 
 
Rainbow iKey2032
yes
 
 
 
Rainbow iKey3000
yes
yes
 
 
Safenet ProtectToolkit C SDK (used with Safenet ProtectServer Gold and Safenet ProtectServer External)
yes
yes
yes
yes
SC² Apollo OS Cards
 
yes
 
 
Schlumberger Cryptoflex
yes
yes
 
 
Schlumberger Cyberflex Access (16k, 32k, e-Gate Token)
yes
yes
   
SeTec SetCard 16K/RSA SetCOS4.3.1
yes
 
 
 
Siemens CardOS
yes
 
 
 
SUN Crypto Accelerator 1000
 
 
 
yes
SUN Crypto Accelerator 4000
 
 
 
yes
TeleSec
yes
 
 
 
Utimaco SafeGuard Biometrics
yes
 
 
 
Utimaco SafeGuard CryptoServer
yes
yes
yes
yes
IAIK Testlibrary
yes
yes
yes
yes

G&D StarCOS 2.3 SPK

Software:

AET SafeSign 1.0.8.48 Standard and 2.0.6 Standard

Reader:

Orga CardMous USB V1.1, driver version 1.57
Utimaco CardMan 1010 serial
Utimaco CardMan 2020 USB
Utimaco CardMan Dongle 6020 USB
SCM Microsystems SCR201
Schlumberger Reflex 20

Utimaco SafeGuard Biometrics

Software:

SafeGuard Biometrics version 1.50

Reader:

Precise Biometrics 100 SC. This smart card reader has a build-in fingerprint sensor. With this product login with a fingerprint instead of PIN is possible. This feature can be used with the Wrapper. Some demos included in the wrapper use this feature automatically, if available; e.g. GetInfo or SignAndVerify.

Oberthur AuthentIC 2.1V4

Software:

AuthentIC Web Pack 2.1

Reader:

Oberthur OCR 136 (same as OmniKey CardMan 1010 serial and Utimaco CardMan 1010 serial)

SeTec SetCard 16K/RSA SetCOS4.3.1

Software:

SetPKI 1.7

Reader:

Orga CardMous USB V1.1, driver version 1.57

Orga Micardo Public v2.1

Software:

PKI Evaluation Kit Version 1.1

Reader:

Orga CardMous USB V1.1, driver version 1.60

IBM MFC 4.3

Software:

DSI (Digital Signature for the Internet) 2.1

Reader:

Orga CardMous USB V1.1, driver version 1.57

Datakey Model 330, 32K PKI Smart Card

Software:

Datakey CIP (Cryptographic Interface Provider) 4.6.0 (1.11.024)

Reader:

Orga CardMous USB V1.1, driver version 1.57

Remarks:

The drivers that we had had problems with the find operation. The find operation may not work correctly in all cases. Newer drivers may solve these problems.

Schlumberger Cryptoflex

Software:

Cyberflex Access Software Development Kit Release 3C

Reader:

Orga CardMous USB V1.1, driver version 1.57
Utimaco CardMan 1010 serial

Schlumberger Cyberflex Access (16k, 32k, e-Gate Token)

Software:

Cyberflex Access Software Development Kit Release 4.1

Reader:

Utimaco CardMan 1010 serial
Utimaco CardMan 2020 USB
Schlumberger e-Gate Token USB

Gemplus GemSAFE (GPK4000, GPK8000 and GPK16000)

Software:

GemSAFE 2.1 (GPK4000 and GPK8000)
GemSAFE 3.1 SP4 (GPK4000, GPK8000 and GPK16000)

Reader:

Orga CardMous USB V1.1, driver version 1.57
Utimaco CardMan 1010 serial
HP Jornada 720 built-in smart card reader
HP Jornada 568 smart card reader battery pack (prototype)

Dallas Semiconductors Java-Powered Cryptographic iButton 2.2

Software:

PKCS#11 v1.02

Reader:

Blue Dot Receptor, Serial Port

Remarks:

The drivers have problems with the sign operation. We always get a CKR_DEVICE_ERROR when trying to sign some data.

Rainbow iKey1000

Software:

Rainbow iKey 1000 Series Software

Reader:

USB port

Remarks:

The drivers that we had had problems with the find and sign operation. Newer drivers may solve these problems.

Rainbow iKey2032

Software:

Rainbow iKey 2000 Series Software v4.5.10 SDK

Reader:

USB port

Remarks:

The drivers that we had had problems with the find operation. The find operation may not work correctly in all cases. Newer drivers may solve these problems. Older versions also had a bug in the sign operation.

Rainbow iKey3000

Software:

AET SafeSign 1.0.8.48 Standard

Reader:

USB port

Rainbow CryptoSwift HSM

Tested with the PCI version.

Software:

CryptoSwift HSM IK 4.1.3

ActivCard Gold

Software:

ActivCard Gold 1.3 SDK

Reader:

Utimaco CardMan 1010 serial

A-Trust trust|mark

Software:

ID2 Personal 2.8.3

Reader:

Orga CardMous USB V1.1, driver version 1.57
Kobil KAAN Standard PLUS, driver version 2002.9.11.1

A-Sign Premium

The "OCG-Mitgliedskarte mit Bürgerkarten-Funktionalität" is the same card.

Software:

ID2 Personal v2.8.3 A-Trust
(AET SafeSign 1.0.8.48 Standard, tested with older versions of this card)

Reader:

Reiner SCT cyber Jack(R) e-com
(Orga CardMous USB V1.1, driver version 1.57, tested with older versions of this card)

Eracom CSA 7000

Tested with a real hardware security module and with the software emulation of such a hardware module.

Software:

CSA7k Driver 3.71

CProv SDK 2.21

Eracom CSA 8000

Tested with the software emulation of such a hardware module.

Software:

CProv SDK 3.09

Aladdin eToken (eToken Pro 16k and 32k)

Software:

eToken Run Time Environment 3.00 and 3.60

Reader:

USB port

Mozilla

Mozilla comes with a shared libary, called softokn3.dll under Windows, which provides access to the Mozilla crypto module. This allows access to private keys which are stored in the Mozilla profile. To initialize the Mozilla PKCS#11 module, you need to specify a configuration string which looks like that:
configdir='C:/Documents\ and\ Settings/kscheibelhofer/Application\ Data/Mozilla/Profiles/default/cfxcrpru.slt' certPrefix='' keyPrefix='' secmod='secmod.db'
Please notice the escaped spaces in the profile path.

Software:

Mozilla 1.3

Eutron CryptoIdentity

This is the same as Algorithmic Research's MiniKey USB token.

Software:

CryptoKit 3.4 (Algorithmic Research version)

Reader:

USB port

TeleSec

Has been tested with a PKS-Pilot test card.

Software:

TCrypt#11 version 3.3.2

Reader:

Utimaco CardMan 2020 USB

nCipher nShield

Has been tested with a 1-of-2 administrator card set and a 1-of-2 operator card set. The tested nShield version has been a nShield F2 UltraSign PCI.

Software:

CipherTools Development Kit (Release 7.25) for Windows

Reader:

nCipher Chipdrive that comes with the product

Siemens CardOS

Has been tested with a Siemens CardOS 4.01a card.

Software:

Siemens Card API 3.0 RC1-1

Reader:

Omnikey CardMan 1010 Serial

SUN Crypto Accelerator 1000

The SUN Crypto Accelerator 1000 board has been tested on Solaris 8 and Solaris 9. It has been tested with the 32 bit and 64 bit (SPARC v9) version.

Board:

SUN Crypto Accelerator 1000 Board Version 1.1

System:

SUN Blade 100
Solaris 8 and Solaris 9

SUN Crypto Accelerator 4000

The SUN Crypto Accelerator 4000 board has been tested on Solaris 8 and Solaris 9. It has been tested with the 32 bit and 64 bit (SPARC v9) version.

Board:

SUN Crypto Accelerator 4000 Board Version 1.1

System:

SUN Blade 100
Solaris 8 and Solaris 9

SC² Apollo OS Smart Cards

We tested Apollo OS smart cards from the Apollo OS Smart Cards Sample Pack.

Software:

SC² PKCS#11 1.12

Reader:

Utimaco CardMan 3121 USB
Utimaco CardMan 2010 Serial
Reiner SCT CyberJack e-com

Athena Smartcard Solutions - ASECard

We tested with blank ASECards from Athena Smartcard Solutions. Please note that these cards need a reader which supports extended Lc/Le APUs. Often, only very new readers support this feature; e.g. Omnikey Cardman 3121 with firmare version 2.01 or later.

Software:

ASECard Crypto Toolkit 3.22

Reader:

Utimaco CardMan 3121 USB (Firmware 2.02)

Kobil mIDentity

We tested a Kobil mIDentity Classic XL with 512 MB RAM..

Software:

Kobil mIDentity V1.5.1 MSDI Build: 20060823.2

Utimaco SafeGuard CryptoServer

The Utimaco HSM has been configured as a CryptoServer LAN and used with the local installation of the CryptoServer 1.40.1. We received some updates to successfully test new attributes of PKCS#11 2.20.

Software:

Utimaco SafeGuard CryptoServer 1.40.1

Hardware:

Utimaco SafeGuard CryptoServer LAN

Safenet ProtectToolkit C SDK

We used the software evaluation of Safenet ProtectServer Gold to test the ProtectToolkit C SDK. This software is used with the PCI card Safenet ProtectServer Gold and the HSM Safenet ProtectServer External.

Software:

Safenet ProtectToolkit C SDK 3.32


Copyright (c) 2002-2003 by IAIK. Copyright (C) 2003-2004 Stiftung SIC. All rights reserved.