how to modify text in html form from python

[Philippe C. Martin]

Paul,

That won't cut it: The cards I use/code do not have RSA capabilities but
only symmetrical algorithms (AES, 3DES, ....). I use the same type of
authentication you would see between a POS and a Smart Card (ex: B0' in
France)

So I cannot hookup to one of the standards (PKCS11 or CSP).

Thanks anyway.

Regards,

Philippe



Paul Rubin wrote:

> "Philippe C. Martin" <pmartin at snakecard.com> writes:
>> ***** HOW (if there's a better way let me know please) ******
>> As I have not found any better solution yet, I am trying to do the
>> following (on the server there is an html file and a cgi file)
> 
> If I understand it, you're trying to use a smart card to authenticate
> a web site login.  The major browsers already have smart card interfaces
> (Windows CAPI for MSIE, or PKCS11 for Netscape/Moz*) so you shouldn't
> need a plugin.  On the other hand, smart cards are very slow.
> 
> The typical approach is as follows (MSIE version).  Stop using special
> smart card programs and just use a card that implements CAPI with a
> from the vendor and that can sign against an X509 certificate.  The
> CSP will have a special signature that makes it less scary to install
> than a browser plugin.  You'll have to issue a cert for the smart card
> and there's various approaches to that, so I'll skip that part.  Set
> up a TLS server to require a client cert from the CA that signed the
> smart card.  The browser should recognize the challenge and select the
> right cert.  The CSP will have its own interface for the user entering
> a PIN along with inserting the card.  Once you have the TLS connection
> established, set a secure cookie in the client session and then redirect
> the browser to another URL that doesn't require the smart card (because
> otherwise the card will have to re-authenticate every click, which is
> very slow).  From then on, use the cookie for authentication (it can
> have a timeout or whatever).