how to read certificate from USB device and send it to browser like firefox

Question

I want to write a c++ dll that read certificate from my USB device and send that to browsers like Firefox.And I should mention that i have built my USB device with an ATMega32A which have 2K EEPROM and i stored a sample certificate on that.
I have read some about PKCS#11 standard but i cant figure out where to start. Could anyone help me on this?

Answer 1

You can not "add to Firefox" but you can expose your data to firefox and make them available for use. To do this you need to implement PKCS#11 API and create so-called PKCS#11 driver (the user-mode DLL which implements those 70 or so functions defined in PKCS#11 API). Those functions would talk to the hardware device in order to perform certain operations. Then you plug this PKCS#11 DLL to Firefox and Firefox can use certificates on your device.

Answer 2

It sounds like you're creating a PKI hardware device. I think your biggest hurdle will be accessing the ATMega32. It'll be up to you to implement an interface on the ATMega side, be that a RS232-usb bridge, USB Mass Storage, or proprietary with a custom driver.

A simple solution might be to use a USB Mass Storage interface to present a certificate as file on a pseudo disk.

Taking the custom driver route, Firefox (and other Mozilla products) use libraries that have interfaces for PKI hardware. See NSS and OpenSC. At a guess it's possible that there's a PKI / PKCS11 driver API for Windows that you can implement.

Answer 3

Step 1: write a dll that can read data from the USB device. You could use Winusb. This will require the firmware to support it.

Step 2: write a dll that can add a certificate to Firefox

Step 3: combine previous steps into one dll

If you get stuck on something specific, write a new question and show us what you have done so far.