What is cgTunnel?
cgTunnel ensures that APDU messages between a backend middleware and a local PC/SC Driver on the computer of an end user are transferred in both directions via a network.
For this purpose, the messages are transmitted by the cgTunnel server. Clients of the cgTunnel Server are the cgTunnel client in the backend and the cgTunnel agent on the end user computer. AirID components. cgTunnel is multisession capable and designed to operate up to a few hundred virtual PC/SC sessions in parallel.
cgTunnel enables a secure messaging channel for end-to-end-encryption from the PKCS#11 library backend to a secure element connected with a local PC/SC driver on the end user workstation.
cgTunnel Highlights
| Product Name | cgTunnel |
Communication | APDU network routing |
| Security | Enables secure messaging for end to end encryption |
| Standards | PC/SC, TLS / SSL, Java |
| Interfaces | PCSC Lite, Java API |
Supported Platforms | Apache Tomcat, Red Hat Enterprise Linux, Java |
| Scalability | Multisession capable up to few hundred parallel connections1 |
| High Availability | With load balancer |
1 Depending on hardware and network connection
cgTunnel Components
cgTunnel Server
- Server Core
- Client Interface
- Agent Interface
- Basic Access Management Interface
- Runs on Apache Tomcat 7.0.47 or higher
- Apache Portable Runtime (APR) recommended for productive environments
- A valid SSL/TLS certificate for the Apache Tomcat
- Delivery as WAR / JAR files
- Tested on Apache Tomcat Server Version 7.0.47 and 7.0.54 with HP ProLiant BL460c G7 Server Blade 2 CPUs / 12 Cores, 48 GB RAM, 2x300 GB HDD
cgTunnel PCSC Lite
- Delivery as RPM package
- Runs on Red Hat Enterprise Linux 6.4 and higher
- Tested on Red Hat Enterprise Linux 6.4 and 6.5 / 64bit / x86-64
cgTunnel Agent
- Delivery as cgTunnel Agent Java Library with API and demo code
- Tested with Java 6, 7 and 8