[TOOL] OpenSC Smart Card Library

The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  OpenSC Smart Card Library
------------------------------------------------------------------------


SUMMARY



DETAILS

libopensc is a library for accessing smart card devices. It is also the 
core library of the OpenSC project. libopensc also supports usb crypto 
tokens (they usually have a smart card inside).

Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 
7816-4 compatible smart card. Encryption and decryption using private keys 
on the smart card is possible with PKCS #15 compatible cards, such as the 
FINEID (Finnish Electronic IDentity) card.

The base platforms are Linux and Mac OS X; some parts have been ported to 
Windows.

Supported cards:
 * Finnish FINEID (SetCOS)
 * Swedish Posten eID (SetCOS)
 * Cryptoflex 16k and 8k
 * GPK 4K, 8K, 16K
 * USB tokens based on CardOS/M4, such as Aladdin eToken PRO, etc.
 * MioCOS 1.1
 * TCOS 2.0
 * Starcos SPK 2.3 (e.g. Rainbow iKey 3000)
 * Micardo 2.1
 * Oberthur AuthentIC
 * OpenPGP 1.0
 * JCOP 31bio
 * Estonian ID card, EstEID (Micardo 2.1)

Builtin PKCS#15 initialization is supported for the following cards:
 * CryptoFlex 8K, 16K
 * GPK 4K, 8K, 16K
 * CardOS M4.00, M4.01a
 * Starcos SPK 2.3
 * JCOP 31bio
 * MioCOS 1.1

Builtin PKCS#15 emulation is supported for the following non-PKCS#15 
cards:
 * OpenPGP 1.0
 * EstEID
 * StarCert V2.2
 * Italian Infocamere card (type 1202 and 1203)
 * TeleSec NetKey
 * Italian Postecert card

Note: the current PKCS#15 emulation support offers only a read-only access 
the card.

The Belgian ID card is not yet supported by OpenSC. However you can 
download a modified version of OpenSC with full source code under LGPL 
license. Thanks to Belgium for donating code to OpenSC. We will try to 
merge this code, but it might take a while.
General features

Some functionality included in the OpenSC package.

 * PAM module
   This module allows you to log in to your local machine using private 
RSA keys present on your smart card.

 * OpenSSH support
   A smart sard is one of the safest places to keep your private keys, 
assuming that the access restrictions on the keys have been set-up 
correctly.

 * opensc-tool
   This small program will do all sorts of card and framework independent 
things, such as raw APDU sending and file listing.

 * opensc-explorer
   Generic interactive utility for accessing smart card and similar 
security token functions

 * pkcs15-tool
   A tool for checkout out of the contents of the PKCS #15 structure.

 * pkcs15-crypt
   A tool for testing the cryptographic functions of your PKCS #15 card. 
Only RSA decryption and digital signing are supported as of now.

 * pkcs15-init
   Smart card personalization utility.

 * A working PKCS #11 module for using PKCS #15 cards is also provided.


ADDITIONAL INFORMATION

The information has been provided by The OpenSC Project.
To keep updated with the tool visit the project's homepage at:  
<http://www.opensc.org/> http://www.opensc.org/



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@xxxxxxxxxxxxxx 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@xxxxxxxxxxxxxx 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.