Smart card interface, OpenSC and OpenCT

Werner Koch wk at
Tue Jul 26 07:41:58 CEST 2005

On Mon, 25 Jul 2005 17:10:42 +0200, Laurent Pinchart said:

> Could anyone tell me why that decision has been made ? What's the

* OpenSC is a huge and complex library with an ever changing API and
  often hidden ABI changes. It just makes too much trouble.

* It requires your application to use pthreads which conflicts with
  the use of another threading library; GNU Pth in our case.  This is
  the actual show stopper.

* We only need to _read_ PKCS#15 structures and not to _create_ them.
  This was actually pretty easy to implement and took me only a few
  days.  Still not complete due to the lack of test cards (aside of a
  self-created pkcs15 card I do have only one other card
  (Dienstausweis des BMI).

* OpenSC may only be used by LGPL software because it makes use of
  OpenSSL.  It is possible to disable this by losing some
  functionality; no distribution does it.

> prefered way to interface a smart card reader in GnuPG ? Is it PC/SC ? What 
> about readers with a pin pad ?

Either direct access via the interanl CCID driver or by PC/SC or
ctAPI.  Adding OpenCT support won't be a problem.

> Zetes (the company that developped the Belgian eID software) contributed 
> LGPLed code to OpenSC to support the eID card. Should this code be ported to 
> GnuPG ?

AFAIK, the card is a PKCS#15 one so in theory signing should already
work with gpgsm. A textcard would definitley be helpful.



More information about the Gnupg-devel mailing list