Is the OpenPGP card open hardware

Werner Koch wk at
Wed Dec 3 15:14:30 CET 2014

On Wed,  3 Dec 2014 12:38, kai at said:

> I hear a lot of poeple -saying- that the OpenPGP card is "open hardware".

Unfortunately this is not the case.  However, I have not heard that
claim.  In case you mean the crypto-stick: Its hardware and the software
seems to be free but the actual crypto of the stick is the very same
chip from the "regualr" OpenPGP card.  The stick is a card reader with a
glued on card.

The usual question is whether the software on the card is free - which
is also not the case.  If you want a free software implementation of the
card, you need to go for gnuk ( but it does not use
a dedicated smart card chip and thus the hardware and thus the keys are
not protected from even simple attacks on the chip.

> E.g. A mecrchandise shop owner at "Linux Tag 2014 in Berlin" that also
> sold the OpenPGP cards said (that was his 1st and major selling point):
> "The thing is open hardware".

kernelconcepts? Did they really say that?

> 1) Is the OpenPGP card indeed open hardware?


> 2) If so, where can I read abaout the hardware layout and the firmware?

Contact NXP or Zeitcontrol.

> 3) If not so, what makes the OpenPGP different from any other
> proprietary samrtcard?

It works and is easy available.  The specs are fully published, written
with the goal to support OpenPGP, kept simple, and are used by a couple
of other vendors (mostly for internal projects).



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list