The following security advisory is sent to the securiteam mailing list, and can
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
OpenSC Smart Card Library
------------------------------------------------------------------------
SUMMARY
DETAILS
libopensc is a library for accessing smart card devices. It is also the
core library of the OpenSC project. libopensc also supports usb crypto
tokens (they usually have a smart card inside).
Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO
7816-4 compatible smart card. Encryption and decryption using private keys
on the smart card is possible with PKCS #15 compatible cards, such as the
FINEID (Finnish Electronic IDentity) card.
The base platforms are Linux and Mac OS X; some parts have been ported to
Windows.
Supported cards:
* Finnish FINEID (SetCOS)
* Swedish Posten eID (SetCOS)
* Cryptoflex 16k and 8k
* GPK 4K, 8K, 16K
* USB tokens based on CardOS/M4, such as Aladdin eToken PRO, etc.
* MioCOS 1.1
* TCOS 2.0
* Starcos SPK 2.3 (e.g. Rainbow iKey 3000)
* Micardo 2.1
* Oberthur AuthentIC
* OpenPGP 1.0
* JCOP 31bio
* Estonian ID card, EstEID (Micardo 2.1)
Builtin PKCS#15 initialization is supported for the following cards:
* CryptoFlex 8K, 16K
* GPK 4K, 8K, 16K
* CardOS M4.00, M4.01a
* Starcos SPK 2.3
* JCOP 31bio
* MioCOS 1.1
Builtin PKCS#15 emulation is supported for the following non-PKCS#15
cards:
* OpenPGP 1.0
* EstEID
* StarCert V2.2
* Italian Infocamere card (type 1202 and 1203)
* TeleSec NetKey
* Italian Postecert card
Note: the current PKCS#15 emulation support offers only a read-only access
the card.
The Belgian ID card is not yet supported by OpenSC. However you can
download a modified version of OpenSC with full source code under LGPL
license. Thanks to Belgium for donating code to OpenSC. We will try to
merge this code, but it might take a while.
General features
Some functionality included in the OpenSC package.
* PAM module
This module allows you to log in to your local machine using private
RSA keys present on your smart card.
* OpenSSH support
A smart sard is one of the safest places to keep your private keys,
assuming that the access restrictions on the keys have been set-up
correctly.
* opensc-tool
This small program will do all sorts of card and framework independent
things, such as raw APDU sending and file listing.
* opensc-explorer
Generic interactive utility for accessing smart card and similar
security token functions
* pkcs15-tool
A tool for checkout out of the contents of the PKCS #15 structure.
* pkcs15-crypt
A tool for testing the cryptographic functions of your PKCS #15 card.
Only RSA decryption and digital signing are supported as of now.
* pkcs15-init
Smart card personalization utility.
* A working PKCS #11 module for using PKCS #15 cards is also provided.
ADDITIONAL INFORMATION
The information has been provided by The OpenSC Project.
To keep updated with the tool visit the project's homepage at:
<http://www.opensc.org/> http://www.opensc.org/
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to:
list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to:
list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
