starting smartcard programming

hyperboreean picture hyperboreean · Apr 23, 2010 · Viewed 14.1k times · Source

How could one get started with smartcards programming? I am asking here about all the toolkit he needs in order to get started: books, tutorials, hardware etc.

I am planning in playing around with a couple of smartcards programmers and I am pretty new to this field.

Edit: I am mostly interested in programmers that play nice with Unix-like operating systems. Also, I am not sure how this works ... but I would like to program them in C/C++

Answer

bignum picture bignum · Apr 23, 2010

Whenever I've needed to access smart cards for use in security applications it has been via either:

  • Microsoft CryptoAPI
  • a PKCS#11 library for the card.

To access a card using the Microsoft CryptoAPI a card specific Cryptographic Service Providers (CSP) is needed. The CSP sits under the CryptoAPI layer.

If you are developing on Unix/Linux using 'C/C++', however, then you will probably want to take a look at the PKCS#11 standard from RSA. The standard specifies a 'C' API called Cryptoki (Cryptographic Token Interface) which gives a common abstraction above all types of crypto devices. Nearly all smart card vendors provide a PKCS#11 library for their cards that you can program against using the Cryptoki API.

If you want to access the smart card/reader at a lower level you can use APIs such as PC/SC or CT-API.

  • PC/SC defacto standard for smart card access implemented on Windows, Linux and Mac OS X

  • CT-API provides only very minimal functionality; not very suitable for modern apps.

If you are interested in writing Java applets that run on smart cards then you probably want to look http://java.sun.com/javacard/

Resources that may be of use

  • OpenSC is a set of libraries and tools for smart cards. It is designed to work with PKCS#11 supporting cards. OpenCT provides drivers for card readers, and tokens that are comprised of both a card and a reader (ie. usb tokens, and other ’complete’ devices).

  • http://www.linuxnet.com/ MUSCLE - The movement for use of smart cards in a linux environment

  • PKCS#15 - Cryptographic Token Information Format Standard

  • Smart Card Handbook

  • A presentation on PKCS#11given at the RSA conf in 2009.

  • PyKCS11 A Python wrapper around PKCS#11. These type of wrappers can provide a simpler higher level interface than working directly at Cryptoki level.

  • Smart Card Alliance