OpenSC
OpenSC provides a set of libraries and utilities to access smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as mail encryption, authentication, and digital signature. OpenSC implements the PKCS#11 API so applications supporting this API such as Mozilla Firefox and Thunderbird can use it. OpenSC implements the PKCS#15 standard and aims to be compatible with every software that does so, too.
See our OverView page for more details.
OpenSC was written by an international team and is licensed as Open Source software under the LGPL license. For a list of all authors and contributers as well as detailed license information see AuthorsAndCredits.
Please note: typical smart cards are completely undocumented and incompatible with all other existing smart cards. Thus please check these lists below, and review each page to find out which specific smart card is supported by opensc.
For programmable java cards: the support is for the card with the specific applet - if you have a different applet on your card, it might not be supported.
National ID Cards
These are pre-initialized read-only cards.
- Finnish ID Card FINEID
- Swedish Posten eID
- Estonian ID Card EstEID
- Italian Infocamere
- Italian Postecert
- Italian CNS/CIE (eID)
- Belgian eID
- Spanish Ceres
- German ID Cards, eHBA, eGK
- Taiwan
- Austrian Bürgerkarte, e-card
- Australian national ID card
- United States PIV card applet
- Turkish EID Card
Smart Cards
This is a list of supported cards which can be written to by the user.
- Schlumberger/Axalto Cryptoflex
- Schlumberger/Axalto Cyberflex
- Gemplus GPK
- Siemens CardOS M4
- IBM JCOP
- Micardo
- Oberthur
- OpenPGP
- Setec Setcos
- Giesecke & Devrient Starcos
- Giesecke & Devrient Seccos
- TCOS based cards (NetKey E4, SignTrust, Smartkey)
- AKIS Smart Cards
- Athena Smart Cards
USB Tokens
USB tokens usually have writeable smart cards inside.
- Aladdin eToken Pro
- Eutron CryptoIdentity ITSEC
- Schlumberger/Axalto e-gate
- Rainbow iKey 3000
- Rainbow iKey 4000 (not supported)
- Feitian ePass3000
- Athena ASEKey
Miscellaneous
- EMV cards (not supported)
OpenSC forks
Starting Points
- OverView - A short introduction what OpenSC is and how it fits into the big picture.
- WhatsNew - What is new, what has changed since the last major release?
- OperatingSystems - What your operating system needs to have for OpenSC to work.
- Download the latest stable release of OpenSC.
- CompilingInstalling - How to compile and install OpenSC yourself.
- QuickStart - installation and basic steps to initialize a blank smart card.
- UsingOpensc - options when using OpenSC.
- PKCS#15 Initialization Guide with many small details
- PinpadReaders - are special because there was no standard for pinpads for a long time.
- ReplacingCertificates - does not work for all cards and is a bit tricky.
- SecureSetup - how to configure the security aspects or OpenSC
- TroubleShooting explains the most common problems and how to solve them.
- MoreDocumentation -- older and specific documents.
- MailingLists -- How to contact us.
Application Support
- PKCS11 Module - OpenSC includes a PKCS#11 module "opensc-pkcs11.so" that works with many applications.
- Tools - OpenSC includes a number of command line tools for exploring, initializing, automatisation and debugging.
- OpenSSL can use a so called engine to delegate cryptographic operations to your smart card.
- WindowsCSP - on Windows a Cryptographic Service Provider (CSP) offers your smart card to all applications.
- AppleCSP - on Mac OS X a Cryptographic Service Provider (CSP) offers your smart card to all applications.
- Mozilla, Firefox and Thunderbird all can use OpenSC for authentication, signing and decryption
- PamModules - allow people to login using their smart card.
- SecureShell - use ssh network connections with smart card authentication.
- PKI - Public Key Infrastructures are used to manage certificates, including those on smart cards.
- VPN - build private networks using smart card authentication.
- WPA - use WPA to secure your wireless network including smart card authentication.
- PGP - email can be signed and crypted in PGP format using smart cards.
- Sign arbitrary data and documents using smart cards.
- XML advanced signatures can be created with smart cards.
- HBCI homebanking with a smart card (HBCI is a standard common in Germany).
Developers Corner
- SubversionRepository has our latest source code, if you want to test it or improve it.
- All changes are listed in the [file:ChangeLog ChangeLog] in the source code or online.
- Bug reports are reported and viewed best online.
- DeveloperHardware is always welcome. Thanks for your donation!
- ReleaseHowto documents our release process.
- ReleaseTodo lists the things we want to do before our next release.
- Interoperability is best discussed on an the interopeid mailing list for national id cards.
- RecentTestresults has the test course we aim to do with each release, and help is always very welcome!
- ResourcesLinks -- Standards, Documents, etc.
- DevelopmentPolicy -- the how and why of OpenSC development.
- SslChoice -- if you want to write an SSL enabled application you can choose between many libraries.
- MacOsXTokend -- a Tokend implementation for Mac OS 10.4, based on OpenSC
- GermanApi -- Information about new eCardAPI published by german goverment