Skip to content

A Go implementation for talking to an OpenPGP smartcard application

License

Notifications You must be signed in to change notification settings

cunicu/go-openpgp-card

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

go-openpgp-card: A Go Implementation of the OpenPGP Smart Card application

GitHub Workflow Status goreportcard Codecov branch License GitHub go.mod Go version Go Reference

go-openpgp-card is a Go package providing an interface to the OpenPGP application on ISO Smart Card Operating Systems.

Features

go-openpgp-card implements the Functional Specification of the OpenPGP application in Version v3.4.1.

  • Supported commands:

    • 7.2.1 SELECT
    • 7.2.2 VERIFY
    • 7.2.3 CHANGE REFERENCE DATA
    • 7.2.4 RESET RETRY COUNTER
    • 7.2.5 SELECT DATA
    • 7.2.6 GET DATA
      • Application related
      • Security Support Template
      • Private data
      • Cardholder related
      • Password status
      • Login data
      • Public key URL
      • Cardholder certificates
      • User interaction flag
    • 7.2.7 GET NEXT DATA
    • 7.2.8 PUT DATA
      • Resetting Code
      • Name
      • Language
      • Sex
      • Public Key URL
      • Login data
      • Private data
      • User interaction flag
      • Password status
      • Key Import
        • AES
        • RSA
        • ECDSA
        • EdDSA
    • 7.2.9 GET RESPONSE
    • 7.2.10 PSO: COMPUTE DIGITAL SIGNATURE
      • RSA
      • ECDSA
      • EdDSA
    • 7.2.11 PSO: DECIPHER
      • AES
      • RSA
      • ECDH
      • EdDSA
    • 7.2.12 PSO: ENCIPHER
      • AES
    • 7.2.13 INTERNAL AUTHENTICATE
      • RSA
      • ECDSA
      • EdDSA
    • 7.2.14 GENERATE ASYMMETRIC KEY PAIR
      • RSA
      • Elliptic Curves
    • 7.2.15 GET CHALLENGE
    • 7.2.16 TERMINATE DF
    • 7.2.17 ACTIVATE FILE
    • 7.2.18 MANAGE SECURITY ENVIRONMENT
  • Key Derivation Function (KDF) for VERIFY

  • PIN Handler / Callback

YubiKey extensions

  • Set PIN Retry counters
  • Attestation

Tested implementations

  • Yubikey
    • FW version 5.4.3

Install

go-openpgp-card needs to be build with CGO_ENABLED=1 and requires the following external dependencies:

apt-get install \
    libpcsclite-dev

Contact

Please have a look at the contact page: cunicu.li/docs/contact.

License

go-openpgp-card is licensed under the Apache 2.0 license.