openpgp-card

No description

Find a file

Heiko Schaefer 0cdf5ce2a4 Added more text about architecture.		2021-08-28 13:47:20 +02:00
.reuse	Fix reuse license information	2021-07-17 02:27:51 +02:00
card-functionality	Add a CI job to run 'cargo test' with rustc/cargo from debian stable.	2021-08-27 15:15:31 +02:00
example	Initial commit	2021-06-30 22:29:23 +02:00
LICENSES	Initial commit	2021-06-30 22:29:23 +02:00
openpgp-card	Edit comment	2021-08-28 11:58:42 +02:00
openpgp-card-sequoia	Add a CI job to run 'cargo test' with rustc/cargo from debian stable.	2021-08-27 15:15:31 +02:00
pcsc	Release pcsc, scdc.	2021-08-26 15:05:40 +02:00
scdc	Document known limitations of scdc	2021-08-27 23:05:58 +02:00
.gitignore	Move the configuration of cards for card-functionality test suite into the file `config/test-cards.toml`.	2021-08-04 19:15:45 +02:00
.gitlab-ci.yml	Add a CI job to run 'cargo test' with rustc/cargo from debian stable.	2021-08-27 15:15:31 +02:00
.rustfmt.toml	rustfmt	2021-07-01 23:46:12 +02:00
Cargo.toml	Refactor:	2021-08-18 14:03:54 +02:00
README.md	Added more text about architecture.	2021-08-28 13:47:20 +02:00

README.md

This project implements client software for the OpenPGP card standard, in Rust.

Architecture

The project consists of the following crates:

openpgp-card, which offers a relatively low level OpenPGP card client API. It is PGP implementation agnostic.
openpgp-card-pcsc, a backend to communicate with smartcards via pcsc.
openpgp-card-scdc, a backend to communicate with smartcards via an scdaemon instance.
openpgp-card-sequoia, a higher level API for conveniently using openpgp-card with Sequoia PGP.
openpgp-card-tests, a testsuite to run OpenPGP card operations on smartcards.

graph BT
    OP["openpgp-card-pcsc <br/> (pcsclite backend)"] --> OC
    OS["openpgp-card-scdc <br/> (scdaemon backend)"] --> OC["openpgp-card <br/> (low level API)"]
    OC --> OCS["openpgp-card-sequoia <br/> (high level, sequoia based API)"]
    OC -.-> U1[non-sequoia/low level user application]
    OCS -.-> U2[sequoia-based user application]

classDef userApp stroke-dasharray: 5 5;
class U1,U2 userApp;

The openpgp-card crate

Implements the functionality described in the OpenPGP card specification, offering an API at roughly the level of abstraction of that specification, using Rust data structures. (However, this crate may work around some minor quirks of specific card models, in order to offer clients a somewhat uniform view) This crate and its API do not depend or rely on an OpenPGP implementation.

Backends

Implement:

functionality to find and connect to a card (these operations may vary significantly between different backends), and
a very simple communication primitive, by implementing the CardClient trait: sending individual APDU commands and receiving responses.

All higher level and/or OpenPGP card-specific logic (including command chaining) is handled in the openpgp-card layer.

The openpgp-card-sequoia crate

Offers a higher level interface, based around Sequoia PGP datastructures.

Most client projects will probably want to use only this crate, and ignore the lower level crates as implementation details.

Acknowledgements

This project is based on the OpenPGP Card spec, version 3.4.1.

Other helpful resources included:

The free Gnuk OpenPGP card implementation by gniibe.
The Rust/Sequoia-based OpenPGP card client code in kushaldas' project johnnycanencrypt.
The scdaemon client implementation by the GnuPG project.
The open-keychain project, which implements an OpenPGP card client for Java/Android.
The Rust/Sequoia-based OpenPGP card client code by Robin Krahl.