1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
|
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Virtual Smart Card — vsmartcard 2017-01-16 documentation</title>
<link rel="stylesheet" href="../_static/basic.css" type="text/css" />
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<link rel="stylesheet" href="../_static/bootswatch-3.3.4/flatly/bootstrap.min.css" type="text/css" />
<link rel="stylesheet" href="../_static/bootstrap-sphinx.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: '../',
VERSION: '2017-01-16',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="../_static/jquery.js"></script>
<script type="text/javascript" src="../_static/underscore.js"></script>
<script type="text/javascript" src="../_static/doctools.js"></script>
<script type="text/javascript" src="../_static/js/jquery-1.11.0.min.js"></script>
<script type="text/javascript" src="../_static/js/jquery-fix.js"></script>
<script type="text/javascript" src="../_static/bootstrap-3.3.4/js/bootstrap.min.js"></script>
<script type="text/javascript" src="../_static/bootstrap-sphinx.js"></script>
<link rel="shortcut icon" href="../_static/chip.ico"/>
<link rel="top" title="vsmartcard 2017-01-16 documentation" href="../index.html" />
<link rel="next" title="Remote Smart Card Reader" href="../remote-reader/README.html" />
<link rel="prev" title="Welcome to the Virtual Smart Card Architecture documentation!" href="../index.html" />
<meta charset='utf-8'>
<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>
<meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'>
<meta name="apple-mobile-web-app-capable" content="yes">
</head>
<body>
<script>
// Adjust banner height.
$(function () {
var navHeight = $(".navbar .container").css("height");
$("#gh-banner").css("top", navHeight);
});
</script>
<div id="navbar" class="navbar navbar-default ">
<div class="container">
<div class="navbar-header">
<!-- .btn-navbar is used as the toggle for collapsed navbar content -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../index.html">
vsmartcard</a>
<span class="navbar-text navbar-version pull-left"><b></b></span>
</div>
<div class="collapse navbar-collapse nav-collapse">
<ul class="nav navbar-nav">
<li class="dropdown globaltoc-container">
<a role="button"
id="dLabelGlobalToc"
data-toggle="dropdown"
data-target="#"
href="../index.html">Site <b class="caret"></b></a>
<ul class="dropdown-menu globaltoc"
role="menu"
aria-labelledby="dLabelGlobalToc"><ul class="current">
<li class="toctree-l1 current"><a class="current reference internal" href="">Virtual Smart Card</a></li>
<li class="toctree-l1"><a class="reference internal" href="../remote-reader/README.html">Remote Smart Card Reader</a></li>
<li class="toctree-l1"><a class="reference internal" href="../ACardEmulator/README.html">Android Smart Card Emulator</a></li>
<li class="toctree-l1"><a class="reference internal" href="../TCardEmulator/README.html">Tizen Smart Card Emulator</a></li>
<li class="toctree-l1"><a class="reference internal" href="../pcsc-relay/README.html">PC/SC Relay</a></li>
<li class="toctree-l1"><a class="reference internal" href="../ccid/README.html">USB CCID Emulator</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="api.html">Creating a Virtual Smart Card</a></li>
</ul>
</ul>
</li>
<li class="dropdown">
<a role="button"
id="dLabelLocalToc"
data-toggle="dropdown"
data-target="#"
href="#">Page <b class="caret"></b></a>
<ul class="dropdown-menu localtoc"
role="menu"
aria-labelledby="dLabelLocalToc"><ul>
<li><a class="reference internal" href="#">Virtual Smart Card</a><ul>
<li><a class="reference internal" href="#download">Download</a></li>
<li><a class="reference internal" href="#installation">Installation</a><ul>
<li><a class="reference internal" href="#installation-on-linux-unix-and-similar">Installation on Linux, Unix and similar</a></li>
<li><a class="reference internal" href="#building-and-installing-vpcd-on-mac-os-x">Building and installing <abbr title="virtual smart card reader">vpcd</abbr> on Mac OS X</a></li>
<li><a class="reference internal" href="#building-and-installing-vpcd-on-windows">Building and installing <abbr title="virtual smart card reader">vpcd</abbr> on Windows</a></li>
</ul>
</li>
<li><a class="reference internal" href="#using-the-virtual-smart-card">Using the Virtual Smart Card</a><ul>
<li><a class="reference internal" href="#configuring-vpcd-on-unix">Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Unix</a></li>
<li><a class="reference internal" href="#configuring-vpcd-on-mac-os-x">Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Mac OS X</a></li>
<li><a class="reference internal" href="#configuring-vpcd-on-windows">Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Windows</a></li>
<li><a class="reference internal" href="#running-vpicc">Running <abbr title="virtual smart card">vpicc</abbr></a></li>
</ul>
</li>
<li><a class="reference internal" href="#question">Question</a></li>
<li><a class="reference internal" href="#notes-and-references">Notes and References</a></li>
</ul>
</li>
</ul>
</ul>
</li>
<li>
<a href="../index.html" title="Previous Chapter: Welcome to the Virtual Smart Card Architecture documentation!"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">« Welcome to the V...</span>
</a>
</li>
<li>
<a href="../remote-reader/README.html" title="Next Chapter: Remote Smart Card Reader"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">Remote Smart Car... »</span>
</a>
</li>
<li class="hidden-sm"></li>
</ul>
<form class="navbar-form navbar-right" action="../search.html" method="get">
<div class="form-group">
<input type="text" name="q" class="form-control" placeholder="Search" />
</div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-12 content">
<div class="section" id="virtual-smart-card">
<span id="vicc"></span><h1>Virtual Smart Card<a class="headerlink" href="#virtual-smart-card" title="Permalink to this headline">¶</a></h1>
<div class="sidebar">
<p class="first sidebar-title">Smart card emulator written in Python</p>
<table class="last docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">License:</th><td class="field-body"><p class="first">GPL version 3</p>
</td>
</tr>
<tr class="field-even field"><th class="field-name" colspan="2">Tested Platforms:</th></tr>
<tr class="field-even field"><td> </td><td class="field-body"><ul class="first last simple">
<li>Windows</li>
<li>macOS</li>
<li>Linux (Debian, Ubuntu, OpenMoko)</li>
</ul>
</td>
</tr>
</tbody>
</table>
</div>
<p>Virtual Smart Card emulates a smart card and makes it accessible through PC/SC.
Currently the Virtual Smart Card supports the following types of smart cards:</p>
<ul class="simple">
<li>Generic ISO-7816 smart card including secure messaging</li>
<li>German electronic identity card (nPA) with complete support for <abbr title="Extended Access Control">EAC</abbr>
(<abbr title="Password Authenticated Connection Establishment">PACE</abbr>, <abbr title="Terminal Authenticatation">TA</abbr>, <abbr title="Chip Authentication">CA</abbr>)</li>
<li>Electronic passport (ePass/MRTD) with support for <abbr title="Basic Access Control">BAC</abbr></li>
<li>Cryptoflex smart card (incomplete)</li>
</ul>
<p>The <abbr title="virtual smart card reader">vpcd</abbr> is a smart card reader driver for <a class="reference external" href="http://pcsclite.alioth.debian.org/">PCSC-Lite</a> <a class="footnote-reference" href="#id3" id="id4">[2]</a> and the windows smart
card service. It allows smart card applications to access the <abbr title="virtual smart card">vpicc</abbr> through
the PC/SC API. By default <abbr title="virtual smart card reader">vpcd</abbr> opens slots for communication with multiple
<abbr title="virtual smart card">vpicc</abbr>‘s on localhost on port 35963 and port 35964. But the <abbr title="virtual smart card">vpicc</abbr> does not
need to run on the same machine as the <abbr title="virtual smart card reader">vpcd</abbr>, they can connect over the
internet for example.</p>
<p>Although the Virtual Smart Card is a software emulator, you can use
<a class="reference internal" href="../pcsc-relay/README.html#pcsc-relay"><em>PC/SC Relay</em></a> to make it accessible to an external contact-less smart card
reader.</p>
<p>The file <tt class="file docutils literal"><span class="pre">utils.py</span></tt> was taken from Henryk Plötz’s <a class="reference external" href="https://github.com/henryk/cyberflex-shell">cyberflex-shell</a> <a class="footnote-reference" href="#id1" id="id2">[1]</a>.</p>
<div class="figure">
<p><img src="../_images/tikz-b5a668553fb9bf21fb5abcc4cae46289d11490d1.svg" alt="\input{$wd/bilder/tikzstyles.tex}
\node (pcsclite)
[klein, aktivbox, inner xsep=.7cm, text width=3cm]
{PC/SC Framework\\\
(\texttt{pcscd} or \texttt{SCardSvr})
};
\node (sca) [aktivbox, klein, left=of pcsclite] {Smart Card\\Application};
\node (vpcd) [box, at=(pcsclite.east), xshift=-.3cm] {\texttt{vpcd}};
\node (vicc) [aktivbox, right=2cm of pcsclite] {\texttt{vicc}};
\begin{pgfonlayer}{background}
\path[linie]
(sca) edge (pcsclite)
(vpcd) edge node {\includegraphics[width=1.2cm]{$wd/bilder/simplecloud.pdf}} (vicc)
;
\end{pgfonlayer}" /></p>
<p class="caption">Virtual Smart Card used with PCSC-Lite or WinSCard</p></div><div class="versionadded">
<p><span class="versionmodified">New in version 0.7: </span>The Virtual Smart Card optionally brings its own standalone implementation of
PC/SC. This allows accessing <abbr title="virtual smart card">vpicc</abbr> without PCSC-Lite. Our PC/SC
implementation acts as replacement for <tt class="docutils literal"><span class="pre">libpcsclite</span></tt> which can lead to
problems when used in parallel with PCSC-Lite.</p>
</div>
<div class="figure">
<p><img src="../_images/tikz-c523bba45f9fcaa801dd4f6284c7efa1f320c9b1.svg" alt="\input{$wd/bilder/tikzstyles.tex}
\node (pcsclite)
[klein, box, text width=4cm]
{Virtual Smart Card's\\
PC/SC Framework
};
\node (sca) [aktivbox, klein, left=of pcsclite] {Smart Card\\Application};
\node (vicc) [aktivbox, right=2cm of pcsclite] {\texttt{vicc}};
\begin{pgfonlayer}{background}
\path[linie]
(sca) edge (pcsclite)
(pcsclite) edge node {\includegraphics[width=1.5cm]{$wd/bilder/simplecloud.pdf}} (vicc)
;
\end{pgfonlayer}" /></p>
<p class="caption">Virtual Smart Card used with its own PC/SC implementation</p></div><p>On Android, where a traditional PC/SC framework is not available, you can use
our framework to make your real contact-less smart accessible through PKCS#11.
For example, an email signing application can use the PKCS#11 interface of
OpenSC, which is linked against our PC/SC implementation. Then an Android App
(e.g. <a class="reference internal" href="../remote-reader/README.html#remote-reader"><em>Remote Smart Card Reader</em></a>) can connect as <abbr title="virtual smart card">vpicc</abbr> delegating all requests and
responses via NFC to a contact-less smart card that signs the mail.</p>
<p>Depending on your usage of the <abbr title="virtual smart card">vpicc</abbr> you may need to install the following:</p>
<ul class="simple">
<li><a class="reference external" href="http://www.python.org/">Python</a> <a class="footnote-reference" href="#id5" id="id6">[3]</a></li>
<li><a class="reference external" href="http://pyscard.sourceforge.net/">pyscard</a> <a class="footnote-reference" href="#id7" id="id8">[4]</a> (relaying a local smart card with <em class="xref std std-option">--type=relay</em>)</li>
<li><a class="reference external" href="http://pycrypto.org/">PyCrypto</a> <a class="footnote-reference" href="#id9" id="id10">[5]</a>, <a class="reference external" href="https://www.dlitz.net/software/python-pbkdf2/">PBKDF2</a> <a class="footnote-reference" href="#id11" id="id12">[6]</a>, <a class="reference external" href="http://www.pythonware.com/products/pil/">PIL</a> <a class="footnote-reference" href="#id17" id="id18">[9]</a>, <a class="reference external" href="https://docs.python.org/3.3/library/readline.html">readline</a> <a class="footnote-reference" href="#id13" id="id14">[7]</a> or <a class="reference external" href="https://pypi.python.org/pypi/pyreadline">PyReadline</a> <a class="footnote-reference" href="#id15" id="id16">[8]</a> (emulation of electronic
passport with <em class="xref std std-option">--type=ePass</em>)</li>
<li><a class="reference external" href="https://github.com/frankmorgner/openpace">OpenPACE</a> <a class="footnote-reference" href="#id19" id="id20">[10]</a> (emulation of German identity card with <em class="xref std std-option">--type=nPA</em>)</li>
<li><a class="reference external" href="https://fukuchi.org/works/qrencode/">libqrencode</a> <a class="footnote-reference" href="#id21" id="id22">[11]</a> (to print a QR code on the command line for <cite>vpcd-config</cite>; an
URL will be printed if libqrencode is not available)</li>
</ul>
<div class="section" id="download">
<h2>Download<a class="headerlink" href="#download" title="Permalink to this headline">¶</a></h2>
<p>You can find the latest release of Virtual Smart Card on <a class="reference external" href="https://github.com/frankmorgner/vsmartcard/releases">Github</a>. Older releases are
still available on <a class="reference external" href="http://sourceforge.net/projects/vsmartcard/files">Sourceforge</a>.</p>
<p>Alternatively, you can clone our git repository:</p>
<div class="highlight-sh"><div class="highlight"><pre>git clone https://github.com/frankmorgner/vsmartcard.git
</pre></div>
</div>
</div>
<div class="section" id="installation">
<h2>Installation<a class="headerlink" href="#installation" title="Permalink to this headline">¶</a></h2>
<div class="section" id="installation-on-linux-unix-and-similar">
<h3>Installation on Linux, Unix and similar<a class="headerlink" href="#installation-on-linux-unix-and-similar" title="Permalink to this headline">¶</a></h3>
<p>The Virtual Smart Card uses the GNU Build System to compile and install. If you are
unfamiliar with it, please have a look at <tt class="file docutils literal"><span class="pre">INSTALL</span></tt>. If you can not find
it, you are probably working bleeding edge in the repository. Run the
following command in <tt class="file docutils literal"><span class="pre">virtualsmartcard</span></tt> to get the missing standard
auxiliary files:</p>
<div class="highlight-sh"><div class="highlight"><pre>autoreconf --verbose --install
</pre></div>
</div>
<p>To configure (<strong class="command">configure –help</strong> lists possible options), build and
install the Virtual Smart Card now do the following:</p>
<div class="highlight-sh"><div class="highlight"><pre>./configure --sysconfdir<span class="o">=</span>/etc
make
make install
</pre></div>
</div>
</div>
<div class="section" id="building-and-installing-vpcd-on-mac-os-x">
<h3>Building and installing <abbr title="virtual smart card reader">vpcd</abbr> on Mac OS X<a class="headerlink" href="#building-and-installing-vpcd-on-mac-os-x" title="Permalink to this headline">¶</a></h3>
<p>Mac OS X 10.9 and earlier is using PCSC-Lite as smart card service which allows
using the standard routine for <a class="reference internal" href="#vicc-install"><em>installation on Unix</em></a>.</p>
<p>Mac OS X 10.10 (and later) ships with a proprietary implementation of the PC/SC
layer instead of with PCSC-Lite. As far as we know, this means that smart card
readers must be USB devices instead of directly allowing a more generic type of
reader. To make <abbr title="virtual smart card reader">vpcd</abbr> work we simply configure it to pretend being a USB smart
card reader with an <tt class="file docutils literal"><span class="pre">Ìnfo.plist</span></tt>:</p>
<div class="highlight-sh"><div class="highlight"><pre>./configure --prefix<span class="o">=</span>/ --enable-infoplist
make
make install
</pre></div>
</div>
</div>
<div class="section" id="building-and-installing-vpcd-on-windows">
<h3>Building and installing <abbr title="virtual smart card reader">vpcd</abbr> on Windows<a class="headerlink" href="#building-and-installing-vpcd-on-windows" title="Permalink to this headline">¶</a></h3>
<div class="versionadded">
<p><span class="versionmodified">New in version 0.7: </span>We implemented <abbr title="virtual smart card reader">vpcd</abbr> as user mode device driver for Windows so that
<abbr title="virtual smart card">vpicc</abbr> can directly be used in Windows’ smart card applications that use
PC/SC.</p>
</div>
<p>For the Windows integration we extended <a class="reference external" href="http://www.codeproject.com/Articles/134010/An-UMDF-Driver-for-a-Virtual-Smart-Card-Reader">Fabio Ottavi’s UMDF Driver for a
Virtual Smart Card Reader</a> <a class="footnote-reference" href="#id23" id="id24">[12]</a> with a <abbr title="virtual smart card reader">vpcd</abbr> interface. To build <abbr title="virtual smart card reader">vpcd</abbr> for
Windows we use <a class="reference external" href="https://msdn.microsoft.com/en-us/library/windows/hardware/ff557573">Windows Driver Kit 10 and Visual Studio 2015</a> <a class="footnote-reference" href="#id26" id="id27">[13]</a>. The vpcd
installer requires the <a class="reference external" href="https://wixtoolset.org/releases/v3.10/stable">WiX Toolset 3.10</a> <a class="footnote-reference" href="#id28" id="id29">[14]</a>. If you choose
to download the <a class="reference external" href="https://github.com/frankmorgner/vsmartcard/releases/download/virtualsmartcard-0.7/virtualsmartcard-0.7_win32.zip">Windows binaries</a> <a class="footnote-reference" href="#id30" id="id31">[15]</a>, you may directly jump to step 4.</p>
<ol class="arabic">
<li><p class="first">Clone the git repository and make sure it is initialized with all
submodules:</p>
<div class="highlight-sh"><div class="highlight"><pre>git clone https://github.com/frankmorgner/vsmartcard.git
<span class="nb">cd </span>vsmartcard
git submodule update --init --recursive
</pre></div>
</div>
</li>
<li><p class="first">In Visual Studio open <abbr title="virtual smart card reader">vpcd</abbr>‘s solution
<tt class="file docutils literal"><span class="pre">virtualsmartcard\win32\BixVReader.sln</span></tt> and ensure with the
configuration manager, that the project is built for your platform (i.e.
<tt class="docutils literal"><span class="pre">x64</span></tt> or <tt class="docutils literal"><span class="pre">x82</span></tt>).</p>
</li>
<li><p class="first">If you can successfully <em class="guilabel">Build the solution</em>, you can find
the installer (<tt class="file docutils literal"><span class="pre">BixVReaderInstaller.msi</span></tt>) in
<tt class="file docutils literal"><span class="pre">virtualsmartcard\win32\BixVReaderInstaller\bin\*Release</span></tt></p>
</li>
<li><p class="first">To install <abbr title="virtual smart card reader">vpcd</abbr>, double click <tt class="file docutils literal"><span class="pre">BixVReaderInstaller.msi</span></tt>. Since we
are currently not signing the Installer, this will yield a warning about an
unverified driver software publisher on Windows 8 and later. Click
<em class="guilabel">Install this driver software anyway</em>.</p>
</li>
</ol>
<p>For debugging <abbr title="virtual smart card reader">vpcd</abbr> and building the driver with an older version of Visual
Studio or WDK please see <a class="reference external" href="http://www.codeproject.com/Articles/134010/An-UMDF-Driver-for-a-Virtual-Smart-Card-Reader">Fabio Ottavi’s UMDF Driver for a Virtual Smart Card
Reader</a> <a class="footnote-reference" href="#id23" id="id25">[12]</a> for details.</p>
<p>All of Fabio’s card connectors are still available, but inactive by default
(see <a class="reference internal" href="#configuring-vpcd-on-windows">Configuring vpcd on Windows</a> below).</p>
</div>
</div>
<div class="section" id="using-the-virtual-smart-card">
<h2>Using the Virtual Smart Card<a class="headerlink" href="#using-the-virtual-smart-card" title="Permalink to this headline">¶</a></h2>
<p>The protocol between <abbr title="virtual smart card reader">vpcd</abbr> and <abbr title="virtual smart card">vpicc</abbr> as well as details on extending <abbr title="virtual smart card">vpicc</abbr>
with a different card emulator are covered in <a class="reference internal" href="api.html#virtualsmartcard-api"><em>Creating a Virtual Smart Card</em></a>. Here
we will focus on configuring and running the provided modules.</p>
<div class="section" id="configuring-vpcd-on-unix">
<span id="vicc-config"></span><h3>Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Unix<a class="headerlink" href="#configuring-vpcd-on-unix" title="Permalink to this headline">¶</a></h3>
<p>The configuration file of <abbr title="virtual smart card reader">vpcd</abbr> is usually placed into
<tt class="file docutils literal"><span class="pre">/etc/reader.conf.d/</span></tt>. For older versions of PCSC-Lite you
need to run <strong class="command">update-reader.conf</strong> to update <strong class="command">pcscd</strong>‘s main
configuration file. The PC/SC daemon should read it and load the
<abbr title="virtual smart card reader">vpcd</abbr> on startup. In debug mode <strong class="command">pcscd -f -d</strong> should say something
like “Attempting startup of Virtual PCD” when loading <abbr title="virtual smart card reader">vpcd</abbr>.</p>
<p>By default, <abbr title="virtual smart card reader">vpcd</abbr> opens a socket for <abbr title="virtual smart card">vpicc</abbr> and waits for incoming
connections. The port to open should be specified in <tt class="docutils literal"><span class="pre">CHANNELID</span></tt> and
<tt class="docutils literal"><span class="pre">DEVICENAME</span></tt>:</p>
<div class="highlight-sh"><div class="highlight"><pre>FRIENDLYNAME <span class="s2">"Virtual PCD"</span>
<span class="hll">DEVICENAME /dev/null:0x8C7B
</span>LIBPATH /usr/lib/pcsc/drivers/serial/libifdvpcd.so
<span class="hll">CHANNELID 0x8C7B
</span></pre></div>
</div>
<p>If the first part of the <tt class="docutils literal"><span class="pre">DEVICENAME</span></tt> is different from <tt class="docutils literal"><span class="pre">/dev/null</span></tt>, <abbr title="virtual smart card reader">vpcd</abbr>
will use this string as a hostname for connecting to a waiting <abbr title="virtual smart card">vpicc</abbr>. <abbr title="virtual smart card">vpicc</abbr>
needs to be started with <em class="xref std std-option">--reversed</em> in this case.</p>
</div>
<div class="section" id="configuring-vpcd-on-mac-os-x">
<h3>Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Mac OS X<a class="headerlink" href="#configuring-vpcd-on-mac-os-x" title="Permalink to this headline">¶</a></h3>
<p>Mac OS X 10.9 and earlier is using PCSC-Lite as smart card service which allows
using the standard routine for <a class="reference internal" href="#vicc-config"><em>configuration on Unix</em></a>.</p>
<p>On Mac OS X 10.10 you should have configured the generation of
<tt class="file docutils literal"><span class="pre">Info.plist</span></tt> at compile time. Now do the following for registering <abbr title="virtual smart card reader">vpcd</abbr>
as USB device:</p>
<ol class="arabic">
<li><p class="first">Choose an USB device (e.g. mass storage, phone, mouse, ...), which will be
used to start <abbr title="virtual smart card reader">vpcd</abbr>. Plug it into the computer.</p>
</li>
<li><p class="first">Run the following command to get the device’s product and vendor ID:</p>
<div class="highlight-sh"><div class="highlight"><pre>system_profiler SPUSBDataType
</pre></div>
</div>
</li>
<li><p class="first">Change <tt class="file docutils literal"><span class="pre">/usr/libexec/SmartCardServices/drivers/ifd-vpcd.bundle/Info.plist</span></tt>
to match your product and vendor ID:</p>
</li>
</ol>
<div class="highlight-sh"><div class="highlight"><pre><?xml <span class="nv">version</span><span class="o">=</span><span class="s2">"1.0"</span> <span class="nv">encoding</span><span class="o">=</span><span class="s2">"UTF-8"</span>?>
<!DOCTYPE plist PUBLIC <span class="s2">"-//Apple Computer//DTD PLIST 1.0//EN"</span> <span class="s2">"http://www.apple.com/DTDs/PropertyList-1.0.dtd"</span>>
<plist <span class="nv">version</span><span class="o">=</span><span class="s2">"1.0"</span>>
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleExecutable</key>
<string>libifdvpcd.dylib</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>ifd-vpcd</string>
<key>CFBundlePackageType</key>
<string>BNDL</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>0.8</string>
<key>ifdManufacturerString</key>
<string>Virtual Smart Card Architecture</string>
<key>ifdProductString</key>
<string>Virtual PCD</string>
<key>ifdCapabilities</key>
<string>0x00000000</string>
<key>ifdProtocolSupport</key>
<string>0x00000001</string>
<key>ifdVersionNumber</key>
<string>0x00000001</string>
<key>ifdVendorID</key>
<array>
<span class="hll"> <string>0x18d1</string>
</span> </array>
<key>ifdProductID</key>
<array>
<span class="hll"> <string>0x4ee1</string>
</span> </array>
<key>ifdFriendlyName</key>
<array>
<string>/dev/null:0x8C7B</string>
</array>
<key>Copyright</key>
<string>This driver is protected by terms of the GNU General Public License version 3, or <span class="o">(</span>at your option<span class="o">)</span> any later version.</string>
</dict>
</plist>
</pre></div>
</div>
<p>Note that <tt class="docutils literal"><span class="pre">ifdFriendlyName</span></tt> can be used in the same way as <tt class="docutils literal"><span class="pre">DEVICENAME</span></tt>
<a class="reference internal" href="#vicc-config"><em>described above</em></a>.</p>
<ol class="arabic" start="4">
<li><p class="first">Restart the PC/SC service:</p>
<div class="highlight-sh"><div class="highlight"><pre>sudo killall -SIGKILL -m .*com.apple.ifdreader
</pre></div>
</div>
</li>
</ol>
<p>Now, every time you plug in your USB device <abbr title="virtual smart card reader">vpcd</abbr> will be started. It will be
stopped when you unplug the device.</p>
</div>
<div class="section" id="configuring-vpcd-on-windows">
<h3>Configuring <abbr title="virtual smart card reader">vpcd</abbr> on Windows<a class="headerlink" href="#configuring-vpcd-on-windows" title="Permalink to this headline">¶</a></h3>
<p>The configuration file <tt class="file docutils literal"><span class="pre">BixVReader.ini</span></tt> of <abbr title="virtual smart card reader">vpcd</abbr> is installed to
<tt class="file docutils literal"><span class="pre">C:\Windows</span></tt> (<span class="target" id="index-0"></span><tt class="xref std std-envvar docutils literal"><span class="pre">%SystemRoot%</span></tt>). The user mode device driver
framework (<strong class="command">WUDFHost.exe</strong>) should read it automatically and load the
<abbr title="virtual smart card reader">vpcd</abbr> on startup. The Windows Device Manager <strong class="command">mmc devmgmt.msc</strong> should
list the <em class="guilabel">Bix Virtual Smart Card Reader</em>.</p>
<p><abbr title="virtual smart card reader">vpcd</abbr> opens a socket for <abbr title="virtual smart card">vpicc</abbr> and waits for incoming connections. The port
to open should be specified in <tt class="docutils literal"><span class="pre">TCP_PORT</span></tt>:</p>
<div class="highlight-sh"><div class="highlight"><pre><span class="o">[</span>Driver<span class="o">]</span>
<span class="nv">NumReaders</span><span class="o">=</span>3
<span class="o">[</span>Reader0<span class="o">]</span>
<span class="nv">RPC_TYPE</span><span class="o">=</span>0
<span class="nv">VENDOR_NAME</span><span class="o">=</span>Fabio Ottavi
<span class="nv">VENDOR_IFD_TYPE</span><span class="o">=</span>Pipe Reader
<span class="hll"><span class="nv">DECIVE_UNIT</span><span class="o">=</span>0
</span>
<span class="o">[</span>Reader1<span class="o">]</span>
<span class="nv">RPC_TYPE</span><span class="o">=</span>1
<span class="nv">VENDOR_NAME</span><span class="o">=</span>Fabio Ottavi
<span class="nv">VENDOR_IFD_TYPE</span><span class="o">=</span>TCP/IP Reader
<span class="nv">DECIVE_UNIT</span><span class="o">=</span>1
<span class="o">[</span>Reader2<span class="o">]</span>
<span class="nv">RPC_TYPE</span><span class="o">=</span>2
<span class="nv">VENDOR_NAME</span><span class="o">=</span>Virtual Smart Card Architecture
<span class="nv">VENDOR_IFD_TYPE</span><span class="o">=</span>Virtual PCD
<span class="nv">TCP_PORT</span><span class="o">=</span>35963
<span class="nv">DECIVE_UNIT</span><span class="o">=</span>2
</pre></div>
</div>
<p>Currently it is not possible to configure the Windows driver to connect to an
<abbr title="virtual smart card">vpicc</abbr> running with <em class="xref std std-option">--reversed</em>.</p>
</div>
<div class="section" id="running-vpicc">
<h3>Running <abbr title="virtual smart card">vpicc</abbr><a class="headerlink" href="#running-vpicc" title="Permalink to this headline">¶</a></h3>
<p>The compiled <a class="reference external" href="https://github.com/frankmorgner/vsmartcard/releases/download/virtualsmartcard-0.7/virtualsmartcard-0.7_win32.zip">Windows binaries</a> <a class="footnote-reference" href="#id30" id="id32">[15]</a> of <abbr title="virtual smart card">vpicc</abbr> include OpenPACE. The other
dependencies listed above need to be installed seperately. You can start the
<abbr title="virtual smart card">vpicc</abbr> via <strong class="command">python.exe vicc.py</strong>. On all other systems an executable
script <strong class="command">vicc</strong> is installed using the autotools.</p>
<p>The <abbr title="virtual smart card">vpicc</abbr> option <em class="xref std std-option">--help</em> gives an overview about the command line
switches:</p>
<div class="highlight-text"><div class="highlight"><pre>usage: vicc [-h] [-t {iso7816,cryptoflex,ePass,nPA,relay,handler_test}] [-v]
[-f FILE] [-H HOSTNAME] [-P PORT] [-R] [--version]
[--reader READER] [--ef-cardaccess EF_CARDACCESS]
[--ef-cardsecurity EF_CARDSECURITY] [--cvca CVCA]
[--disable-ta-checks] [--ca-key CA_KEY] [-d DATASETFILE]
[--esign-cert ESIGN_CERT] [--esign-ca-cert ESIGN_CA_CERT]
Virtual Smart Card 0.8: Smart card emulator written in Python. The emulator
connects to the virtual smart card reader reader (vpcd). Smart card
applications can access the Virtual Smart Card through the vpcd via PC/SC.
optional arguments:
-h, --help show this help message and exit
-t {iso7816,cryptoflex,ePass,nPA,relay,handler_test}, --type {iso7816,cryptoflex,ePass,nPA,relay,handler_test}
type of smart card to emulate (default: iso7816)
-v, --verbose Use (several times) to be more verbose
-f FILE, --file FILE load a saved smart card image
-H HOSTNAME, --hostname HOSTNAME
specifiy vpcd's host name if vicc shall connect to it.
(default: localhost)
-P PORT, --port PORT port of connection establishment (default: 35963)
-R, --reversed use reversed connection mode. vicc will wait for an
incoming connection from vpcd. (default: False)
--version show program's version number and exit
Relaying a local smart card (`--type=relay`):
--reader READER number of the reader containing the card to be relayed
(default: 0)
Emulation of German identity card (`--type=nPA`):
--ef-cardaccess EF_CARDACCESS
the card's EF.CardAccess (default: use file from first
generation nPA)
--ef-cardsecurity EF_CARDSECURITY
the card's EF.CardSecurity (default: use file from
first generation nPA)
--cvca CVCA trust anchor for verifying certificates in TA
(default: use libeac's trusted certificates)
--disable-ta-checks disable checking the validity period of CV certifcates
(default: False)
--ca-key CA_KEY the chip's private key for CA (default: randomly
generated, invalidates signature of EF.CardSecurity)
-d DATASETFILE, --datasetfile DATASETFILE
Load the smartcard's data groups (DGs) from the
specified dataset file. For DGs not in dataset file
default values are used. The data groups in the data
set file must have the following syntax:
---------------------------------------------------
Datagroupname=Datagroupvalue
---------------------------------------------------
For Example: GivenNames=GERTRUD. The following Dataset
Elements may be used in the dataset file:
DocumentType, IssuingState, DateOfExpiry, GivenNames,
FamilyNames, ReligiousArtisticName, AcademicTitle,
DateOfBirth, PlaceOfBirth, Nationality, Sex,
BirthName, Country, City, ZIP, Street, CommunityID,
ResidencePermit1, ResidencePermit2, dg12, dg14, dg15,
dg16, dg21.
--esign-cert ESIGN_CERT
the card holder's certificate for QES
--esign-ca-cert ESIGN_CA_CERT
the CA's certificate for QES
Report bugs to https://github.com/frankmorgner/vsmartcard/issues
</pre></div>
</div>
<div class="versionadded">
<p><span class="versionmodified">New in version 0.7: </span>We implemented <strong class="command">vpcd-config</strong> which tries to guess the local IP
address and outputs <abbr title="virtual smart card reader">vpcd</abbr>‘s configuration. <abbr title="virtual smart card">vpicc</abbr>‘s options should be
chosen accordingly (<em class="xref std std-option">--hostname</em> and <em class="xref std std-option">--port</em>)
<strong class="command">vpcd-config</strong> also prints a QR code for configuration of the
<a class="reference internal" href="../remote-reader/README.html#remote-reader"><em>Remote Smart Card Reader</em></a>.</p>
</div>
<p>When <abbr title="virtual smart card reader">vpcd</abbr> and <abbr title="virtual smart card">vpicc</abbr> are connected you should be able to access the card
through the PC/SC API. You can use the <strong class="command">opensc-explorer</strong> or
<strong class="command">pcsc_scan</strong> for testing. In Virtual Smart Card’s root directory we also
provide scripts for testing with <a class="reference external" href="https://github.com/frankmorgner/OpenSC">npa-tool</a> <a class="footnote-reference" href="#id33" id="id34">[16]</a> and PCSC-Lite’s smart card
reader driver tester.</p>
</div>
</div>
<div class="section" id="question">
<h2>Question<a class="headerlink" href="#question" title="Permalink to this headline">¶</a></h2>
<p>Do you have questions, suggestions or contributions? Feedback of any kind is
more than welcome! Please use our <a class="reference external" href="https://github.com/frankmorgner/vsmartcard/issues">project trackers</a>.</p>
</div>
<div class="section" id="notes-and-references">
<h2>Notes and References<a class="headerlink" href="#notes-and-references" title="Permalink to this headline">¶</a></h2>
<table class="docutils footnote" frame="void" id="id1" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id2">[1]</a></td><td><a class="reference external" href="https://github.com/henryk/cyberflex-shell">https://github.com/henryk/cyberflex-shell</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id3" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id4">[2]</a></td><td><a class="reference external" href="http://pcsclite.alioth.debian.org/">http://pcsclite.alioth.debian.org/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id5" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id6">[3]</a></td><td><a class="reference external" href="http://www.python.org/">http://www.python.org/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id7" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id8">[4]</a></td><td><a class="reference external" href="http://pyscard.sourceforge.net/">http://pyscard.sourceforge.net/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id9" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id10">[5]</a></td><td><a class="reference external" href="http://pycrypto.org/">http://pycrypto.org/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id11" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id12">[6]</a></td><td><a class="reference external" href="https://www.dlitz.net/software/python-pbkdf2/">https://www.dlitz.net/software/python-pbkdf2/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id13" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id14">[7]</a></td><td><a class="reference external" href="https://docs.python.org/3.3/library/readline.html">https://docs.python.org/3.3/library/readline.html</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id15" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id16">[8]</a></td><td><a class="reference external" href="https://pypi.python.org/pypi/pyreadline">https://pypi.python.org/pypi/pyreadline</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id17" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id18">[9]</a></td><td><a class="reference external" href="http://www.pythonware.com/products/pil/">http://www.pythonware.com/products/pil/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id19" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id20">[10]</a></td><td><a class="reference external" href="https://github.com/frankmorgner/openpace">https://github.com/frankmorgner/openpace</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id21" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id22">[11]</a></td><td><a class="reference external" href="https://fukuchi.org/works/qrencode/">https://fukuchi.org/works/qrencode/</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id23" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label">[12]</td><td><em>(<a class="fn-backref" href="#id24">1</a>, <a class="fn-backref" href="#id25">2</a>)</em> <a class="reference external" href="http://www.codeproject.com/Articles/134010/An-UMDF-Driver-for-a-Virtual-Smart-Card-Reader">http://www.codeproject.com/Articles/134010/An-UMDF-Driver-for-a-Virtual-Smart-Card-Reader</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id26" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id27">[13]</a></td><td><a class="reference external" href="https://msdn.microsoft.com/en-us/library/windows/hardware/ff557573">https://msdn.microsoft.com/en-us/library/windows/hardware/ff557573</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id28" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id29">[14]</a></td><td><a class="reference external" href="https://wixtoolset.org/releases/v3.10/stable">https://wixtoolset.org/releases/v3.10/stable</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id30" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label">[15]</td><td><em>(<a class="fn-backref" href="#id31">1</a>, <a class="fn-backref" href="#id32">2</a>)</em> <a class="reference external" href="https://github.com/frankmorgner/vsmartcard/releases/download/virtualsmartcard-0.7/virtualsmartcard-0.7_win32.zip">https://github.com/frankmorgner/vsmartcard/releases/download/virtualsmartcard-0.7/virtualsmartcard-0.7_win32.zip</a></td></tr>
</tbody>
</table>
<table class="docutils footnote" frame="void" id="id33" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id34">[16]</a></td><td><a class="reference external" href="https://github.com/frankmorgner/OpenSC">https://github.com/frankmorgner/OpenSC</a></td></tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-right">
<a href="#">Back to top</a>
</p>
<p>
© Copyright 2009-2017 by Dominik Oepen and Frank Morgner.<br/>
</p>
</div>
</footer>
</body>
</html>
|
