PC/SC over Network on Linux

Once configured to run the CCID profile / PC/SC mode, a network-attached SpringCore device is supported by springcard-ccid-tcp, an open source project based on Ludovic Rousseau’s CCID driver, that works with the PCSCLite middleware. SpringCard does not provide binary packages, but the project is easy to compile from the source.

Notes

Always use the latest version of the driver. Old versions may not support the newest devices.

Project pages

Getting support

Both the CCID-TCP driver and the PCSCLite package are open source projects.

SpringCard has developed this fork of the CCID driver a free software (as in free speech) but can’t provide free support (as in free beer) for every distribution or hardware platform.

Integrators who rely on Linux for their solutions and are looking for a paid support can contact SpringCard sales team.

Security considerations

The TCP channel used to convey the CCID protocol is intrinsically insecure: it provides neither confidentiality nor integrity protection. It must therefore only be used on a trusted local or private network.

However, the SpringCore device can be adapted to operate at a much higher security level, by using either

  • A protocol-level encryption of the CCID messages, after a mutual authentication either with a shared AES key or through an ECDH key exchange.
  • TLS encryption of the underlying channel, with password protection.

Integrators requiring such a level of security should contact SpringCard’s sales team since these features are only available as part as a dedicated project.