SKSD is an open source project intended to provide a basic and transparent interface for storing encryption
keys on smartcards and using those keys directly from the smartcards in various cryptographic applications.
The main idea is to use mechcanisms such as named pipes in order to retrieve the keys from the cards, and,
to possibly avoid further patching of cryptographic software (where possible).
Unix systems have a very smart feature, called "named pipes". Named pipes basically function as standard
pipes, with the difference they are created on a filesystem and can be accessed as ordinary files. We use
named pipes, simply because most applications read keys from files. If we want to interface SKSD with these
applications, we could simply flush the pipes with data (ie. encryption keys) from one side, and point the
desired client program to the pipe (ie. GnuPG).
Download
Note: The project's state is in pre-alpha and planing stage. It is still looking like a big test, the
sourcecode needs to be cleaned, and reorganized. Support for different cards and applications still has to
be added.
For the moment, only GnuPG (> 1.0.4) has been tested. Earlier versions seem to use some wierd functions
which crash when the secret keyring file is a named pipe. However, OpenSSH may be working too, through the
use of ssh-agent.
Supported smartcards
For the moment memory smartcards are supported. Work is on the way on Schlumberger Cryptoflex cards, as
well as separate utilities for formatting, configuring, storing keys, etc on the cards. A more advanced
filesystem for memory cards (with host encryption) is also being one of the first things to come.
Cyberflex Java processor cards are not yet planed, allthough they are certainly somewhere on the TODO list.
Supported smartcard readers
Towitoko Chipdrive Micro is the reader used for developpement. However, any PCSC compliant reader with a
valid CT-Api library should be supported. Echoes about other readers are welcome ...