Skip to content

Latest commit

 

History

History
66 lines (57 loc) · 14.2 KB

Removal-of-Old-Card-Drivers.md

File metadata and controls

66 lines (57 loc) · 14.2 KB
Raw

Removal of Old Card drivers

Many of the internal card drivers have not been modified or used in years (card-*.c and their pkcs15-*.c counterpart). Although they may have gotten touched due to general security fixes, these changes are mostly untested with these card drivers. Most likely these cards are not in use anymore. To reduce the overall attack surface, we are planning to remove the old card drivers.

Card Driver Overview

Driver Support Added To be Deactivated Removed User Activity Developer Activity
card-akis.c 2007 yes 2007
card-asepcos.c 2007 yes no 2023 2014
card-authentic.c 2010 no no 2023 2018
card-atrust-acos.c 2005 yes no 2020
card-belpic.c 2005 no no 2021 2021
card-cac.c 2017 no no 2021 2020
card-cac1.c 2018 no no
card-cardos.c 2006 no no 2023 2021
card-coolkey.c 2016 no no 2018
card-dnie.c 2013 no no 2020 2020
card-edo.c 2020 no no 2019
card-entersafe.c 2008 no no 2023 2017
card-eoi.c 2023 no no 2022
card-epass2003.c 2012 no no 2023 2023
card-esteid2018.c 2019 no no 2021
card-flex.c 2002 yes no 2010
card-gemsafeV1.c 2007 no no 2019 2019
card-gids.c 2016 no no 2020 2019
card-gpk.c 2002 yes 2007
card-iasecc.c 2011 no no 2021 2021
card-idprime.c 2020 no no 2022 2023
card-incrypto34.c 2005 yes 2007
card-isoApplet.c 2015 no no 2023 2023
card-itacns.c 2010 no no 2023 2022
card-jcop.c 2003 yes 2003
card-jpki.c 2016 no no 2017
card-masktech.c 2015 no no 2015
card-mcrd.c 2002 yes no 2017 EstEID deactivated in 2024
card-miocos.c 2002 yes 2003
card-muscle.c 2006 no no 2015
card-myeid.c 2009 no no 2023 2023
card-npa.c 2017 no no 2023 2022
card-nqApplet.c 2021 no no
card-oberthur.c 2004 no no 2020 2016
card-openpgp.c 2003 no no 2023 2023
card-piv.c 2006 no no 2023 2023
card-rtecp.c 2009 no no 2017 2021
card-rutoken.c 2007 no no 2019
card-sc-hsm.c 2012 no no 2023 2023
card-setcos.c 2001 no no 2017 2016
card-skeid.c 2023 no no
card-starcos.c 2003 no no 2021 2022
card-tcos.c 2002 no no 2019 2019
card-westcos.c 2009 yes 2010

Deactivated: The card driver is removed from the default OpenSC configuration. For usage, it is necessary to enable the card driver in opensc.conf

Removed: The card driver is removed from the default OpenSC binaries. For further use, the drivers need to be pulled from git history.

User Activity: Indicates if someone is actively using the card. This may be a bug report, feature request, a question on the mailing list.

Developer Activity: Indicates if someone is actively developing and maintaining a card driver. This doesn't include generic fixes, which are untested with the card in question, e.g. fixes for issues that are reported by Coverity scan.

Rationale for Removing a card driver

  • A card driver will be deactivated if there was no activity for 7 years or more
  • A card driver will be removed if there was no activity for 10 years or more
  • Removing a card driver will take at least two release cycles (i.e. one release that deactivates the card driver and a second to remove it)