GIDS smart card – PKI card without driver installation

Download the GIDS smart card applet and do not forget to initialize it using OpenSC (gids-tool -X) or our program.

Overview : GIDS smart card

Generic Identity Device Specification (GIDS) smart card is the only PKI smart card whose driver is integrated on each Windows since Windows 7 SP1 and which can be used read and write. No Windows driver installation is required and this card can be used instantly.

My Smart Logon is providing free of charge a javacard applet to transform a java card into a GIDS smart card and its integration in OpenSC for other operating systems (Linux, MacOSX, …).

General requirements

  • Java Card version 2.2.1 or above (see the list of tested cards)
  • Implementation of the “requestObjectDeletion()”-mechanism of the Java Card API is recommended to be able to properly delete files.
  • Windows 7 SP1 / 2008 R2 or later for the minidriver ; OpenSC for pkcs11

 Features

Driver requiredWindows: none ; pkcs11: OpenSC
CryptographyRSA 1024 and RSA 2048
AuthenticationPIN and administrator authentication. Compatibility with Windows integrated unblock
Pinpad compatibilityOpenSC only

 

FAQ

  1. What is the reference documentation ? GIDS specification and the minidriver specification.
  2.  Why the GIDS smart card doesn’t support ECC while the specification tell so? The implementation of the Microsoft minidriver does support only RSA 1024 and 2048. When Microsoft will support ECC, we will add the support. We have published our finding on this page.
  3.  Is the GIDS smart card compatible with My Smart Logon products or any other software? Yes, with the embedded minidriver or the OpenSC pkcs11 library. Truecrypt is not supported by the current implementation of OpenSC for the moment but this can be fixed.
  4. Can I import a P12 file ? Since Windows 10, you have to follow this procedure. The Windows 7 native driver prohibits the import of p12 file. Use OpenSC 0.16 or next and issue the command:
    “c:\Program Files (x86)\OpenSC Project\OpenSC\tools\pkcs15-init.exe” –auth-id 80 –pin <mypin> –verify-pin -f PKCS12 –passphrase “<my passphrase>” t -S <myfile.p12>
    Then check the import with certutil -scinfo or pkcs15-tool.exe -D

Known problems

Microsoft and OpenSC loads the PIV applet before the GIDS applet. You cannot read the GIDS data if the PIV is installed on the same card.

If the PIV applet has been installed on a card (and the card read by Windows) with the same ATR, Windows add a cache entry in the registry in the “Calais” key making the link with the applet type (PIV, GIDS) and the ATR. Delete this entry or change the ATR to allows its load. This entry exists on x64 at 2 places (normal and Wow64 node).