Skip to content

SDK 4.0

Frederikus edited this page Jun 16, 2020 · 1 revision

Table of Contents

Introduction

Version 4.0 of the eID Middleware (the eID Middleware contains libraries used by the eID SDK) and the corresponding eID MW SDK 4.0 have been released.

Details

Getting the SDK

The eID Middleware 4.1 has been released and can be found here:
https://eid.belgium.be/en/using_your_eid/installing_the_eid_software

The 4.1 eID SDK can be found inside the eID middleware source tree:
https://github.com/Fedict/eid-mw/tree/v4.4/doc/sdk

Content

This 4.1 eidmw SDK will break radically with the older 2.x and 3.5 SDK API's.
We will no longer define our own API, but in fact use the cryptografic token interface standard PKCS#11 v2.11 API.
The PKCS#11 v2.11 specification can be found inside the "documentation" folder in the SDK directory, the file pkcs-11v2-11r1.pdf

The PKCS#11 v2.11 API will allow you to check for detected cardreaders and card and will allow to retrieve data from the card (either as full files and certificates, or parsed data within these files e.g. first name), sign data with the card,.. .

Samples on how to use the new API will be provided in the SDK.
Some can be found already in our source section at doc/sdk/examples

Automatic signatures checking of the data files or validating certificates will not be done within the PKCS#11 API.

Compatibility

Eidmw 4.0 is compatible with SDK 3.5. A warning message about SDK 3.5 deprecation is shown to the user. Future versions of the eid middleware may drop support for SDK 3.5.
Backwards compatibility with version 3.5 of the SDK is planned in the form of an extra downloadable package from the eid.belgium.be site.
Backwards compatibility towards version 2.x of the SDK was dropped.
Older eidmw releases will not be compatible with the 4.0 Eidmw SDK.

In eidmw 4.1, support for SDK 3.5 was dropped.

Java applet examples compatibility

SDK 3.5 contains an example Java applet. This applet accesses the eid middleware libraries installed on the client trough JNI libraries.

  • SDK 4.0 will not provide Java examples*. Java has evolved over time and smartcard access is now provided by the JVM. Applets can do smartcard operations right in the JVM. This fact removes the need for client side middleware dependencies.
Fedict provides and maintains a pure Java eid applet. Around the "eid-applet", other applications are built to ease integration with web based applications. We suggest users of SDK 3.5 Java to move on to this platform.

More information:

  * eid-applet (http://github.com/Fedict/eid-applet/)
  * Identifcation and authentication: eid-idp (http://github.com/Fedict/eid-idp)
  * Digital signatures: eid-dss (http://github.com/Fedict/eid-dss)

Test environment

A set of test cards can be ordered through [the](https://www.eazysign.be/en/eazyset-your-set-of-eid-testing-cards). More information and tooling for the test cards can be found at [zetescards](https://eiddevcards.zetescards.be/)

There is also a [test](https://github.com/Fedict/eid-test-cards) for a previous generation of test cards, which is now no longer maintained. In addition, the test cards framework can be combined with the [eID](https://github.com/Fedict/eid-test-ca) implementation, which allows to generate certificates and signature algorithms other than the ones on the card itself. By using the test CA, developers can test verification of cards with SHA256 signatures even if they own SHA1 cards themselves, or vice versa, and other similar things. This test CA, however, is also no longer maintained.