smartcard howto notes

Brian Gough bjg at network-theory.co.uk
Sat May 7 13:22:17 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,
I worked through the smartcard howto in debian stable
setting up a reader for my FSFE cryptocard. Below
are some notes, I had some problems with hotplug
but did get it working -- very cool.

- -- 
Brian Gough

Network Theory Ltd,
Publishing Free Software Manuals --- http://www.network-theory.co.uk/

- ----------------------------------------------------------------------

- - Section 2.2. Required Hardware

SCM card readers can be purchased online in the UK from 
http://www.crownhill.co.uk/

- - 2.2.1. A List of tested Readers

The description for SCM Microsystems SPR532 says

   The pinpad may be used to securely enter the PIN
  without using the attached computer.

With GPG 1.4.1, I am prompted to enter the pin on the tty.  Is secure
entry supported?  I'd like to use this feature (I bought an SPR532
based on this).  If not, suggest adding a note about the actual
supported/unsupported status.

- - Section 2.3.1. CCID (Chip Card Interface Description)

The hotplug package in Debian stable requires all the numbers in
gnupg-ccid.usermap to have a 0x prefix, otherwise it gives an
"unparseable line" error and the 

i.e.

    gnupg-ccid 0x0003 0x04e6 0xe003 0x0 0x0 0x0 0x0 0x00 0x0B 0x00 0x00 0x00000000

instead of

    gnupg-ccid  0x0003  0x04e6 0xe003 0 0 0 0 0x00 0x0B 0x00 0x00 0x00000000


If hotplug is not working then gpg gives the following error when
accessing the card,

    gpg: apdu_open_reader: failed to open driver `libpcsclite.so':
    libpcsclite.so: cannot open shared object file: No such file or
    directory

Initially I tried installing the pcsc packages to get rid of the
error.  Could be worth adding a note that these are not needed for USB
readers.


- - CVS access

On ://www.gnupg.org/(en)/documentation/howtos.html  there is a link
"The smartcard howto is also available via CVS"

I couldn't find the original source, I tried checking out "gnupg-www"  
but it seems to contain derived files in gnupg-www/howtos/card-howto/en
according to the README there.

- ----------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCfKTebiFv7WQGnVwRAv06AJ0Q9rGbZEjrDYP44+Dml4M1VhHVOwCfeaEL
4pLLzKpfmQ1j+AztKAWRNTM=
=kCDH
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list