OpenPGG Card

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Sep 5 18:08:02 CEST 2005


Zeljko Vrba <zvrba at globalnet.hr> writes:
>Peter Gutmann wrote:
>> I'd already offered the use of my PKCS #11 interface code from cryptlib for
>> GPG use some time ago.  This should do everything you need and has had years
>> of tuning to work with all the bugs in various PKCS #11 drivers, it's vastly
>> easier than going through the entire learning curve yourself.
>
>That's correct, it was my proposal in question. The problem is that, under
>Linux, I couldn't find a smart-card + PKCS#11 combination that works
>correctly enough (out of the box) to be usable with cryptlib.

I think the problem is more a generalisation of that, it's "under Linux, I
couldn't find a smart-card + PKCS#11 combination that works correctly".  I've
heard of (from memory) four PKCS #11-for-Linux projects by commercial vendors
that either ended up as pre-alpha quality releases/abandonware or were shelved
beause the vendor couldn't find a business model for them (this was a few
years ago, it may be better now).  The one PKCS #11-under-Linux driver that I
know of that was completed, the nCipher one, works fine with cryptlib.
Everything else is Windows only... actually Eracom have Solaris and some other
OS support (PHUX?), and there's some OEM'd Cryptoswift supported under
Solaris.

(Which other Linux PKCS #11 drivers are there?).

Peter.



More information about the Gnupg-devel mailing list