Revised patch to support the SmartCard-HSM in scdaemon

Andreas Schwier andreas.schwier.ml at cardcontact.de
Thu Jul 9 09:32:28 CEST 2015


Hello,

the SmartCard-HSM driver only works with gpgsm. When we wrote the
driver, there was a limitation in gpg that prevented the use of anything
else than a card compliant with the OpenPGP Card specification [1].

If that situation has been resolved, then I'm more than happy to make
the SmartCard-HSM available as key store for GnuPG keys.

Andreas

[1] http://lists.gnupg.org/pipermail/gnupg-devel/2013-November/028034.html


On 07/09/2015 07:50 AM, NIIBE Yutaka wrote:
> Hello,
> 
> This is a reply to your message sent last year.
> 
> On 07/23/2014 06:04 AM, Andreas Schwier wrote:
>> please find attached [1] the revised patch to GnuPG master, adding
>> support for the SmartCard-HSM to scdaemon.
> 
> Recently, we received a post to gnupg-users about using the
> SmartCard-HSM for OpenPGP.
> 
>   http://lists.gnupg.org/pipermail/gnupg-users/2015-July/053870.html
> 
> IIUC, the driver you submitted is intended to be used with gpgsm,
> perhaps.  Please correct me if I'm wrong.
> 
> Do you have a plan to add the READKEY method so that it can work
> for OpenPGP?
> 
> In gnupg/scd/app-openpgp.c, we have:
> ========================
> /* Handle the READKEY command for OpenPGP.  On success a canonical
>    encoded S-expression with the public key will get stored at PK and
>    its length (for assertions) at PKLEN; the caller must release that
>    buffer. On error PK and PKLEN are not changed and an error code is
>    returned.  */
> static gpg_error_t
> do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
> ========================
> 
> When it's available, gpg frontend can ask card for signing/decipher
> for OpenPGP.
> 
> Creating OpenPGP from the public key in the card, we will need some
> tool, though.
> 


-- 

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com




More information about the Gnupg-devel mailing list