Revised patch to support the SmartCard-HSM in scdaemon
Andreas Schwier
andreas.schwier.ml at cardcontact.de
Thu Jul 9 09:32:28 CEST 2015
Hello,
the SmartCard-HSM driver only works with gpgsm. When we wrote the
driver, there was a limitation in gpg that prevented the use of anything
else than a card compliant with the OpenPGP Card specification [1].
If that situation has been resolved, then I'm more than happy to make
the SmartCard-HSM available as key store for GnuPG keys.
Andreas
[1] http://lists.gnupg.org/pipermail/gnupg-devel/2013-November/028034.html
On 07/09/2015 07:50 AM, NIIBE Yutaka wrote:
> Hello,
>
> This is a reply to your message sent last year.
>
> On 07/23/2014 06:04 AM, Andreas Schwier wrote:
>> please find attached [1] the revised patch to GnuPG master, adding
>> support for the SmartCard-HSM to scdaemon.
>
> Recently, we received a post to gnupg-users about using the
> SmartCard-HSM for OpenPGP.
>
> http://lists.gnupg.org/pipermail/gnupg-users/2015-July/053870.html
>
> IIUC, the driver you submitted is intended to be used with gpgsm,
> perhaps. Please correct me if I'm wrong.
>
> Do you have a plan to add the READKEY method so that it can work
> for OpenPGP?
>
> In gnupg/scd/app-openpgp.c, we have:
> ========================
> /* Handle the READKEY command for OpenPGP. On success a canonical
> encoded S-expression with the public key will get stored at PK and
> its length (for assertions) at PKLEN; the caller must release that
> buffer. On error PK and PKLEN are not changed and an error code is
> returned. */
> static gpg_error_t
> do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
> ========================
>
> When it's available, gpg frontend can ask card for signing/decipher
> for OpenPGP.
>
> Creating OpenPGP from the public key in the card, we will need some
> tool, though.
>
--
--------- CardContact Software & System Consulting
|.##> <##.| Andreas Schwier
|# #| Schülerweg 38
|# #| 32429 Minden, Germany
|'##> <##'| Phone +49 571 56149
--------- http://www.cardcontact.de
http://www.tscons.de
http://www.openscdp.org
http://www.smartcard-hsm.com
More information about the Gnupg-devel
mailing list