Revised patch to support the SmartCard-HSM in scdaemon
andreas.schwier.ml at cardcontact.de
Thu Jul 9 09:32:28 CEST 2015
the SmartCard-HSM driver only works with gpgsm. When we wrote the
driver, there was a limitation in gpg that prevented the use of anything
else than a card compliant with the OpenPGP Card specification .
If that situation has been resolved, then I'm more than happy to make
the SmartCard-HSM available as key store for GnuPG keys.
On 07/09/2015 07:50 AM, NIIBE Yutaka wrote:
> This is a reply to your message sent last year.
> On 07/23/2014 06:04 AM, Andreas Schwier wrote:
>> please find attached  the revised patch to GnuPG master, adding
>> support for the SmartCard-HSM to scdaemon.
> Recently, we received a post to gnupg-users about using the
> SmartCard-HSM for OpenPGP.
> IIUC, the driver you submitted is intended to be used with gpgsm,
> perhaps. Please correct me if I'm wrong.
> Do you have a plan to add the READKEY method so that it can work
> for OpenPGP?
> In gnupg/scd/app-openpgp.c, we have:
> /* Handle the READKEY command for OpenPGP. On success a canonical
> encoded S-expression with the public key will get stored at PK and
> its length (for assertions) at PKLEN; the caller must release that
> buffer. On error PK and PKLEN are not changed and an error code is
> returned. */
> static gpg_error_t
> do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
> When it's available, gpg frontend can ask card for signing/decipher
> for OpenPGP.
> Creating OpenPGP from the public key in the card, we will need some
> tool, though.
--------- CardContact Software & System Consulting
|.##> <##.| Andreas Schwier
|# #| Schülerweg 38
|# #| 32429 Minden, Germany
|'##> <##'| Phone +49 571 56149
More information about the Gnupg-devel