[PATCH] scd: Support button flag and AES key data for OpenPGPcard v3.0.
NIIBE Yutaka
gniibe at fsij.org
Fri Jun 26 14:29:28 CEST 2015
On 06/26/2015 06:30 PM, Werner Koch wrote:
> On Fri, 26 Jun 2015 08:23, gniibe at fsij.org said:
>
>> No, it's not ready yet (I mean, not fully implemented). This is only
>> a part of the feature. We need to consider about how symmetric
>> decryption will be asked from gpg-agent to scdaemon.
>
> What use case do you have in mind for secure messaging ? Is it how to
> tell scdaemon that SM needs to be used and how to store and convey the
> key?
No, what I added today is not for secure messaging (and I don't have
any idea to implement secure messaging).
The change is adding data object handling for the operation of
PSO:DECIPHER with symmetric key. This feature is added in v2.1.
With the change of today, a user (or manufacturer) can put AES key
onto the data object of 0xD5.
Then, the (bare) use case will be something like:
$ gpg-connect-agent "SETKEY <KEYGRIP>" "SETHASH 02..." PKDECRYPT /bye
In the specification of OpenPGPcard v2.1 or later, cryptogram with
prefix 0x02 means symmetric decryption.
I don't know well about the background of this enhancement of
PSO:DECIPHER. This would be useful to send an initial encrypted
message to a customer from a card manufacturer, I guess.
--
More information about the Gnupg-devel
mailing list