[PATCH] scd: Support button flag and AES key data for OpenPGPcard v3.0.

NIIBE Yutaka gniibe at fsij.org
Fri Jun 26 14:29:28 CEST 2015

On 06/26/2015 06:30 PM, Werner Koch wrote:
> On Fri, 26 Jun 2015 08:23, gniibe at fsij.org said:
>> No, it's not ready yet (I mean, not fully implemented).  This is only
>> a part of the feature.  We need to consider about how symmetric
>> decryption will be asked from gpg-agent to scdaemon.
> What use case do you have in mind for secure messaging ?  Is it how to
> tell scdaemon that SM needs to be used and how to store and convey the
> key?

No, what I added today is not for secure messaging (and I don't have
any idea to implement secure messaging).

The change is adding data object handling for the operation of
PSO:DECIPHER with symmetric key.  This feature is added in v2.1.

With the change of today, a user (or manufacturer) can put AES key
onto the data object of 0xD5.

Then, the (bare) use case will be something like:

  $ gpg-connect-agent "SETKEY <KEYGRIP>" "SETHASH 02..." PKDECRYPT /bye

In the specification of OpenPGPcard v2.1 or later, cryptogram with
prefix 0x02 means symmetric decryption.

I don't know well about the background of this enhancement of
PSO:DECIPHER.  This would be useful to send an initial encrypted
message to a customer from a card manufacturer, I guess.

More information about the Gnupg-devel mailing list