OpenPGP card and BasicCard

Christian Rank christian.rank at
Fri Apr 15 07:45:23 CEST 2005

Werner Koch wrote:
> On Thu, 14 Apr 2005 08:20:13 +0200, Christian Rank said:

>>only for signing and encryption, but also for WWW authentication with
>>client certificates. Is something like that planned in the future?
> There is a vague plan of writing a pkcs#11 library using the card as
> actual crypto token.  Most likely this library will speak to scdaemon
> via gpg-agent and thus support a variety of cards - including native
> pkcs#15 cards.

This sounds very promising ...

> AFAIK, there is pkcs#15 emulation code in OpenSC for our card.  Not
> sure whether it is still functional; Olaf Kirch once wrote it and told
> me that he succeeded in using the card.

The current PKCS#15 emulation for the OpenPGP card is for version 1.0
and is read-only, so you can't load PKCS#15 data structures on the card
(I tried it myself without success). I also tried encryption and signing
operations without success, but that may be due to the fact that I have
an OpenPGP card version 1.1, while the OpenSC support is for version 1.0.


Dr. Christian Rank
Rechenzentrum Universität Passau
Innstr. 33
D-94032 Passau
Tel.: 0851/509-1838
Fax:  0851/509-1802
PGP public key see

More information about the Gnupg-users mailing list