OpenPGP Card

Alon Bar-Lev alon.barlev at gmail.com
Mon Sep 5 18:38:20 CEST 2005


Hello,

>That's correct, it was my proposal in question. The problem is that, under
Linux, I couldn't find a smart-card + PKCS#11
> combination that works correctly enough (out of the box) to be usable with
cryptlib.

I use Athena smartcard www.athena-scs.com which works perfectly in term of
Linux and PKCS#11. I enjoy using it with Java JCE, Mozilla, Tunderbird,
PAM_PKCS11, I've encrypted my disk using aes-loop and then required gpg to
support PKCS#11... And here we are...

> Patch that enables the use of any smart-card with GnuPG. It allows the use
of cards with pregenerated keys and uses an auxiliray file to
> feed metadata into GnuPG (I'm assuming a read-only token). Signing works
correctly.

> http://www.core-dump.com.hr/software/gnupg-1.3.92-pkcs11.patch
> http://www.core-dump.com.hr/software/gnupg-1.3.92-pkcs11.patch.asc

> There is a g10/p11howto.txt describing how to use it. I've given up on
maintaining it because of Werner's attitude towards PKCS#11.
> If someone else wants to maintain it - be welcome. I will provide you some
help if neccessary.

This is great work!
But the work needs to be moved into gpg-agent... :(

I would have help merging it if I knew that there is a chance to merge it
into to gpg source.

Best Regards,
Alon Bar-Lev.




More information about the Gnupg-users mailing list