Required patches for the OpenPG card v2.0

Werner Koch wk at gnupg.org
Tue Jun 23 18:26:40 CEST 2009


Hi!

Unfortunately I realized too late that 2.0.12 still had bugs with the
new OpenPGP card[1].  Without actual hardware testing stuff is a bit
hard; I had 2 engineering samples during development and we swapped card
back and forth to squash the bugs in the card's firmware while also
hacking gnupg.  Thus some things got not tested for 2.0.12.

Find attached 2 patches against GnuPG 2.0.12 to fix the card problem as
well as an unlrealted Windows-only problem.  These patches are already
in the Gpg4win 2.0.0rc1 installer currently being copied to the servers.

GnuPG 1.4 does not yet support the v2 cards.  I plan to backport the
code from 2.0 in the next week and then it should not take too long to
get 1.4.10 out.  If you don't want to wait: gpg2 is the perfect version
for the desktop or laptop ;-)

A cautionary note: If you plan to buy a smartcard reader, please abstain
From Omnikey based readers (Cardman and some others).  They do not work
with 2048 bit smartcards.  They work on Windows, but not on a free OSes.
We need to do some protocol analysis to see how the Windows driver
achieves to send so-called extended lengths APDUs.  The vendors are not
very helpful in this regard, thus I can only suggest to resort to SCM
based readers.


Salam-Shalom,

   Werner


[1] Meanwhile we received the first batch of cards; they will be sold at
    the LinuxTag and if cards are left over by next week through the
    well known distributor.

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 01-scd-pw2.patch
Type: text/x-patch
Size: 3502 bytes
Desc: not available
URL: </pipermail/attachments/20090623/6d204f56/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 02-pth-estream.patch
Type: text/x-patch
Size: 1759 bytes
Desc: not available
URL: </pipermail/attachments/20090623/6d204f56/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 205 bytes
Desc: not available
URL: </pipermail/attachments/20090623/6d204f56/attachment.pgp>


More information about the Gnupg-users mailing list