Nitrokey HSM and GPG
Martin Konold
martin.konold at erfrakon.com
Wed Feb 24 22:53:01 CET 2016
Am Mittwoch, 24. Februar 2016, 20:12:13 CET schrieb Andreas Schwier:
Dear Andreas,
> the Nitrokey HSM has an embedded SmartCard-HSM which is only supported
> by gpgsm. Unfortunately you can not use a key on the device as gpg key,
> but only for S/MIME. GPG only supports cards that conform to the OpenPGP
> Card Specification, which the SmartCard-HSM doesn't.
Thanks for enlightening me.
I assume if I simply want to encrypt / decrypt files gpgsm should be sufficient?!
I read the man page but still fail using the Nitrokey HSM with gpgsm.
Can you provide me a hint how to instruct gpgsm to use a specific SmardCard-HSM
device?
I successully used openssl with this card but fail with gpgsm sofar using
engine -t dynamic -pre SO_PATH:/usr/lib64/engines/libpkcs11.so -pre ID:pkcs11
-pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib64/opensc-pkcs11.so
req -engine pkcs11 -new -key 0:10 -keyform engine -out cert.pem -text -x509 -
days 3640
Kind Regards
--martin konold
--
Dipl.-Physiker Martin Konold
e r f r a k o n Partnerschaftsgesellschaft
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Registergericht: Amtsgericht Stuttgart PR 126
Firmensitz: Adolfstraße 23, 70469 Stuttgart
fon: 0711 67400963
fax: 0711 67400959
email: martin.konold at erfrakon.de
http://www.erfrakon.com
More information about the Gnupg-users
mailing list