smartcards and GPGME

Jacob Adams tookmund at gmail.com
Tue May 15 20:38:22 CEST 2018


On 05/14/2018 02:02 AM, Andre Heinecke wrote:
> Hi,
> 
> On Sunday, May 13, 2018 6:26:04 PM CEST Jacob Adams wrote:
>> As part of a program I'm writing this summer for GSoC, I'd like to be
>> able to both move gpg private keys to a smartcard and generate keys on
>> the smartcard from an application. While this can be done from gpg, it
>> doesn't look like I can do so from GPGME or any other wrappers that
>> exist. Have I missed something or is this simply not possible yet?
>>
>> While I could wrap this functionality of gpg, I'd really prefer not to
>> and I'd rather not drop the user to a gpg prompt if I don't have to.
> 
> This is both pretty complicated thorugh GPGME, as there is indeed not a direct 
> interface. Kleopatra and GPA use the "AssuanEngine" of GPGME to connect to the 
> gpg-agent's assuan interface and issue / parse commands directly through that 
> connection.
> 
> You might want to take a look at GPA's implementation:
> 
> https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpa.git;a=blob;f=src/cm-openpgp.c

Awesome! That's a bit more complex than I was hoping but better than
calling gpg directly. Thanks for the pointer!
> 
> Alternatively instead of wrapping gpg (and using the complicated edit 
> interface) you could also wrap "gpg-connect-agent" and issue commands to 
> scdaemon through that.

That's also an option but I'll try the AssuanEngine first.

Thanks,
Jacob


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180515/e923f227/attachment.sig>


More information about the Gnupg-users mailing list