private data objects on smartcard
Damien Goutte-Gattat
dgouttegattat at incenp.org
Fri Jan 31 01:06:43 CET 2020
On Fri, Jan 31, 2020 at 12:55:05AM +0100, mailing list wrote:
>I hoped these objects may have been (read) protected by the PIN, but
>they´re world readable if you have the card, a bit sad...
Only Private DOs #1 and #2 are readable without any PIN. Reading the
private DO #3 requires the user PIN, and reading the private DO #4
requires the admin PIN.
If no PIN has been verified, the --card-status command will only ever
print out the contents of private DOs #1 and #2.
While we are at it, *writing* to the private DOs #1 and #3 requires the
user PIN, and writing to the private DOs #2 and #4 requires the admin
PIN.
You can find the details about those DOs and all the other features of
the OpenPGP smart card in the specifications for the different versions,
which are all available on GnuPG's site [1].
Cheers,
- Damien
[1] https://gnupg.org/ftp/specs/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200131/62c03df6/attachment.sig>
More information about the Gnupg-users
mailing list