OpenPGP Card
Alon Bar-Lev
alon.barlev at gmail.com
Fri Sep 2 19:46:33 CEST 2005
Werner Koch wrote:
> On Fri, 02 Sep 2005 18:45:53 +0300, Alon Bar-Lev said:
>
>
>>environment...) It provides a generic API to access cryptographic
>>tokens. Most smartcard vendors, including IBM, provide PKCS#11 library
>>that communicates with their card.
>
>
> Again: Feel free to provide one. The only thing you need is libassuan
> to connect to gpg-agent. libassuan is even under LGPL so you can use
> it with any kind of application - just put it into a shared library.
1. Athena smartcard http://www.athena-scs.com provides Linux
and Windows PKCS#11.
2. Algorithmic Research smartcard http://www.arx.com provides
Linux and Windows PKCS#11.
3. Aladdin smartcard http://www.ealaddin.com using opensc.
4. nCipher HSM http://www.ncipher.com
5. SafeNet HSM http://www.safenet-inc.com
I can find more...
You can refer to opensc and see some more (I didn't tried them)...
http://www.opensc.org/files/doc/opensc.html#opensc.status.cards
Then you can use the opensc PKCS#11 library
http://www.opensc.org/files/doc/opensc.html#opensc.pkcs11
>
> If something should be missing in gpg-agent to implement this, I will
> help by adding the required facilities. However, I don't have the
> time to write a pkcs#11 library for gpg-agent/scdaemon for free. If
> this is that important for you and you don't want to do it yourself,
> well ask me at my company address.
I don't understand why you keep insisting of writing a
library... You need to use a library not implement one.
All you need to do is to use several PKCS#11 methods:
1. login, find correct object, perform decryption (RSA), logout.
2. login, extract X509 certificates, logout.
May I understand that you agree that gpg-agent should support
PKCS#11 as a mean to interact with cryptographic tokens?
This was my original request... The when and how can be
determine... But I will be glad if we can agree that it should
be done...
Best Regards,
Alon Bar-Lev.
More information about the Gnupg-users
mailing list