How to use a PKCS#15 with GnuPG?
Werner Koch
wk at gnupg.org
Sat Jun 17 10:35:46 CEST 2017
On Thu, 15 Jun 2017 14:13, ndk.clanbo at gmail.com said:
> authentication and signing). Both ePass2003 and MyID implement PKCS#15,
> so IIUC they should be usable.
gpg expects an OpenPGP card. For pkcs#15 you need to use gpgsm. As a
starter do
gpgsm --learn-card
which imports the certificates from such cards. There is no --card-edit
etc, because in general PKCS#15 cards are distributed personalized.
Having done --learn-card once you can use the keys from the card for
X.509 or CMS (aks S/MIME) stuff.
But note, that PKCS#15 does not specifiy everything and card vendors
oftne implement proprietary extensions/modifications. See
gnupg/scd/app-p15.c for some hints.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170617/03c975d1/attachment.sig>
More information about the Gnupg-users
mailing list