Hello, I maintain Scute and Poldi packages in Debian. I also do minimum efforts for those software in the upstream. Perhaps, it's better for me to put my business on the service.html, but my environment is free software only which won't match most potential customers' requests.
Well, please note that Scute or Poldi is not mature enough yet, and somehow not well maintained these days. On 02/21/2015 11:01 AM, Matthias-Christian Ott wrote: > As mentioned in my more detailed follow-up email on how TrueCrypt > accesses the "keyfile" on the smartcard, Scute is not able to do this. Interesting. I don't recommend using data objects on a smartcard for such a use, because it's size is usually limited. Say, 255-byte or so, at most. Here, I explain a bit of existing code (of scdaemon, scute and poldi) and OpenPGPcard v2. We also have the data object of 0x7F21 "Cardholder certificate". I guess that it was intended to hold the X.509 client certificate in OpenPGPcard v2, which corresponds to the authentication private key on the card. We have READCERT command in scdaemon to access this specific data object. However, this command and the data object itself are not used any more by GnuPG, Scute, or Poldi. Thus, it would be possible to use this data object for your experiment. This is abuse, so, I don't recommend, in general, but only for your experimental usage. This data object is exceptionally large. I don't remember how large it is for the original OpenPGPcard, but I know it's 2KiB for Gnuk (if enabled on compile time). The access to the data object of 0x7f21 is not controlled by PIN. It can be accessed by anyone. I think that it could be possible for the host PC to encrypt the data to be stored, using card's encryption key. -- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
