On 2015-07-09 06:56, NIIBE Yutaka wrote: > I'm not sure, but it would be possible for SmartCard-HSM to be tested > very lightly, and it was not well tested as a whole GnuPG suite. I > mean, it would not be tested with gpg frontend together. Perhaps, it > was only tested with gpgsm. > > If so, I think that the situation is somehow frustrated for users of > SmartCard-HSM who expect OpenPGP functionality. Indeed. To be precise, the SmartCard-HSM Web site states clearly GnuPG only supports this card as key store for X.509 certificates and private keys so there should be no false expectations regarding OpenPGP support - but given we are talking about a powerful, highly versatile and apparently increasingly popular SmartCard here it would in the long run be a waste not to let it be used in this mode.
One problem is that as you pointed out in your previous post, the Assuan command which explicitly demands cards accessed by gpg to support the openpgp application is hard-coded in the sources and has been there for quite a few years. Hopefully relaxing this restriction will not prove to be too much of a paradigm shift. > I've examined the code of SmartCard-HSM driver. There are most > functionalities. However, the method of 'do_readkey' (of retrieving > public key information from card) is missing. If it will be > supported, we will be able to use SmartCard-HSM for OpenPGP. > > I need some help for this direction of development. It is excellent news that there shouldn't be too much left to implement! I will be very happy to provide any help I can. Shall we continue off the mailing list? -- MS _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
