Hello,
You can check out gnupg-pkcs11-scd [1], it does allow more keys
(1024/2048) for gpgsm and 2048 key for gpg.
Alon.
[1] http://gnupg-pkcs11.sourceforge.net
On 5/4/08, Su Lu <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I am currently working on GnuPG Smartcard, and I am wondering whether
On 1/29/08, Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
> > I also consider helping an idea patenter by linking to his web site a
> > bad idea. That company has several times tried to force me to advertise
> > that the gnupg docs should mention that idea can be bought from t
ect. Whoever want to use IDEA should be exposed
to this information.
However... I cannot access this URL anymore.
Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 1/25/08, Werner Koch <[EMAIL PROTECTED]> wrote:
> On Wed, 23 Jan 2008 20:08, [EMAIL PROTECTED] said:
>
> > For gnupg-2:
> > http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/gnupg/files/gnupg-2.0.4-idea.patch?rev=1.1&view=markup
>
> It seems that Gentoo is violating the GPL (section 7) b
You can use Gentoo patches...
For libgcrypt:
http://gentoo.osuosl.org/distfiles/libgcrypt-1.4.0-idea.diff.bz2
For gnupg-2:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/gnupg/files/gnupg-2.0.4-idea.patch?rev=1.1&view=markup
Alon.
On 1/23/08, McDougall, Marshall (STEM) <[EMAIL PROTECT
in GnuPG
> source?
>
>
>
>
>
> On Jan 2, 2008 11:24 PM, Alon Bar-Lev < [EMAIL PROTECTED]> wrote:
> >
> > On 1/2/08, Matt Alexander <[EMAIL PROTECTED]> wrote:
> > > I'm looking at a possible deployment of OpenPGP smartcards at my company
> a
se:
http://gnupg-pkcs11.sourceforge.net/
Using PKCS#11 will enable you to use the same card for other
applications as well.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 11/19/07, Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/gnupg/files/gnupg-1.4.3-selftest.patch?rev=1.1
> >
> > - echo "../g10/gpg --no-options --no-greeting \
> > + echo "../g10/gpg --
#x27;s:PIC:__PIC__:' mpi/i386/mpih-{add,sub}1.S intl/relocatable.c
> > sed -i -e 's:if PIC:ifdef __PIC__:' mpi/sparc32v8/mpih-mul{1,2}.S
>
> Please send a more detailed bug report.
As far as I tested, gcc defines __PIC__ when you use -fPIC not PIC.
Does
u can see some other issues we had with previous release, maybe some
are not needed.
http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/gnupg/gnupg-1.4.7-r1.ebuild?rev=1.10
Best Regards,
Alon Bar-Lev.
On 11/16/07, Werner Koch <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I just uploaded
#11 provider
that communicate with your generic applet.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 7/13/07, Guillaume Yziquel <[EMAIL PROTECTED]> wrote:
> > Hmm... maybe if you switch to one all your problems will be gone :)
> > Selecting the right card to use is a key factor in peace of mine.
> >
> > Alon.
>
> And to what extent is your solution free software and free hardware?
There is no
On 7/12/07, Guillaume Yziquel <[EMAIL PROTECTED]> wrote:
> No.
>
> http://lists.gnupg.org/pipermail/gnupg-users/2007-June/031409.html
>
> Guillaume.
>
Hmm... maybe if you switch to one all your problems will be gone :)
Selecting the right card to use is a key factor in peace of mine.
Alon.
_
On 7/12/07, Guillaume Yziquel <[EMAIL PROTECTED]> wrote:
> Well, no. In fact, I'm still having a problem...
If you have PKCS#11 enabled token, you can use:
http://gnupg-pkcs11.sourceforge.net/
Alon.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
ht
On 7/6/07, Werner Koch <[EMAIL PROTECTED]> wrote:
> (pinentry 0.7.3, released today). It not stable enough for production
Any more surprises?
BTW: You ignored all patches from:
https://bugs.g10code.com/gnupg/issue798
Alon.
___
Gnupg-users mailing list
ves the issue:
sed -i 's#\.\./common/libcommon#libcommon#g' common/Makefile.in
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 6/28/07, Guillaume Yziquel <[EMAIL PROTECTED]> wrote:
> When failing to decrypt and failing to access the SCR 335 smartcard
> reader, I get the logged output decribed below this message.
>
> It seems I have a broken pipe issue:
>
> > 2007-06-28 15:32:31 scdaemon[4291] DBG: ccid-driver: usb_claim
You can review the optional PKCS#11 support.
http://gnupg-pkcs11.sourceforge.net/
On 5/28/07, Jim Berland <[EMAIL PROTECTED]> wrote:
> Hi everybody,
>
> I tried to research most of my questions concerning the use of
> smartcards, but I have a few things that I want to make sure.
>
>
> _About smart
On 5/10/07, Werner Koch <[EMAIL PROTECTED]> wrote:
> Okay, that is a much clearer report. However, I am not able to
> replicate it. I am using the gtk2 pinentry for a year or so now.
I cannot replicate it too...
It seem like a race condition...
Alon.
___
es regarding gpgme?
https://bugs.g10code.com/gnupg/issue772
http://lists.gnupg.org/pipermail/gnupg-devel/2007-February/023676.html
Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
On 5/10/07, Werner Koch <[EMAIL PROTECTED]> wrote:
> On Thu, 10 May 2007 06:55, [EMAIL PROTECTED] said:
>
> > What about some issues regarding the environment:
> > http://bugs.gentoo.org/show_bug.cgi?id=165493
>
> I don't understand what this is about. If there is a generic problem
> with pinentry
ith MUSCLE mailing list in order to make pcscd work...
Sorry I cannot help you further...
Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
ink that this is the reason for my problem. A year ago it already
> worked with the exception that there was not popup asking me to enter the pin
> by the cardreader.
So you will be able to reach at least the same state... :)
> As I mentioned the ubuntu-distribution behaves different.
B
.
If yes, you can use the gnupg-pkcs11-scd.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
r smartcard with many application at the same time
without stopping any interface or making the card locked by one of
them.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
k too... :)
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
appreciated.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
works
only with gpgsm, so it won't solve the problem.
I've tried to make it work with gpg, but I had no success... It seems
that it looks for specific card type? I didn't invest a lot of time
in this, and we did not want to patch gpg code.
Best Regards,
Alon Bar-Lev.
_
Werner Koch wrote:
> On Mon, 13 Feb 2006 19:32:12 +0200, Alon Bar-Lev said:
>
>> I know you have a licensing problem... I've been in touch
>
> No I don't have a licensing problem. What I am saying is that
> pcksc#11 is not needed in the Free Software wor
Hello Werner,
Werner Koch wrote:
> On Mon, 13 Feb 2006 13:04:24 +0200, Alon Bar-Lev said:
>
>> Are you aware of the PKCS#11 for OpenSSH solution
>> (http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=113977188917865&w=2)?
>
> Well, I know. However you kno
ens, the OpenSSH patch support the use of any PKCS#11
provider with OpenSSH.
I just hope that someday OpenPGP card will also have PKCS#11
provider, so it can be used by other applications, and the
other way around... gpg will use PKCS#11 providers in order
to
Zeljko Vrba wrote:
Alon Bar-Lev wrote:
>
But the work needs to be moved into gpg-agent... :(
You were referring to my PKCS#11 patch.. After studying the GPG
architecture a bit, I think this needs to be moved into the scdaemon.
gpg-agent actually does nothing with smart-cards - it u
ystems.
So you say that it is illeagal to run GPL software on windows or on AIX...
It also make no sense... Since it is...
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
he whole corresponding.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
an API.
I think you reach the same state no matter how you look on it.
I am still waiting for FSF response, does anyone knows someone there how can
help in resolving this issue?
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnu
ccurs that satisfied an exception.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
u
guys...) do not program low-level code in order to access devices.
There is PKCS#11 which is high-level SOFTWARE API that is cross-platform,
cross-device, and easy to use.
This is the only specification to which I can write software and make sure
that the user will be free to choose his hardware
each specific card...
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
urce
community's programmers should work so hard in order to implement their
software... I think this is your interpretation... I've written FSF and I
hope they will address this issue.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
tware.
]]]
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
nt...
>> I can show you that it GPLed program loads these drivers...
> Yes, show me, I'm curious.
Examples:
opensc from www.opensc.org - LGPL uses PKCS#11
pkcs11_login from www.opensc.org - LGPL uses PKCS#11
openCryptoki from http://sourceforge.net/projects/opencryptoki - GPL uses
PKCS#
For example, Mozilla Firefox will not work with some of the
smartcards out there... And I have no claims to Mozilla, they have done a
great job!
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
here is also the freedom of the
user to choose his peripheral devices, including smartcards.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Peter Pentchev wrote:
> Hate to jump into this discussion, but isn't this *exactly* why Werner
always keeps mentioning *shared* libraries? :)
Why hate?
Can you please elaborate? I don' t understand what you mean...
Best Regards,
Zeljko Vrba wrote:
> Alon Bar-Lev wrote:
>>
>> I agree... So if we all understand the need of PKCS#11 in order to
>> access cryptographic tokens, what I don't understand is how come
>> people choose to develop low-level applications in order to work with
spe
PKCS #11, CryptoAPI, or a per-hardware-device custom API. I know
which one I'd want...
I agree... So if we all understand the need of PKCS#11 in order to access
cryptographic tokens, what I don't understand is how come people choose to
develop low-level applicati
ble, they don't buy commercial product.
The problem is that the open source community does not always understand
which standard to support, and many, like gpg, inventing their own...
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
d I am very happy... Athena support Linux well... And even share the same
cards between Windows CSP/PKCS#11 and Linux PKCS#11!!!
Best Regards,
Alon Bar-Lev
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
x27;ve tried to introduce this argument to
Werner... But without any success...
I was out of new arguments when I gave up... I think that an open source
project that does not support software interaction standards will be
replaced by a different solution when the time comes.
Best Regards,
Alon Bar-
I would have help merging it if I knew that there is a chance to merge it
into to gpg source.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
applications
can use gpg keys... This was really strange. The whole idea is to separate
between application logic (gpg) and device access (Smartcards, HSM)...
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
ning curve
yourself.
Nice!
The conclusion of my discussion with people here is that the need of using
PKCS#11 for accessing various smartcards is not clear. I've tried to
highlight the advantages of using standard software API to access external
devices, but I've failed
harsh during this discussion, it hurts
to see people inventing standards of their own thus limiting
the usage of their own great software.
I want to thank you for this discussion.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users
just
wanted to understand why people are developing their own
standards.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Werner Koch wrote:
On Fri, 02 Sep 2005 18:45:53 +0300, Alon Bar-Lev said:
environment...) It provides a generic API to access cryptographic
tokens. Most smartcard vendors, including IBM, provide PKCS#11 library
that communicates with their card.
Again: Feel free to provide one. The only
you invent the wheel!
And here we are...
I don't meant to write another agent. Write a pkcs#11 driver which
uses gpg-agent as its token.
This is the WRONG WRONG WRONG approach!!!
Well, my opinion is different.
When I understood that I've promised not to bother you again...
roprietary card format... This should be
done regardless of our small debate regarding S/MIME and PGP.
I hope you read more regarding PKCS#11
www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html and
understand its role in cryptographic application and that gpg
can benefit from it
ld be written in order to make your
software work with your hardware.
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
his is THE MAJOR feature of gpg-agent...
Best Regards,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Benjamin Donnachie wrote:
Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
Just a thought... why do you use gpg?
Mainly because of my paranoia, and partly because I've used PGP since it was
a DOS based
program! :)
which feature you require?
Signing / encrypting messages.
Benjamin Donnachie wrote:
Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
I think that gpg should support PKCS#11 interface for smartcards, so
that it can be used with all smartcards that support this standard.
I've had a quick look at the PKCS#11 and I think that you may have a
another agent. Write a pkcs#11 driver which
uses gpg-agent as its token.
This is the WRONG WRONG WRONG approach!!!
Sorry,
I won't bother you any more,
Alon Bar-Lev.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
t" subject
for future
information at gnupg-users.
Best Regards,
Alon Bar-Lev.
Joe Smith wrote:
There is no need to post a message to the list three times.
Is it possible to obtain further details on the OpenPGP card?
I have such a card and a working smartcard reader but, ideally, I'
se it in
all smartcard enable applications... PKCS#11 provides this ability, and is
free to use, and most commonly
Implemented.
Yes, I know that I can write my own agent... But I still think it will be a
mistake.
Best Regards,
Alon Bar-Lev.
___
Gnupg-user
ented... I suggest it would
have been implemented using PKCS#11 :-) So that you can
use software token to store the keys, PKCS#11-ssh bridge,
Smartcard access, etc...
Can you please reconsider the PKCS#11 support, without
a new agent branch?
Best Regards,
Alon Bar-Lev.
___
nting PKCS#11 support for
gpg-agent, and helping in the implementation process...
I think it is very important to have such support for any software that
deals with cryptographic and secrets. gnupg falls into this category...
Best Regards,
Alon Bar-Lev
___
66 matches
Mail list logo
