Fwd: gnupg SmartCard V3.3
Hello, i bought two V3.3 cards, but can`t get them to work … the keytocard command does not move the key but copy it and further on the gpg2 --card-status -> fetch followed by gpg2 --card-status does not create the stub keys, so gpg2 --list-secret-keys does not show any keys ... I have the same (rsa4096) sub-key loaded to each slot 1,2,3 eg SEA and card-status does show them … gpg2 --version is 2.1.11 I did further tests by calling gpg2 —card-edit -> generate with keylength 2048 and 4096 which fail with „card-error“ Tried gpg (GnuPG/MacGPG2) 2.2.3 on a completely different machine (mac) Tried the other card (i bought two with consecutive serial numbers) Tried three different card-reader: - Cherry GmbH SmartBoard XX44 - KOBIL EMV CAP - SecOVID Reader III - Alcor Micro AU9540 00 00 Can anybody help? Kind Regards, Klaus ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
PGP Clean Room GSoC Mentoring
Hello all, I'm a prospective student for Debian's Google Summer of Code 2018 and I am interested in working on a project that may be of interest to those on this mailing list and that requires at least one more co-mentor to move forward. The biggest hurdle I faced when setting up my GPG key was creating and storing it offline. Many live cds like TAILS can be manipulated for this purpose, but are not designed for it and require quite a bit of space for what is otherwise a relatively small amount of information. I am looking to create a proper interface for a PGP Clean Room Live CD that walks a user through setting up a set of USB flash drives or sd cards as a raid disk, generating new GPG keys, storing them there, and then exporting subkeys either on a separate USB stick or a security key like a Yubikey. I'd also like to add the ability to do things like revoke keys or extend expiration dates for them through the application. You can see more of the ideas behind the project here: https://wiki.debian.org/SummerOfCode2018/Projects/CleanRoomForPGPKeyManagement Daniel Pocock has already agreed to be the primary mentor for this project, but he will most likely be involved in at least one other GSoC project. I've sent out a few emails in Debian but have received no reply as yet so I'm reaching out to the wider open source community. You can find the Mentor Guide here: https://google.github.io/gsocguides/mentor/ Someone with experience in python, especially python's GPGME bindings, would be much appreciated. Thanks, Jacob ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
generate key using specific cipher
Hi, I'm trying to learn how to use gpg/libgcrypt with GOST cryptography (actually I'm moving from openssl, where GOST is deprecated due to poor code quality to the gpg/libgcrypt software, where GOST is present since 1.7.0), and since the entire crypoto subsystem is (from my point of view) is overcomplicated, I'm lacking some simple skills - for instance, how do I generate an x509 csr/key with GOST (is it even possible) ? In openssl I would do something like "openssl req -newkey gost2001 -pkeyopt paramset:A -keyout foo -out bar" and this would do the trick. In gnupg well, I'm looking at the documentation right now but just cannot find the clue. Thanks. Eugene. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: generate key using specific cipher
On Mon, 26 Feb 2018 05:40, e...@norma.perm.ru said: > I'm trying to learn how to use gpg/libgcrypt with GOST cryptography > (actually I'm moving from openssl, where GOST is deprecated due to > poor code quality to the gpg/libgcrypt software, where GOST is present > since 1.7.0), and since the entire crypoto subsystem is (from my point You can't use GOST with gpg becuase OpenPGP does not specify it. For gpgsm it would be possible to add support for GOST but we can do that only if there is an RFC for adding GOST to PKIX _and_ if we are able to test against an established certificate infrastructure. The latter is even problematic for DSA and ECC. Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpT0ylFJK6Cu.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users