card-backend-scdc

Crates.iocard-backend-scdc
lib.rscard-backend-scdc
version0.5.0
sourcesrc
created_at2023-08-28 15:48:29.676628
updated_at2023-09-05 23:54:56.378197
descriptionExperimental SCDaemon Client, e.g. for use with the openpgp-card crate
homepage
repositoryhttps://gitlab.com/openpgp-card/openpgp-card
max_upload_size
id957124
size14,398
Heiko Schaefer (hko-s)

documentation

https://docs.rs/crate/openpgp-card-scdc

README

scdaemon based backend (e.g., for the openpgp-card library)

This crate provides ScdBackend/ScdTransaction, which is an implementation of the CardBackend/CardTransaction traits that uses an instance of GnuPG's scdaemon to access OpenPGP cards.

Note that (unlike card-backend-pcsc), this backend doesn't implement transaction guarantees.

Known limitations

  • Uploading RSA 4096 keys via scdaemon doesn't work with cards that don't support Command Chaining (e.g. the "Floss Shop OpenPGP Smart Card"). This is caused by a size limitation for client requests via the Assuan protocol. Assuan "Client requests" are limited to 1000 chars. Commands are sent as ASCII encoded hex, so APDU commands are limited to around 480 bytes. This is insufficient for importing RSA 4096 keys to the card (all other OpenPGP card operations fit into this constraint).

  • When using scdaemon via pcsc (by configuring scdaemon with disable-ccid), choosing a specific card of multiple plugged-in OpenPGP cards seems to be broken. So you probably want to plug in only one OpenPGP card at a time when using openpgp-card-scdc combined with disable-ccid.

  • When using scdaemon via its default ccid driver, choosing a specific one of multiple plugged-in OpenPGP cards seems to only work up to 4 plugged-in cards. So you probably want to plug in at most four OpenPGP cards at a time when using card-backend-scdc with its ccid driver. (This limit has been raised in GnuPG 2.3.x)

Commit count: 923

cargo fmt