Re: [FEATURE REQ] Keygrips in --card-status

2018-03-05 Thread Peter Lebbing 
On 01/03/18 19:14, Werner Koch wrote:
> Good suggestion.  Here is the output you will see in 2.2.6 when
> --with-keygrip is used with --card-status:

Ah, great, thanks!

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: [FEATURE REQ] Keygrips in --card-status

2018-03-01 Thread Werner Koch 
On Thu,  1 Mar 2018 13:06, pe...@digitalbrains.com said:

> So if --card-status would actually use the --with-keygrip option, it
> would be much easier to look up the keygrip for an OpenPGP smartcard,

Good suggestion.  Here is the output you will see in 2.2.6 when
--with-keygrip is used with --card-status:

Signature counter : 4604
Signature key : C1D3 4B69 219E 4AEE C0BA  1C21 E3FD FF21 8E45 B72B
  created : 2015-02-18 18:12:18
  keygrip : 1D538E0FA8DFC2ED7F0382ED25ADE1EF23D12C5C
Encryption key: DC9D AC60 8A8F 118F D8D0  F332 F4EC 45F1 1B45 7A45
  created : 2016-02-14 13:12:34
  keygrip : EE5A80CF605C7B8A2402E9CB41B553F2E5069B33
Authentication key: 59CE FA65 05DF 817B 3FE9  8F57 A588 F0D2 ABD0 CAF6
  created : 2016-02-14 13:14:07
  keygrip : EE5A80CF605C7B8A2402E9CB41B553F2E5069B33

and the --with-colons output has an addtional "grp: record (even without
--with-keygrip).


Shalom-Salam,

   Werner


-- 
#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


pgpcuZVVS4Iq_.pgp
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[FEATURE REQ] Keygrips in --card-status (was: gpgsm --gen-key with key on smartcard)

2018-03-01 Thread Peter Lebbing 
On 28/02/18 20:59, Werner Koch wrote:
> But that is about gpg and not about gpgsm.

Currently, it's not that easy to get the keygrip for an OpenPGP
smartcard key.

For keys for which the public part is available, it's:
$ gpg --card-status
Note desired KEYID
$ gpg --with-keygrip -k $KEYID
Find the KEYID in the certificate listed and see the keygrip below it.

I have smartcards with Auth keys that are not part of an OpenPGP
certificate. For these and other cases where the public part is not in
the keyring, it's more difficult to get the keygrip. Probably something
like:
$ gpg-connect-agent 'keyinfo --list' /bye|grep 87061340
for my GnuK with serial FFFE 87061340.

So if --card-status would actually use the --with-keygrip option, it
would be much easier to look up the keygrip for an OpenPGP smartcard,
*especially* when the smartcard is not currently in use by gpg. Even
though the query is done by "gpg --card-status", it is more a feature
for OpenPGP smartcards regardless of whether they are used for OpenPGP keys.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users