Important!

Blog moved to https://blog.apdu.fr/

I moved my blog from https://ludovicrousseau.blogspot.com/ to https://blog.apdu.fr/ . Why? I wanted to move away from Blogger (owne...

Wednesday, August 26, 2015

How to get my GPG public key?

On the MUSCLE mailing list we got the following question:
From: Jessie Frazelle
Subject: GPG Key

I swear I looked all over the website and downloads page [1]. But I
cannot find what key the tarballs are signed with to import to verify.
I am so sorry for bothering a mailing list with such noise, especially
because as much as I try I know they have to be somewhere and I am
just missing it.

Thanks in advance.


[1] https://alioth.debian.org/frs/?group_id=30105

Check the signature

Let try with the CCID driver. Download the 2 files: ccid-1.4.20.tar.bz2 and ccid-1.4.20.tar.bz2.asc and try to verify the signature.

$ gpg2 ccid-1.4.20.tar.bz2.asc
gpg: assuming signed data in 'ccid-1.4.20.tar.bz2'
gpg: Signature made Wed Aug  5 13:23:24 2015 CEST using RSA key ID E8F9C57E
gpg: Can't check signature: No public key

The signing key ID is E8F9C57E. We need to find this public key.

Fetch the public GPG key

You can use your web search engine for "E8F9C57E". It will return many results, including the public key you are looking for.

One way to get the key is to ask a key server using:
$ gpg2 --keyserver pgp.mit.edu --recv-key E8F9C57E
gpg: requesting key E8F9C57E from hkp server pgp.mit.edu
gpg: key E8F9C57E: public key "Ludovic Rousseau " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

I used pgp.mit.edu as key server but you can use another one.

Check the signature, again

Then we can verify the signature:
$ gpg2 ccid-1.4.20.tar.bz2.asc
gpg: assuming signed data in 'ccid-1.4.20.tar.bz2'
gpg: Signature made Wed Aug  5 13:23:24 2015 CEST using RSA key ID E8F9C57E
gpg: Good signature from "Ludovic Rousseau " [unknown]
gpg:                 aka "Ludovic Rousseau " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F5E1 1B9F FE91 1146 F41D  953D 78A1 B4DF E8F9 C57E

The signature is correct. But the key is not trusted.

Trust the public key?

Then you can verify that the public key ID E8F9C57E is really my public key. You will need to use the web of trust for that.
Maybe you trust one of the keys that signed my public key (level 1)?
Or maybe you trust a key that signed a key that signed my key (level 2)?
etc.

My GPG public key is also available from my web page at http://ludovic.rousseau.free.fr/

Thursday, August 13, 2015

PySCard 1.9.0 released

I just released a new official pyscard version 1.9.0 of pyscard. pyscard is a python module adding smart cards support (PC/SC) to python.

The PySCard project is available at:

Changes:

The main change is the support of Python3. I would not be surprised if some Python3 issues are still present.
After some more testing, stress test and bug fix (if needed) on Python3 I will move the version number to 2.0.0.

1.9.0 (August 2015)
  • add Python3 support (Python2 is still supported)
  • fix a lot of pylint warnings
  • smartcard/test/* replace deprecated assert calls
  • add tox support and coverage reports, run test suite on Travis
  • add Travis CI support to automatically build on Unix
  • add AppVeyor support to automatically build on Windows
  • minor bugs fixed
  • Big thank you to Alex Willmer for his work on pyscard

See also my previous article: PySCard 1.7.0 released

Friday, August 7, 2015

New version of pcsc-tools: 1.4.24

I just released a new version of pcsc-tools, a suite of tools for PC/SC.

Changes:
1.4.24 - 7 August 2015, Ludovic ROUSSEAU
  • 253 new ATRs
  • ATR_analysis: better update of the local cache

Wednesday, August 5, 2015

New version of libccid: 1.4.20

I just released a version 1.4.20 of libccid the Free Software CCID class smart card reader driver.

Direct download here.

Changes:
1.4.20 - 5 August 2015, Ludovic Rousseau
  • Add support of
    • ACS ACR1251 Dual Reader
    • Access IS NFC Smart Module
    • BIFIT iToken
    • BLUTRONICS BLUDRIVE II CCID (idProduct: 0x1079)
    • Generic MultiCard Device
    • NXP Pegoda 2 N
    • SafeNet eToken 5100
    • SafeNet eToken 7300
    • Yubico Yubikey 4 CCID
    • Yubico Yubikey 4 OTP+CCID
    • Yubico Yubikey 4 OTP+U2F+CCID
    • Yubico Yubikey 4 U2F+CCID
  • Depends on libusb version 1.0.9 instead of 1.0.8
  • The O2 Micro Oz776 reader only supports 9600 bps
  • Change installation directory for Mac OS X El Capitan 10.11

New version of pcsc-lite: 1.8.14

I just released a new version of pcsc-lite 1.8.14.
pcsc-lite is a Free Software implementation of the PC/SC (or WinSCard) API for Unix systems.

Changes:
1.8.14: Ludovic Rousseau
5 August 2015
  • Threading: lock the PC/SC context in a safe way
  • Threading: lock the card context in a safe way
  • SCardGetStatusChange(): fix card movement rare bug
  • Doxygen:
    • SCardTransmit() may return SCARD_E_INSUFFICIENT_BUFFER
    • SCardEndTransaction() The disposition is used and the dwDisposition parameter has an effect.
    • SCardReconnect() do not release locks
    • fix typos
  • Move the source code repository from subversion to git
  • Use asprintf(3) instead of strlcat(3) and strlcpy(3)
  • Allow to use pcscd in a remote session (polkit issue)
  • Some other minor improvements and bug corrections