PCBWay has finished manufacturing our initial boards but we are having difficulty sourcing enough microcontrollers to assemble the entire initial batch of 100. For some additional cost we’ve decided to have 20 boards made (a single panel) with the microcontroller chips we can get right now and have the rest assembled when we can get more.
Now that we have integrated the Nettle cryptography library into the Signet HC firmware we are ready to implement the cryptographic engine features we have planned. These are features where a cryptographic task such as decrypting or signing an email or file is performed securely on Signet HC and the results are sent back to the host operating system. These features will be accessible through the client GUI as well as multiple command-line interfaces.
At the end of this update is a link to survey to help us understand what aspects of the encryption engine features are a priority to our users. Please fill it out to let us know.
Initially we will create our own command-line tool that is capable of invoking all of Signet HC’s cryptographic operations. In the short term this would mean that Signet could not be used with application plugins integrated with GNU Privacy Guard (GPG). We will port some of the most popular plugins (such as those for encrypting email) to use our tool as an initial solution to this problem.
For the longer term we will have to decide between creating a modified version of GPG or implementing the OpenPGP Card specification, which is already supported by GPG. The OpenPGP Card specification is a smart card specification designed for use with OpenPGP (Pretty Good Privacy) and OpenPGP is compatible with GPG. We can make use of OpenPGP Card specification by making Signet HC identify as a smart card reader and emulate the OpenPGP Card functions.
In the following sections we list our take on the pros and cons of each approach.
gpg-agent, the simpler backend portion of GPG
We would appreciate your feedback. Please answer this brief survey with regards to the Signet HC encryption engine.