Page MenuHome GnuPG
Create Task
Maniphest T4695

Remove SERIALNO as an identifier to select keys
Closed, ResolvedPublic
Actions

Description

In the stub file, we have SERIALNO. That has been so, until today.

This information is not needed any more, except the interaction to user asking insertion of card. And asking with SERIALNO does not help much.

Showing KEYGRIP when asking would not be better, but it is good to clean up the implementation.

I have a patch now, being attached.

Revisions and Commits

rG GnuPG
rG9f39e0167d06 agent: Fix ask_for_card to allow a key on multiple cards.

Related Objects
Search...

Event Timeline

gniibe created this task.Sep 5 2019, 8:04 AM

0001-agent-Remove-SERIALNO-information-in-stub.patch13 KBDownload

gniibe added a comment.Sep 5 2019, 10:12 AM

I did too many things at once.
I'm going to divide up into pieces.

gniibe added a commit: rG9f39e0167d06: agent: Fix ask_for_card to allow a key on multiple cards..Sep 5 2019, 10:23 AM
gniibe added a comment.Sep 6 2019, 1:37 AM

By the change of rG9f39e0167d06: agent: Fix ask_for_card to allow a key on multiple cards., the SERIALNO in the stub is just an auxiliary information, not identifying the card. Now, it is the keygrip for key to identify/select the card.

gniibe lowered the priority of this task from Unbreak Now! to High.Sep 6 2019, 1:37 AM
gniibe added a comment.Sep 6 2019, 1:41 AM

Still there are two places where we use "SCD serialno --demand <SERIALNO>". One is g10/skclist.c where we list available keys, another is the funciton card_key_available in agent/command-ssh.c .

Those parts could/should be changed by using "SCD KEYINFO --list".

werner added a comment.Sep 6 2019, 10:40 AM

BTW: I have the problem that I want to know the keys of all cards. "getinfo card_list" along with --demand can be used for this. gpg-card works this way. It does not work if plug in addtional cards becuase card_list shows only the cards for which a SERIALNO command has been used. A new feature to scan the buses for all readers and cards would be quite useful.

gniibe added a project: Restricted Project.Oct 9 2019, 4:15 AM
werner added a comment.Dec 17 2019, 4:36 PM

Many cards have some printed information and I consider them important to avoid testing one by one all the cards from my pocket.
This I am really in favor of beeing asked to insert the respective card. The new text format private key files make it much easier to maintain this info

gniibe added a subtask: T4301: Handling multiple subkeys on two SmartCards.Dec 18 2019, 1:35 AM
gniibe added a subtask: Restricted Maniphest Task.
gniibe created subtask T4784: Remove referring a key by $AUTHKEYID, $ENCRKEYID, and $SIGNKEYID.Dec 18 2019, 2:22 AM
werner removed a subtask: Restricted Maniphest Task.Dec 23 2019, 11:02 AM
gniibe closed subtask T4784: Remove referring a key by $AUTHKEYID, $ENCRKEYID, and $SIGNKEYID as Resolved.Jan 16 2020, 5:17 AM
gniibe added a comment.Jan 16 2020, 5:22 AM

With new "KEYINFO" command in scdaemon, a list of card keys can be retrieved by:

$ gpg-connect-agent "SCD SERIALNO" "SCD KEYINFO --list" /bye

Or using the function agent_scd_keyinfo for gpg, which does that.

gniibe added a comment.Jan 16 2020, 5:24 AM

The first "SCD SERIALNO" command let scdaemon re-scan smartcards/tokens.

gniibe changed the task status from Open to Testing.Jan 16 2020, 5:25 AM
werner lowered the priority of this task from High to Normal.Jan 5 2021, 10:54 AM

I think we can close this one, right?

gniibe closed subtask T4301: Handling multiple subkeys on two SmartCards as Resolved.Jan 28 2021, 3:19 AM
gniibe closed this task as Resolved.Apr 13 2021, 8:05 AM

Done in 2.3.0.