In master, gpg frontend uses "SCD SERIALNO", "SCD GETINFO card_list", "SCD KEYINFO" for normal crypto operation.
It seems that smartcard cannot be used any more through extra socket, because of this.
Description
Description
Revisions and Commits
Revisions and Commits
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Resolved | • gniibe | T5062 gpg: error getting version from 'scdaemon': Forbidden | ||
| Resolved | • gniibe | T5063 Use of some "SCD" command through extra socket |
Event Timeline
Comment Actions
Perhaps, don't allow automatic use of available card keys would be better:
diff --git a/agent/command.c b/agent/command.c index 160979dae..b6286becf 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2292,13 +2292,7 @@ cmd_scd (assuan_context_t ctx, char *line) if ((argc == 1 && !strcmp (argv[0], "SERIALNO")) || (argc == 2 && !strcmp (argv[0], "GETINFO") - && !strcmp (argv[1], "version")) - || (argc == 2 - && !strcmp (argv[0], "GETATTR") - && !strcmp (argv[1], "KEY-FPR")) - || (argc == 2 - && !strcmp (argv[0], "KEYINFO") - && !strcmp (argv[1], "--list=encr"))) + && !strcmp (argv[1], "version"))) xfree (l); else {
I don't think adding another option for gpg-agent is good.