I'm using master with a Yubikey 5.
Trying to read the certificate stored on a PIV card fails immediately after writing the certificate to the card. Reading works after killing scdaemon. This is somewhat relevant for Kleopatra: After writing a certificate to a PIV card the "Import Certificate" button is still disabled because the button is only enabled if a certificate is found on the card for the corresponding card slot.
Prerequisites:
- A private key was generated on-card for (or an off-card key was written to) one of the PIV card slots, e.g. PIV.9E (Card Authentication key)
- A certificate was created for the private key
$ gpg-card [...] Card authenticat. : 482BD076054B6950A6FC476C356AF029A5115BBD keyref .....: PIV.9E (auth) algorithm ..: rsa2048 used for ...: X.509 user id ..: CN=Signing key,O=example,C=DE user id ..: <otto@example.net> [...] gpg/card> authenticate *** gpg/card> writecert PIV.9E < sign-rsa2048-offcard-482BD076054B6950A6FC476C356AF029A5115BBD.crt gpg/card> readcert PIV.9E > sign-rsa2048-offcard-482BD076054B6950A6FC476C356AF029A5115BBD-export.crt Command 'readcert' failed: Not found
The scd log says:
2020-10-12 16:28:54 scdaemon[3802] DBG: chan_7 <- WRITECERT PIV.9E 2020-10-12 16:28:54 scdaemon[3802] DBG: chan_7 -> INQUIRE CERTDATA 2020-10-12 16:28:54 scdaemon[3802] DBG: chan_7 <- [ 44 20 30 82 03 41 30 82 02 29 a0 03 02 01 02 02 ...(857 byte(s) skipped) ] 2020-10-12 16:28:54 scdaemon[3802] DBG: chan_7 <- END 2020-10-12 16:28:54 scdaemon[3802] DBG: send apdu: c=00 i=CB p1=3F p2=FF lc=5 le=256 em=0 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 00cb3fff055c035fc10100 2020-10-12 16:28:54 scdaemon[3802] DBG: response: sw=6115 datalen=256 2020-10-12 16:28:54 scdaemon[3802] DBG: apdu_send_simple(0): 21 more bytes available 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 00c0000015 2020-10-12 16:28:54 scdaemon[3802] DBG: more: sw=9000 datalen=21 2020-10-12 16:28:54 scdaemon[3802] DBG: dump: 538201118001077f4982010981820100c6ee77d1b734db6b9b2f7769834a6b81 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 4e42dfce01962001299aefe8ec8b77200d3e12c4ab29729404d4bfcb4970094c \ 2020-10-12 16:28:54 scdaemon[3802] DBG: f3e517be153c8ddbe90aa8daa3d4d2b969d30a9cb1ecb08f1c38d35ccd7eafd6 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 1c315c1118b23920ebea3632b0b7497fa8e9d928e91adc7627e66a15a45a259d \ 2020-10-12 16:28:54 scdaemon[3802] DBG: dc466f20b565b0af6ece7097a9d1bc516c9db43093c6a3ec81bee18214f7cb7a \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 11dc9bf44352f2c5f7be2716a49acb885e390b08c8cdfee671c0658d5de1e617 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 4ce4cb0cf35f9a9ea7dfb1e202f33a7a0e64035ba81e49277ee74371cea65f2f \ 2020-10-12 16:28:54 scdaemon[3802] DBG: d0e728647b38a403cd058c816e358dc8cc600e25a85ed8c4864d38bc0c2e8986 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: ef525c5db86b0ec3698348b2df632a478203010001 2020-10-12 16:28:54 scdaemon[3802] DBG: send apdu: c=00 i=DB p1=3F p2=FF lc=855 le=-1 em=-1 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 10db3fffff5c035fc1015382034e708203453082034130820229a00302010202 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 081136f6e309018da0300d06092a864886f70d01010b05003035310b30090603 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 550406130244453110300e060355040a13076578616d706c6531143012060355 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 0403130b5369676e696e67206b65793020170d3230303931303134353231335a \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 180f32303633303430353137303030305a3035310b3009060355040613024445 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 3110300e060355040a13076578616d706c65311430120603550403130b536967 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 6e696e67206b657930820122300d06092a864886f70d01010105000382010f00 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 3082010a0282010100c6ee77d1b734db6b9b2f7769834a6b814e42dfce019620 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 01299aef 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 10db3fffffe8ec8b77200d3e12c4ab29729404d4bfcb4970094cf3e517be153c \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 8ddbe90aa8daa3d4d2b969d30a9cb1ecb08f1c38d35ccd7eafd61c315c1118b2 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 3920ebea3632b0b7497fa8e9d928e91adc7627e66a15a45a259ddc466f20b565 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: b0af6ece7097a9d1bc516c9db43093c6a3ec81bee18214f7cb7a11dc9bf44352 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: f2c5f7be2716a49acb885e390b08c8cdfee671c0658d5de1e6174ce4cb0cf35f \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 9a9ea7dfb1e202f33a7a0e64035ba81e49277ee74371cea65f2fd0e728647b38 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: a403cd058c816e358dc8cc600e25a85ed8c4864d38bc0c2e8986ef525c5db86b \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 0ec3698348b2df632a470203010001a3533051301b0603551d11041430128110 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 6f74746f 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 10db3fffff406578616d706c652e6e65743011060a2b06010401da4702020104 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 030101ff300f0603551d130101ff040530030101ff300e0603551d0f0101ff04 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 04030206c0300d06092a864886f70d01010b0500038201010097e41d78485439 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: fac7ecc57f1681c1b2280e76ccee020f4f635a0155a922872c13bd75714ecfd0 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 88acbfdf0ff7cbad8a6da53b4392c16577ce8087bba9e095207c24171630684f \ 2020-10-12 16:28:54 scdaemon[3802] DBG: a7db8ccaf4955be3a02f46d87e014e56ee8a39aa6b07f0397fd15bc90d85b3c7 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 8e9d0fd74422a23a1902fc359ae7a8484ca5a530f051e57f07da639d421db3a3 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 7ae912858ec9fec1246198ed0cd2e55c3ae89c4ef0e6f705a37a4c08d7a646b6 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: d77e032e 2020-10-12 16:28:54 scdaemon[3802] DBG: raw apdu: 00db3fff5a13b38669597035f02c1fb2e71670b18d7a8d3a31bf19695e2b1fe6 \ 2020-10-12 16:28:54 scdaemon[3802] DBG: e7003a4cf11a1f5d96275da5e198ffd2621b8b68ee2ee5b3f12f7bd0eaba459a \ 2020-10-12 16:28:54 scdaemon[3802] DBG: 58e4ae39210b918b6a417de9e7dbe2a64077ab7bec029bb694df710100fe00 2020-10-12 16:28:54 scdaemon[3802] DBG: response: sw=9000 datalen=0 2020-10-12 16:28:54 scdaemon[3802] DBG: dump: [all zero] 2020-10-12 16:28:54 scdaemon[3802] operation writecert result: Success 2020-10-12 16:28:54 scdaemon[3802] DBG: chan_7 -> OK 2020-10-12 16:29:45 scdaemon[3802] DBG: chan_7 <- READCERT PIV.9E 2020-10-12 16:29:45 scdaemon[3802] app_readcert failed: Not found 2020-10-12 16:29:45 scdaemon[3802] DBG: chan_7 -> ERR 100663323 Not found <SCD>
After killing scdaemon (gpgconf --kill scdaemon) reading the certificate works:
2020-10-12 16:31:20 scdaemon[4218] DBG: chan_7 <- READCERT PIV.9E 2020-10-12 16:31:20 scdaemon[4218] DBG: chan_7 -> [ 44 20 30 82 03 41 30 82 02 29 a0 03 02 01 02 02 ...(857 byte(s) skipped) ] 2020-10-12 16:31:20 scdaemon[4218] DBG: chan_7 -> OK