Page MenuHome GnuPG

F5 does not always work in Kleos smartcard dialog
Testing, NormalPublic

Description

I think there is a caching issue in the smartcard dialog.

  • Move a key to a Yubikey (primary and sub)
  • Take a backup of the public key
  • Delete the key in Kleopatra (ie. private and public)

Smartcard dialog does not show the OpenPGP parts anymore

  • Import the public key
  • In the smartcard dialog hit F5

Smartcard dialog still does not show the key. This is even the case after running "gpg --card-status" on the command line, which correcly shows the key.

  • Restart Kleopatra

Smartcard dialog shows the keys.

Tested on Windows using Yubikey with firmware version 5.4.3 and Brainpool curves.

Details

Version
GnuPG 2.2.37-beta27, kleopatra-202208051223

Event Timeline

werner created this object with edit policy "Contributor (Project)".
ikloecker triaged this task as Normal priority.Aug 18 2022, 1:30 PM
ikloecker added a subscriber: ikloecker.

Yeah. F5 only refreshes the smart cards. It doesn't refresh Kleopatra's key cache.

Did you import the public key outside of Kleopatra?

With GnuPG master and Kleopatra master I'm making (slightly) different observations.

0. Generate an RSA 2048 OpenPGP key (moving ECC keys to my Yubikey didn't work)

  1. Copy primary key and subkey to Yubikey (from Kleopatra's Subkeys Details dialog)

1.5 Switch to Smartcards view
-> The OpenPGP tab shows the key's user ID below the fingerprints of the copied keys.

  1. Export public key(s) (and make backup of secret key(s))
  2. Delete the key in Kleopatra (ie. private and public)

3.5 Switch to Smartcards view
-> The OpenPGP tab still shows the key's user ID below the fingerprints of the copied keys. <- Difference to Werner's observation
-> Clicking Show Details results in an error that the key cannot be found.
-> Refreshing the Smarcards view with F5 doesn't change anything, i.e. the key's user ID is still shown.
-> Refreshing the Certificates view with F5 also doesn't change anything.

  1. Restart Kleopatra

4.5 Switch to Smartcards view
-> The OpenPGP tab now shows "Public key not found locally" below the fingerprints of the copied keys.

  1. Import the public key with Kleopatra

-> The key is shown in the certificate list.
-> The Subkeys Details view shows that primary key and subkey are stored on the smart card (nb: the full s/n instead of the display s/n is shown).
5.5 Switch to Smartcards view
-> The OpenPGP tab now shows "Public key not found locally" below the fingerprints of the copied keys.
-> Neither refreshing the Smartcards view nor refreshing the Certificates view doesn't change anything.

Apparently, the Smartcards view is neither updated when a key is deleted nor when a key is re-imported.

ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

The Smartcards view is not updated because the data on the card hasn't changed. The update can be forced by removing and re-inserting the card.

Obviously, the view also needs to be updated if the key cache signals changed keys.

ikloecker changed the task status from Open to Testing.Aug 19 2022, 5:29 PM
ikloecker removed ikloecker as the assignee of this task.
ikloecker moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a project: Restricted Project.

The information should now be updated automatically. F5 still won't change anything if the data on the smart card didn't change, but pressing F5 to update information about locally stored keys shouldn't be necessary in the first place.

I imported the public key using Kleopatra.

werner removed a project: Restricted Project.Thu, Sep 22, 10:50 AM