Page MenuHome GnuPG
Create Task
Maniphest T6213

Yubikey not working with GPG 2.3.7 (Gpg4win 4.0.3)
Closed, ResolvedPublic
Actions

Description

Update2: I have read T6070#160227 and T6077, so this is a duplicate issue. If If any administrator has checked this issue, please mark it as closed. My Yubikey firmware version: 5.4.3
See this:
Reddit post
This problem also happened on my Windows 10, with my Yubikey 5 NFC & 5C
This is the output of command gpg --card-status in GPG 2.3.7, Gpg4win 4.0.3:

Reader ...........: Yubico YubiKey OTP FIDO CCID 0
Application ID ...: *Replaced*
Application type .: OpenPGP
Version ..........: 1.0
Manufacturer .....: ?
Serial number ....: *Replaced*
Name of cardholder: [not set]
Language prefs ...: [not set]
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Max. PIN lengths .: 3 -2 0
PIN retry counter : 0 0 0
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

You see, the Manufacturer should be Yubico or whatever anything else, but it just send me a "?". The version number max PIN lengths and so on are also incorrect. Besides, if you try to run commands like key-attr and factory-reset, you will get an error message: gpg: error XXXXXX: invalid ID.
After a long search, I finally found the solution in a reddit post: Just DOWNGRADE! so after a downgrade to GPG 2.3.6 (Gpg4win 4.0.2), everything seems to work again! Output of command gpg --card-status:

Reader ...........: Yubico YubiKey OTP FIDO CCID 0
Application ID ...: *Replaced*
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: Yubico
Serial number ....: *Replaced*
Name of cardholder: [not set]
Language prefs ...: [not set]
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: *Replaced*
Max. PIN lengths .: 127 127 127
PIN retry counter : 2 0 3
Signature counter : 0
KDF setting ......: off
UIF setting ......: Sign=off Decrypt=off Auth=off
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

It just prints all the information correctly! And finally, I can start using my Yubikey. Please fix this bug soon.
Update1: Confirmed that running Kleopatra can also cause this problem. You have to kill the gpg-agent process to make it work again.

Details

Version
2.3.7