Currently, Kleopatra refuses any NetKey cards with version != 3. Excluding v2 cards makes sense, but newer cards should be supported. Hopefully, they work out of the box. Tentatively, we will make Kleopatra accept all NetKey cards with version 3 or later.
Revisions and Commits
TeleSec NetKey v3 cards are accepted, for NetKey v2 you get the error message "NetKey v2 cards are not supported".
A NetKey-v15-card Signature Card V2.0 and a GeNUA PKCS#15 Card are read, too.
So if you tested this with the signature cards this can be resolved? My signature card still has the nullpin. I should probably set that to test it myself but if you have one and tested this why not resolved?
Well, the above mentioned cards are all with expired certificates and I did not use the cards. I could only check if some info about the certificates on the card is displayed in the smart card tab.
Is this is all necessary for the test if Kleopatra "accepts" those cards? That their contends are displayed? In that case you might count the ticket as resolved.
But I'm lacking a representative sample of testcards and don't feel comfortable declaring that all Netkey v15 cards are accepted on such cursory tests.
I set the pin on my card, so this still works in kleo :)
When I had not set the pin, pinentry informed me correctly that the pin was not yet set and I got as an error "Nutzungsvorraussetzungen nicht erfüllt" so this works nicely.
With faked system time I was able to sign with a vs-nfd compliant brainpool key.
I was unable to sign with a non compliant key, which is also expected as we currently do not allow that.
I was able to encrypt and decrypt to non vs-nfd compliant with nistp keys.
The only thing that did not work was decrypting with the vs-nfd compliant brainpool key on that card, this returned invalid ID. But that is a GnuPG issue.
So I am confidently setting this issue to resolved as everything on the Kleopatra side worked perfectly.