Page MenuHome GnuPG
Feed Advanced Search

May 18 2022

werner added a comment to T5977: Smartcard PIN stays in clear in memory.

AFAICS, we need to implement a new Assuan flag and wipe the data passed to the callback after the callback returned.

May 18 2022, 9:14 AM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report
gniibe added a comment to T5862: authentication with USB token.

Note that this doesn't work if pinentry is pinentry-gnome3. pinentry-qt works well, too, because it supports curses fallback.

May 18 2022, 9:06 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

I added the last line, to recover tty state:

May 18 2022, 8:56 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

With cmatrix command and pinentry-gtk2, I now do experiment with this script:

May 18 2022, 5:09 AM · gpgagent, Feature Request, scd
oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Glad to hear. I've also now had time to manually apply the patches and have not seen any issues so far! Thank you! If anything does turn up later down the road I'll let you know.

May 18 2022, 2:10 AM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

No, no apologize needed. You did your best for the bug report, and it helped us a lot to identify the issue, and it certainly helped resulting the fixes. Moreover, your report kicked another fix of T5979 (thanks to the valgrind output).
Thank you.

May 18 2022, 1:37 AM · Info Needed, yubikey, scd, Bug Report

May 17 2022

oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

I apologize, you seem to be right. Even though the package build log shows that all patches were applied, it seems there are some hunks missing in the generated sources.
I've attached my patches, but those are most likely correct. There seems to be an issue with my distribution's package manager. I will investigate this and report back afterwards. Maybe I'll just build it manually.

May 17 2022, 1:34 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5862: authentication with USB token.

This is updated version of gpg-auth, which clears the authentication state before trying PKAUTH.
Access is controlled by ~/.ssh/authorized_keys.

May 17 2022, 11:18 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

This is the one for login authentication (which invokes scdaemon to authenticate, instead of connecting by socket).

May 17 2022, 10:59 AM · gpgagent, Feature Request, scd
gniibe added a project to T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s): Restricted Project.

To detect these kinds of bugs, possibly, we can use new GCC option: -ftrivial-auto-var-init=0xFEFEFEFE.
https://gcc.gnu.org/gcc-12/changes.html#uninitialized

May 17 2022, 3:34 AM · backport, gnupg, scd, patch
gniibe claimed T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s).

The bug was there when it was initially written. It was in 2003, which introduced PC/SC in rG1bcf8ef9dea1: Cleanups, fixes and PC/SC support

May 17 2022, 3:29 AM · backport, gnupg, scd, patch
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

When compiling the package, I can see that all 4 are applied.

May 17 2022, 2:41 AM · Info Needed, yubikey, scd, Bug Report

May 16 2022

oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

I think that it means that you only applied the last two patches.

May 16 2022, 4:14 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Thanks again for your update.

May 16 2022, 3:08 AM · Info Needed, yubikey, scd, Bug Report

May 14 2022

ludovic added a comment to T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s).

I just wrote a blog article about this problem
https://ludovicrousseau.blogspot.com/2022/05/scardlistreaders-and-non-initialized.html

May 14 2022, 4:13 PM · backport, gnupg, scd, patch

May 13 2022

werner added projects to T3391: cannot import subkey that was once marked to be on a card: scd, gpgagent.
May 13 2022, 2:43 PM · Restricted Project, gpgagent, scd, gnupg, OpenPGP, Bug Report
werner triaged T5977: Smartcard PIN stays in clear in memory as High priority.
May 13 2022, 2:40 PM · backport, libassuan, pinentry, scd, gnupg (gpg22), Bug Report
werner triaged T5979: SCardListReaders: Conditional jump or move depends on uninitialised value(s) as High priority.

Thanks for opening a ticket.

May 13 2022, 2:36 PM · backport, gnupg, scd, patch
oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Thanks a lot for your cooperation.

May 13 2022, 2:28 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

I put more fix for error handling of key algorithm attribute.
The change: rG53eddf9b9ea0: scd: Fail when no good algorithm attribute.

May 13 2022, 3:21 AM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Thanks a lot for your cooperation.

May 13 2022, 3:15 AM · Info Needed, yubikey, scd, Bug Report

May 12 2022

oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Contrary to your expectations, all gpg --card-status fail after yubikey insertion:

May 12 2022, 7:48 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Please do experiment again and give us the whole log of scdaemon.log for:

  • insert Yubikey initially
  • run gpg --card-status (success is expected)
  • remove Yubikey
  • insert Yubikey second time
  • run gpg --card-status (failure is expected)
May 12 2022, 5:19 PM · Info Needed, yubikey, scd, Bug Report
oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

In case you need any information, be sure to let me know. Maybe we can add some manual loggers to the patches, to confirm that everything is working as you imagine it to?

May 12 2022, 12:36 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Umm... The problem is the last bogus octet from Yubikey. In the log, we see:

May 12 2022, 1:43 AM · Info Needed, yubikey, scd, Bug Report

May 11 2022

oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

I'm certain I've applied the patches correctly. This is my current patchset:

May 11 2022, 12:49 PM · Info Needed, yubikey, scd, Bug Report
gniibe added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

The change improve error handling for possible other errors by device: rG53eddf9b9ea0: scd: Fail when no good algorithm attribute.

May 11 2022, 4:31 AM · backport, yubikey, scd, segv, Bug Report
gniibe added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

Thank you for the logs. It seems that scdaemon didn't detect the removal correctly.

May 11 2022, 1:50 AM · Info Needed, yubikey, scd, Bug Report

May 10 2022

oddlama added a comment to T5971: Yubikey: Removal of device is not detected by PC/SC.

I've uploaded the requested information with triple verbose and debug-all setting in the scdaemon.conf as scdaemon.log:

May 10 2022, 10:17 PM · Info Needed, yubikey, scd, Bug Report
gniibe edited projects for T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys, added: Restricted Project; removed gnupg.

Applied to 2.2 branch, too.

May 10 2022, 7:29 AM · backport, yubikey, scd, segv, Bug Report
gniibe removed a project from T5971: Yubikey: Removal of device is not detected by PC/SC: gnupg.
May 10 2022, 7:00 AM · Info Needed, yubikey, scd, Bug Report
gniibe removed a project from T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys: Info Needed.
May 10 2022, 3:50 AM · backport, yubikey, scd, segv, Bug Report
gniibe added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

I examined all log files you gave us, and I think that scdaemon with PC/SC fails to detect the removal of the USB device.

May 10 2022, 3:48 AM · backport, yubikey, scd, segv, Bug Report
gniibe triaged T5971: Yubikey: Removal of device is not detected by PC/SC as Normal priority.
May 10 2022, 2:51 AM · Info Needed, yubikey, scd, Bug Report

May 9 2022

oddlama added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

I've applied the linked patch, but still experience the error. Most of the times, I cannot access my yubikey at all and I am not sure what is blocking it.
I've tried to include as much debugging output as I could below. Please let me know if there is anything else I can do to debug this.

May 9 2022, 12:54 PM · backport, yubikey, scd, segv, Bug Report
gniibe added a project to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys: backport.
May 9 2022, 6:52 AM · backport, yubikey, scd, segv, Bug Report
gniibe added a project to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys: Info Needed.

The patch rG054d14887ef8: scd: Add workaround for ECC attribute on Yubikey. fixes a particular problem of Yubikey implementation where it returns bogus octet for its data object of C1, C2, and C3.

May 9 2022, 4:53 AM · backport, yubikey, scd, segv, Bug Report

May 6 2022

oddlama added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

With the patch and after starting a new gpg-agent, gpg --card-status now works immediately.
But when I re-plug the yubikey, gpg reports gpg: OpenPGP card not available: Card error until either gpg-agent is restarted, or pcscd is restarted.
pcsc-lite in debug mode reports no errors, but one log is obviously much shorter as gpg fails early (I've attached both, same pcscd and gpg-agent instance).

May 6 2022, 1:42 PM · backport, yubikey, scd, segv, Bug Report
gniibe added a comment to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.

I pushed a workaround.

May 6 2022, 11:28 AM · backport, yubikey, scd, segv, Bug Report
gniibe renamed T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys from scdaemon causes libc segfault and clashes with pcsc-lite despite using disable-ccid to Yubikey: scdaemon causes libc segfault and clashes with ECC keys.
May 6 2022, 11:26 AM · backport, yubikey, scd, segv, Bug Report
gniibe added a project to T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys: yubikey.
May 6 2022, 10:07 AM · backport, yubikey, scd, segv, Bug Report
gniibe claimed T5963: Yubikey: scdaemon causes libc segfault and clashes with ECC keys.
May 6 2022, 8:56 AM · backport, yubikey, scd, segv, Bug Report

May 2 2022

werner added a project to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com: workaround.
May 2 2022, 10:19 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.
KexAlgorithms -sntrup761x25519-sha512@openssh.com
May 2 2022, 10:17 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd

Apr 28 2022

ikloecker added a comment to T5942: scdaemon is blocking system shutdown.

FWIW, your comments about the autostart script do not match with the running processes. Obviously, the autostart script starts gpg-agent with different command line options than the running process. My conclusion is that the autostart script isn't used. Or maybe it is started, but gpg-agent immediately terminates because it notices that another instance is already running.

Apr 28 2022, 10:12 AM · Support, scd, gpgagent
ikloecker added a comment to T5942: scdaemon is blocking system shutdown.

If you add an autostart script then you may have to add a corresponding shutdown script as well, e.g. a script running gpgconf --kill all. You cannot expect that daemons, that you start via an autostart script, magically know when they should terminate.

Apr 28 2022, 10:01 AM · Support, scd, gpgagent
werner triaged T5942: scdaemon is blocking system shutdown as Low priority.
Apr 28 2022, 8:48 AM · Support, scd, gpgagent
szotsaki added a comment to T5942: scdaemon is blocking system shutdown.

Thank you for the hints!

Apr 28 2022, 8:24 AM · Support, scd, gpgagent
gniibe reopened T5942: scdaemon is blocking system shutdown as "Open".

Thank you for the explanation. (It's not related to --supervised, I suppose.)

Apr 28 2022, 4:03 AM · Support, scd, gpgagent

Apr 27 2022

szotsaki added a comment to T5942: scdaemon is blocking system shutdown.

I see the following GPG-related commands running currently (with disable-scdaemon in config file):

Apr 27 2022, 6:06 PM · Support, scd, gpgagent
ikloecker placed T5546: Kleopatra: After importing the first pubkey for a card from LDAP the keylistview is not refreshed up for grabs.

The issues mentioned in the previous comment have been fixed.

Apr 27 2022, 1:22 PM · scd, Info Needed, Restricted Project, kleopatra
ikloecker claimed T5546: Kleopatra: After importing the first pubkey for a card from LDAP the keylistview is not refreshed.

I had a look at the file system watcher we use to react on changes in the GnuPG home directory. It doesn't watch the private keys living in private-keys-v1.d. Moreover, it does not handle the removal of files properly.

Apr 27 2022, 11:18 AM · scd, Info Needed, Restricted Project, kleopatra

Apr 26 2022

gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

My Yubikey (Yubico.com Yubikey 4/5 OTP+U2F+CCID) (key Ed25519) works fine with OpenSSH using kex of sntrup761x25519-sha512@openssh.com.

Apr 26 2022, 7:44 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd

Apr 25 2022

werner closed T5942: scdaemon is blocking system shutdown as Wontfix.

Please contact the Debian developers for any systemd/gnupg issues. We don't suggest the use of the --supervised option because it causes more problems than it claims to solve.

Apr 25 2022, 11:53 AM · Support, scd, gpgagent
gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

Sorry, I was confused. For RSA-4096, data is hashed by gpg-agent and hashed data is signed by a card.

Apr 25 2022, 9:51 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
szotsaki created T5942: scdaemon is blocking system shutdown.
Apr 25 2022, 8:15 AM · Support, scd, gpgagent
werner added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

We are using rsa-4096 on smartcard for quite some time; so I wonder what's the problem here. Is that that we don't use our Assuan hack for large key material with OpenPGP.3?

Apr 25 2022, 8:07 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

There is another case: RSA-4096 key. scdaemon rejects data by Invalid value. Unfortunately, there is no fix for this, as it's really too large. Even if scdaemon allows larger data, the card implementation rejects, when it conforms to PKCS #1 standard (data should not be larger than 40% of the modulus).

Apr 25 2022, 4:35 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd

Apr 22 2022

gniibe added a project to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com: Restricted Project.
Apr 22 2022, 6:50 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
gniibe closed T5029: server socket/pipe handling in GnuPG as Resolved.
Apr 22 2022, 6:50 AM · Windows, scd, gnupg (gpg23)
gniibe closed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed as Resolved.
Apr 22 2022, 6:48 AM · gnupg (gpg23), scd
gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

I confirmed that the patch above works with newer Gnuk (>= 1.2.16).

Apr 22 2022, 4:49 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd

Apr 21 2022

werner added a project to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com: gnupg (gpg23).
Apr 21 2022, 7:35 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
werner triaged T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com as Normal priority.
Apr 21 2022, 7:35 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
gniibe added a comment to T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.

With newer Gnuk Token, following patch should work:

diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 05e1f3977..439052f8c 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -5490,6 +5490,11 @@ do_auth (app_t app, ctrl_t ctrl, const char *keyidstr,
           exmode = 1;    /* Use extended length.  */
           le_value = app->app_local->keyattr[2].rsa.n_bits / 8;
         }
+      else if (app->app_local->cardcap.cmd_chaining && indatalen > 254)
+        {
+          exmode = -254; /* Command chaining with max. 254 bytes.  */
+          le_value = 0;
+        }
       else if (indatalen > 255)
         {
           if (!app->app_local->cardcap.ext_lc_le)
Apr 21 2022, 6:43 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd
gniibe claimed T5935: scd: SSH emulation of gpg-agent doesn't work well with sntrup761x25519-sha512@openssh.com.
Apr 21 2022, 6:41 AM · workaround, gnupg (gpg23), ssh, Bug Report, scd

Mar 29 2022

gniibe added projects to T5029: server socket/pipe handling in GnuPG: Restricted Project, Windows.
Mar 29 2022, 2:59 AM · Windows, scd, gnupg (gpg23)
gniibe added a project to T5029: server socket/pipe handling in GnuPG: scd.
Mar 29 2022, 2:59 AM · Windows, scd, gnupg (gpg23)

Mar 28 2022

gniibe closed T5428: PC/SC detecting removal of card as Resolved.

When we will find reproducible test case, please reopen.

Mar 28 2022, 3:51 AM · Info Needed, Windows, scd, Bug Report

Mar 14 2022

gniibe added a comment to T5862: authentication with USB token.

And updated scd_validate2.py:

Mar 14 2022, 10:57 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Wrote a pam module which interacts a user for auth:

Mar 14 2022, 10:55 AM · gpgagent, Feature Request, scd

Mar 10 2022

gniibe added a comment to T5862: authentication with USB token.

I write a prototype in Python using pyassuan:

Mar 10 2022, 3:35 AM · gpgagent, Feature Request, scd

Mar 7 2022

gniibe added a comment to T5862: authentication with USB token.

More things to be considered:

  • How to connect scdaemon
  • How to invoke scdaemon
Mar 7 2022, 1:14 AM · gpgagent, Feature Request, scd

Mar 4 2022

gniibe added a comment to T5862: authentication with USB token.

BTW, there are various use cases for authentication(s), it is better to focus on the part of device and crypto (USB Token and scdaemon).

Mar 4 2022, 6:05 AM · gpgagent, Feature Request, scd
gniibe added a comment to T5862: authentication with USB token.

Here is an experimental shell script for testing:

Mar 4 2022, 5:46 AM · gpgagent, Feature Request, scd

Mar 1 2022

gniibe added projects to T5862: authentication with USB token: scd, Feature Request.

It may be simpler if we can enhance scdaemon to have an option for PKAUTH, say, --challenge-response, so that it generates a challenge and verify signature internally.

Mar 1 2022, 8:57 AM · gpgagent, Feature Request, scd

Feb 23 2022

werner closed T5838: gpg card not getting detected as Resolved.
Feb 23 2022, 4:07 PM · Not A Bug, scd, gnupg, RHEL

Feb 17 2022

werner added projects to T5838: gpg card not getting detected: RHEL, gnupg, scd.
Feb 17 2022, 1:21 PM · Not A Bug, scd, gnupg, RHEL
irl added a comment to T5837: gpg-card: Authenticate to PIV applet with non-3DES card management key.

Setting the management key has been implemented only for Yubikeys. So for Gemalto this won't work.

Feb 17 2022, 11:20 AM · gnupg24, scd, Feature Request
werner claimed T5837: gpg-card: Authenticate to PIV applet with non-3DES card management key.
Feb 17 2022, 10:49 AM · gnupg24, scd, Feature Request
gniibe added a project to T5831: Backport (f808012a) scd: Use lock_slot for apdu_send_direct. to GnuPG 2.2: Restricted Project.

Thank you for your suggestion.

Feb 17 2022, 6:08 AM · gnupg (gpg22), Bug Report, scd
gniibe claimed T5831: Backport (f808012a) scd: Use lock_slot for apdu_send_direct. to GnuPG 2.2.
Feb 17 2022, 6:01 AM · gnupg (gpg22), Bug Report, scd

Feb 14 2022

ZenithalHourlyRate created T5831: Backport (f808012a) scd: Use lock_slot for apdu_send_direct. to GnuPG 2.2.
Feb 14 2022, 1:10 PM · gnupg (gpg22), Bug Report, scd

Jan 18 2022

werner triaged T5790: Cannot use "Retired Cert Key Mgm [1-20]” Slots on YubiKey as Normal priority.
Jan 18 2022, 7:20 AM · gnupg24, gnupg (gpg23), scd, Feature Request

Jan 4 2022

gniibe renamed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed from scd: reader_port to scd: loop forever with reader_port, when open_pcsc_reader failed.
Jan 4 2022, 7:03 AM · gnupg (gpg23), scd
gniibe claimed T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.
Jan 4 2022, 7:02 AM · gnupg (gpg23), scd
gniibe added a comment to T5758: scd: loop forever with reader_port, when open_pcsc_reader failed.

The problem was the error handling.
I didn't apply the patch directly, but improved the code paths.

Jan 4 2022, 7:02 AM · gnupg (gpg23), scd
gniibe triaged T5758: scd: loop forever with reader_port, when open_pcsc_reader failed as Normal priority.
Jan 4 2022, 6:44 AM · gnupg (gpg23), scd

Nov 23 2021

werner closed T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu as Resolved.
Nov 23 2021, 1:26 PM · Restricted Project, scd, ssh, Bug Report

Nov 16 2021

werner changed the status of T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu from Open to Testing.
Nov 16 2021, 5:24 PM · Restricted Project, scd, ssh, Bug Report

Nov 15 2021

gniibe added a project to T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu: Restricted Project.
Nov 15 2021, 3:53 AM · Restricted Project, scd, ssh, Bug Report
gniibe added a comment to T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu.

Adding the check on host side, I pushed the change: rGa575b0aba542: scd:openpgp: Support longer data for INTERNAL_AUTHENTICATE.

Nov 15 2021, 3:53 AM · Restricted Project, scd, ssh, Bug Report

Nov 12 2021

werner triaged T5682: ed25519 internal authenticate with openpgpcard may send long data over short apdu as High priority.
Nov 12 2021, 12:53 PM · Restricted Project, scd, ssh, Bug Report

Oct 29 2021

gniibe added projects to T5359: Kleopatra: Loop in DeviceInfoWatcher with GnuPG 2.3 on Windows: scd, Restricted Project.
Oct 29 2021, 4:19 AM · Restricted Project, scd, Restricted Project, kleopatra

Oct 28 2021

ikloecker changed the status of T5672: Kleopatra: Improve Kleopatras detection of keyservers from Open to Testing.

Kleopatra now checks both keyserver options. Previously, Kleopatra checked only one of them depending on the version of gpg (< 2.3.0 vs. >= 2.3.0). Note that the automatic lookup is only done if the keyserver option specifies an LDAP server, i.e. if it starts with "ldap".

Oct 28 2021, 2:55 PM · Restricted Project, scd, kleopatra
ikloecker moved T5672: Kleopatra: Improve Kleopatras detection of keyservers from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Oct 28 2021, 10:07 AM · Restricted Project, scd, kleopatra
ikloecker added a project to T5672: Kleopatra: Improve Kleopatras detection of keyservers: Restricted Project.
Oct 28 2021, 10:07 AM · Restricted Project, scd, kleopatra

Oct 27 2021

werner updated the task description for T5672: Kleopatra: Improve Kleopatras detection of keyservers.
Oct 27 2021, 4:21 PM · Restricted Project, scd, kleopatra

Oct 20 2021

werner lowered the priority of T5546: Kleopatra: After importing the first pubkey for a card from LDAP the keylistview is not refreshed from Normal to Low.

Lets downgrade the priority and keep it open in case we get reports from customers. The other option would be to replicate this here using our AD demo network. But that is a bit time consuming.

Oct 20 2021, 12:26 PM · scd, Info Needed, Restricted Project, kleopatra

Oct 10 2021

werner closed T5632: gpg-agent 2.3.2 conflicts with pcscd as Resolved.
Oct 10 2021, 7:04 PM · Not A Bug, yubikey, scd, gnupg (gpg23)