This works now. Thanks.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Dec 9 2020
Dec 7 2020
Backported.
We need another patch, because there are two places for gpg --card-edit and gpg-card to check OpenPGPcard's version number if it's >= 2 or not.
Dec 4 2020
In T2291#139821, @lopter wrote:if I am running master, it is now possible to have a setup where the same encryption key is shared by and usable from multiple smart cards?
Thank you for all the work! Does it mean that, if I am running master, it is now possible to have a setup where the same encryption key is shared by and usable from multiple smart cards?
Dec 3 2020
I think that T5150 was also not fixed completely.
So, I'm going to push D513 to both of 1.8 and master (to be 1.9).
Nov 30 2020
Works now. Thanks.
Nov 27 2020
Nov 26 2020
Sorry, I realized this myself this morning and did couple of fixes. rG7113263a00d8 does this all however I forgot to mention the bug number.
Argh. The following patch replaces the previous patch. It fixes the calculation of the display serial number.
I think the calculation of the OpenPGP s/n is not correct. As you write, "Yubico seems to use the decimalized version of their S/N as the OpenPGP card S/N." This matches my observation for my Yubikey:
s/n printed on Yubikey: 9074582
Yubikey s/n (with our prefix): FF020001008A7796
OpenPGP AID: D2760001240102010006090745820000
Nov 25 2020
Great. Please apply the patch.
Nov 24 2020
Okay, I now got such a patch:
I found a good enough solution: I changed the code to compute the OpenPGP s/n from the Yubikey s/n right after a Yubikey has been detected. Later, and if OpenPGP enabled on the YK, the S/N is already there but we use the S/N from the 0x4f DO. That is needed because we can't compute the OpenPGP version number ahead and use 0.0 in the S/N.
Stable now and works as expected. Thank you!
Nov 23 2020
Its done for 2.2 thus changing the tag.
Nov 20 2020
How about distinguishing CARDNO and application specific SERIALNO?
Yes, it is due to a backport from master: rG1049f06c6d2e: scd:openpgp: Allow keygrip to be used to reference a key
Fixed in rG84020385be19: scd:openpgp: Public keys should be available for check_keyidstr..
Nov 19 2020
The problem seems to have returned in 2.2.24.
Thanks again for your report.
I'm still having problems with 2.2.24. Now the card removal is detected correctly, but the initialization fails.
Nov 18 2020
Nov 16 2020
Nov 13 2020
Nov 12 2020
BTW, the idea is to fade out support for gpg --card-status and --card-edit. Thus no new features there. New features shall only go into gpg-card.
Fixing --card-status is definitely a good idea. gpg-card shows almost the same information as gpg --card-status except that it shows the correct "Version" and "Serial number". It would probably make sense to unify the code of --card-status and gpg-card's list command.
Let me describe current situation.
Nov 11 2020
I just noticed that gpg --card-status now prints a bogus OpenPGP version number for my Yubikey. And it prints an empty serial number.
# gpg --card-status Reader ...........: 1050:0407:X:0 Application ID ...: FF020001008A7796 Application type .: OpenPGP Version ..........: 77.96 Manufacturer .....: Yubico Serial number ....:
Nov 10 2020
For 2.2, rG61aea64b3c17: scd: Fix the use case of verify_chv2 by CHECKPIN. fixed this problem.
Nov 9 2020
Nov 5 2020
For SPR532, we need following.
Nov 4 2020
Nov 2 2020
We should find a way to figure out the OpenPGP S/N even if OpenPGP is disabled. I'll ask Yubico.
Oct 30 2020
Fixed in 2.2 branch.
Also, I found another issue of libgcrypt master, which is fixed in rC361a0588489c: ecc: Handle removed zeros at the beginning for Ed25519..
Further, I found different issue, and created T5116: GnuPG master shows an error when importing Ed25519 keys generated.
Oct 28 2020
I have tested this with Kleopatra. The good news is that SCD GETATTR $DISPSERIALNO now works for the piv app even if the openpgp app is enabled.
Oct 27 2020
Oct 1 2020
Sep 30 2020
I observed that the card reader's going erroneous state when I removed a card during its communication.
In this state, it never reports the card removal by the interrupt transfer.
I applied rG920f258eb601: scd: Internal CCID driver: More fix for SPR532. for this problem.
Sep 28 2020
The patch rG684a52dffa8b: scd: Change handling of SPR532 card reader. makes me happier. It is more stable.
Sep 11 2020
Sep 3 2020
It's a different issue: Gnuk doesn't support length of 3072, only 2048 and 4096.
Sep 2 2020
Hi,
I have tested a GnuPG Token with Gpg4win-3.1.12 and generating a key with Kleopatra did not work
With 2.2.23-beta4 that contains: 0a9665187a7cbf68933b7162fb5f974177684a50 I have repeated the test on Linux and first the key-attr change that Kleopatra sends fails:
Sep 1 2020
I should add a test with Gnuk to my Windows quick test after a release.
Thanks a lot. Applied and pushed.
Aug 28 2020
Aug 27 2020
0.2.0 was just released with support for GCM. Tested against openpgpkeys.pm.me
Aug 25 2020
Aug 24 2020
Aug 19 2020
For GNU/Linux, it's done.
Aug 10 2020
Aug 9 2020
We won't do that for 2.2.
Aug 7 2020
Aug 5 2020
Jul 31 2020
I realized that it fails with GPG_ERR_INV_ID (with gpg master) when it's on smartcard.
It can't be decrypted if it's on smartcard, that's true, but more relevant error would be good for this case.
Jul 30 2020
Patch backported to 2.2
Pushed modified patch to master and 2.2.
Jul 29 2020
I just saw that there is related discussion and a patch for this in T4994 so I will close again here.
This change broke for me the compilation of GPGME which I fixed with: 52f930c1ed7eee6336a41598c90ef3605b7ed02b I found that fix there OK because GPGME explicitly uses ws2_32.
Jul 17 2020
That could also be the reason for some strange behaviour I have sometimes with my bunch or readers. I have not had the time to look into this and thus opted for a gpgconf --kill scdaemon which fixes things quickly but of course this is a bad workaround.
I am happy that your use case will be supported, and the bug was fixed before the release.
It's me who say "thank you" to you!
Thanks a lot.
I pushed a fix as rG46d185f60397: scd: PC/SC: Don't release the context when it's in use..
Ah, I identified an issue.
While it's in a loop of trying readers (in select_application in scd/app.c), it should not deallocate resources to access readers, even if reference count == 0.
I'll fix.
Thanks for your testing.