Wed, Jan 20
Thanks for the reports. IIRC, we had similar reports in the past either here or on a ML.
Fri, Jan 8
The code has been reworked to also support the updated schema which also stores the fingerprints and a parsed down mail address. See gnupg/doc/ldap/ . These changes are in master and 2.2.26. Sorry for taking so long to fix that.
Wed, Jan 6
I wrote https://github.com/rupor-github/win-gpg-agent to simplify usage on Windows until this issue is resolved - it handles various edge cases on Windows.
Tue, Jan 5
Mon, Dec 28
Dec 21 2020
Dec 18 2020
Dec 14 2020
Dec 12 2020
Dec 11 2020
Reading the code again, I think that some configuration of NKS card doesn't work well, when it has no certificates but keys (e.g. IDLM config).
I'm going to fix do_readkey as well (the approach #1).
Dec 10 2020
Thanks a lot for your time to locate the problem. I took the approach of #2.
Dec 9 2020
I'm not sure why I thought that it would work now. With current master I get
$ gpg-connect-agent "SCD READKEY --info-only -- 39400430E38BB96F105B740A7119FE113578B59D" /bye ERR 100663414 Invalid ID <SCD>
Dec 8 2020
Dec 7 2020
Dec 4 2020
And I also did a backport to 2.2 :-) See rGa028f24136a062f55408a5fec84c6d31201b2143
Dec 3 2020
Dec 1 2020
Go ahead (but w/o the /*if (keytime*)*/ line ;-)
Nov 30 2020
The following (probably not entirely correct) patch fixes the problem because it marks the PIV card key as pCARDKEY even though keytime is 0.
diff --git a/g10/keygen.c b/g10/keygen.c index b510525e3..03c929c0b 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -4720,7 +4720,8 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
The error comes form using READKEY which is processed by gpg-agent. At this time the agent does not yet know the stub key and thus returns ENOENT. At the places before we used "SCD READKEY" which works directly with scdameon and does not need a stub file. We need to review the new(?) way of creating stub files, describe that and then fix this by either making sure tha the stub key is created first or that we use SCD READKEY there too.
Seems to work now. I'm not sure whether I should close this issue because it's marked for backport.
Works now. Thanks.
Nov 27 2020
Regarding a backport I think that I will eventually backport all app-*c to stable by source copying them. We have a quite stable internal API and thus it is easier to keep at least the card specific code in sync. I did some local work in this directory some time ago.
Nov 26 2020
Applied and push the change above in rG920154370834: scd,nks: Fix caching keygrip..
Nov 25 2020
For the first issue, I pushed the change in rGc3a20c88fb30: scd: Fix an error return for READKEY..
Nov 20 2020
The same problem occurs for NKS (v3) cards where the keys also do not have a keytime.