Projects scd

scdProject
ActivePublic
Watch Project

Members (1)
View All

Watchers
View All

  • This project does not have any watchers.

Recent Activity
View All

Tue, Oct 15

pow added a comment to T4654: Gemalto Ezio Shield (CT710): CCID command failed: Parameter error at offset 7.

@gniibe oh, I see thanks for pointing out precisely main the problem. I will check the hardware supply chain RoHS 2002/95/EC

Tue, Oct 15, 6:14 PM · scd, Testing, Bug Report
werner closed T4681: Allow non-OpenPGP cards with gpg 2.2 as Resolved.
Tue, Oct 15, 1:05 PM · gnupg (gpg22), scd, OpenPGP
werner added a commit to T4681: Allow non-OpenPGP cards with gpg 2.2: rG652ca4b2bf98: gpg: Extend --quick-gen-key for creating keys from a card..
Tue, Oct 15, 12:44 PM · gnupg (gpg22), scd, OpenPGP
gniibe added projects to T4654: Gemalto Ezio Shield (CT710): CCID command failed: Parameter error at offset 7: Testing, scd.

@pow, thanks for a reference. But problem here is that there are multiple products with same name.

Tue, Oct 15, 2:44 AM · scd, Testing, Bug Report

Wed, Oct 9

gniibe added a project to T4158: UIF (User Interaction Flag) DO support: Testing.
Wed, Oct 9, 4:17 AM · Testing, Feature Request, scd, gnupg

Wed, Sep 25

martin.von.wittich added a comment to T4710: Cannot use Secure PIN Entry for Reset Code.

For pinpadtest.py, you need to offer an option --add (adding dummy byte), when you are using Cherry ST-2xxx.

Wed, Sep 25, 2:55 PM · OpenPGP, scd, Bug Report
gniibe added a comment to T4710: Cannot use Secure PIN Entry for Reset Code.

For pinpadtest.py, you need to offer an option --add (adding dummy byte), when you are using Cherry ST-2xxx.

Wed, Sep 25, 1:39 PM · OpenPGP, scd, Bug Report
martin.von.wittich added a comment to T4710: Cannot use Secure PIN Entry for Reset Code.

It is not supported, by CCID protocol itself. So, it is not supported by scdaemon, and by any of card readers (which I know of), either.

Wed, Sep 25, 1:26 PM · OpenPGP, scd, Bug Report
gniibe claimed T4710: Cannot use Secure PIN Entry for Reset Code.

It is not supported, by CCID protocol itself. So, it is not supported by scdaemon, and by any of card readers (which I know of), either.

Wed, Sep 25, 12:09 PM · OpenPGP, scd, Bug Report
werner triaged T4710: Cannot use Secure PIN Entry for Reset Code as Normal priority.
Wed, Sep 25, 9:23 AM · OpenPGP, scd, Bug Report

Aug 23 2019

werner moved T4681: Allow non-OpenPGP cards with gpg 2.2 from Backlog to For next release on the gnupg (gpg22) board.
Aug 23 2019, 10:33 AM · gnupg (gpg22), scd, OpenPGP

Aug 22 2019

werner added a comment to T4681: Allow non-OpenPGP cards with gpg 2.2.

Note that rGd3f5d8544fdb needs to be backported to 2.2 but we will wait until we have better tested it.

Aug 22 2019, 4:44 PM · gnupg (gpg22), scd, OpenPGP
werner added a commit to T4681: Allow non-OpenPGP cards with gpg 2.2: rGd3f5d8544fdb: gpg: Extend --quick-gen-key for creating keys from a card..
Aug 22 2019, 4:43 PM · gnupg (gpg22), scd, OpenPGP

Aug 21 2019

werner added a commit to T4681: Allow non-OpenPGP cards with gpg 2.2: rG9a317557c58d: gpg: Allow decryption using non-OpenPGP cards..
Aug 21 2019, 2:03 PM · gnupg (gpg22), scd, OpenPGP
werner created T4681: Allow non-OpenPGP cards with gpg 2.2.
Aug 21 2019, 1:56 PM · gnupg (gpg22), scd, OpenPGP

Aug 12 2019

gniibe added a commit to T4646: scd: Increase CCID timeout for Trustica Cryptoucan: rG879660bf4581: scd: Handle CCID bwi of time extension..
Aug 12 2019, 3:55 AM · scd, Bug Report

Aug 7 2019

gniibe added a commit to T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified: rG100642e77696: scd: Remove fallback mechanism to PC/SC..
Aug 7 2019, 1:52 AM · scd, Feature Request
gniibe created T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified.
Aug 7 2019, 1:49 AM · scd, Feature Request

Aug 6 2019

gniibe closed T4631: Difficulties to generate key on OpenPGP Smart Card V3.3 as Resolved.
Aug 6 2019, 10:45 PM · scd, Bug Report

Jul 27 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

The card was replaced by the vendor. It seems to be a problem with the specific card. All other cards so far worked well. The issue can be closed.

Jul 27 2019, 2:37 PM · scd, Bug Report

Jul 25 2019

gniibe added a commit to T4646: scd: Increase CCID timeout for Trustica Cryptoucan: rG996c497a864d: scd: Handle CCID bwi of time extension..
Jul 25 2019, 2:19 AM · scd, Bug Report
gniibe removed a project from T4646: scd: Increase CCID timeout for Trustica Cryptoucan: Info Needed.

I see your point (I am also the one who implements reader/token). That's reasonable argument.

Jul 25 2019, 1:54 AM · scd, Bug Report

Jul 22 2019

nephirus added a comment to T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

Thanks for clarification.
However, CCID_CMD_TIMEOUT should be then based on BWT value reported by the card/reader, as bulk_in() function will still timeout if BWT is longer than 5 seconds.

Jul 22 2019, 12:50 PM · scd, Bug Report
nephirus closed T4645: scd: Configurable pinpad timeout as Invalid.

Thanks for pointing me in the right direction. I was confused by the hard-coded timeout value and got it all wrong.

Jul 22 2019, 12:26 PM · Info Needed, scd, Feature Request
gniibe added a comment to T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

I realized that it's a product of token. Then, I suggest that implementing time extension correctly, if some operation doesn't finish in BWT (block waiting time).

Jul 22 2019, 4:16 AM · scd, Bug Report
gniibe claimed T4645: scd: Configurable pinpad timeout.

In general, if it requires more time, a reader can reply with time extension.

Jul 22 2019, 2:24 AM · Info Needed, scd, Feature Request
gniibe claimed T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

What's Trustica Cryptoucan?
In general, if it requires more time, a reader can reply with time extension.

Jul 22 2019, 2:18 AM · scd, Bug Report
gniibe added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

FYI, we have "factory-reset" command in gpg --card-edit; It is not enough for a card to have admin locked state, but it requires normal user locked state, too.

Jul 22 2019, 2:11 AM · scd, Bug Report

Jul 20 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I applied the following with gpg-connect-agent --hex:

Jul 20 2019, 3:46 PM · scd, Bug Report

Jul 19 2019

nephirus created T4646: scd: Increase CCID timeout for Trustica Cryptoucan.
Jul 19 2019, 3:09 PM · scd, Bug Report
nephirus created T4645: scd: Configurable pinpad timeout.
Jul 19 2019, 2:49 PM · Info Needed, scd, Feature Request
JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I do not wonder, that you face difficulties to reproduce it. It happened only with one card from my six cards; so five cards working fine. Therefore, I thought that this particular card was may dead at arrival and I contacted the vendor. They refused to replace it with the comment, it would be a well known issue. Do you know a test where I can demonstrate that the card is dead at arrival?

Jul 19 2019, 8:21 AM · scd, Bug Report
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

It responds somehow, but the content has invalid data of (bChainParameter=0x04):

2019-07-05 09:36:41 scdaemon[71407] DBG: chan_17 -> S LOGIN-DATA aheinecke
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 21
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 4
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 21
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bChainParameter ...: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 82 00 82
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 22
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 4
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 22
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bChainParameter ...: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 82 00 82
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 23
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:46 scdaemon[71407] DBG: ccid-driver: usb_bulk_read error: LIBUSB_ERROR_TIMEOUT
2019-07-05 09:36:46 scdaemon[71407] ccid_transceive failed: (0x1000a)
2019-07-05 09:36:46 scdaemon[71407] apdu_send_simple(1) failed: card I/O error
Jul 19 2019, 8:05 AM · scd, gnupg
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

After the cancellation, the card reader seems being screwed up:

Jul 19 2019, 8:02 AM · scd, gnupg
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

It is canceled:

2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 19
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 64
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bError ............: 239
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: CCID command failed: PIN cancelled
2019-07-05 09:36:41 scdaemon[71407] DBG: dismiss pinpad entry prompt
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 -> INQUIRE DISMISSPINPADPROMPT
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 <- END
2019-07-05 09:36:41 scdaemon[71407] verify CHV2 failed: Invalid response
2019-07-05 09:36:41 scdaemon[71407] operation decipher result: Invalid response
2019-07-05 09:36:41 scdaemon[71407] app_decipher failed: Invalid response
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 -> ERR 100663372 Invalid response <SCD>
Jul 19 2019, 8:01 AM · scd, gnupg
gniibe removed a project from T4631: Difficulties to generate key on OpenPGP Smart Card V3.3: OpenPGP.

Please note that key generation is takes time unusually longer from a viewpoint of card reader.
It is possible for a card reader to give up the execution of key generation command as timeout.

Jul 19 2019, 6:40 AM · scd, Bug Report
gniibe claimed T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I am trying to reproduce your problem with my 3.3 card using my TTXS card reader.

Jul 19 2019, 3:37 AM · scd, Bug Report

Jul 18 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I use the internal driver.

Jul 18 2019, 8:37 PM · scd, Bug Report
werner edited projects for T4631: Difficulties to generate key on OpenPGP Smart Card V3.3, added: scd, OpenPGP; removed Info Needed.

Are you using pcscd (is that process running) or the internal driver.? Please try the latter if you are not already using it.

Jul 18 2019, 11:15 AM · scd, Bug Report

Jul 9 2019

gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

I pushed my change of rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
With TTXS, scdaemon correctly recovers from the error.

Jul 9 2019, 4:02 AM · gnupg, scd
gniibe added a commit to T4616: Smartcard: Card reset required - It should be automatic: rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
Jul 9 2019, 4:01 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

When the computer is going to suspend, the scdaemon receives a message from USB layer as the interrupt transfer is shutting down, then scdaemon considers it's removal of device/card.
But in case of suspend (and the device does not support USB suspend), USB port is kept with the power.
So, it keeps running actually.

Jul 9 2019, 3:07 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

Here are results of my experiment with Intel NUC computer (which supports S4 (and S3)).

Jul 9 2019, 2:53 AM · gnupg, scd

Jul 8 2019

aheinecke created T4616: Smartcard: Card reset required - It should be automatic.
Jul 8 2019, 2:30 PM · gnupg, scd
gniibe added a comment to T4158: UIF (User Interaction Flag) DO support.

No. I intentionally select: Not-backporting this feature.
The feature is added for Yubikey, in the specification.
Use of the feature by Data-Object is not that so useful.

Jul 8 2019, 9:21 AM · Testing, Feature Request, scd, gnupg

Jul 5 2019

werner added a comment to T4158: UIF (User Interaction Flag) DO support.

I think we should not backport this to 2.2 - okay?

Jul 5 2019, 11:14 AM · Testing, Feature Request, scd, gnupg
aheinecke created T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.
Jul 5 2019, 9:50 AM · scd, gnupg

Jun 10 2019

kaspro added a comment to T4301: Handling multiple subkeys on two SmartCards.

Thanks a lot @gniibe for this change.
I do understand and share your concerns, nevertheless are there, in my opinion valid reasons to be able to have a backup or duplicate, especially on the same or similar media type.
Consider for example giving multiple devices a chance of common interaction, using the keys for backup encryption etc. - I think there are several possible use-cases which can benefit from this.

Jun 10 2019, 7:40 PM · gnupg, scd, Bug Report

Jun 6 2019

gniibe added a commit to T3383: scdaemon option 'card-timeout' does not have any effect: rG72fe8d652fce: scd: Bring back --card-timeout option as deprecated..
Jun 6 2019, 2:57 AM · Documentation, scd, Bug Report

Jun 4 2019

gniibe added a comment to T3383: scdaemon option 'card-timeout' does not have any effect.

I see the regression of gpgconf. I wonder if it's better to fix gpgconf side, too.

Jun 4 2019, 8:46 AM · Documentation, scd, Bug Report