scdProject
ActivePublic

Watchers

  • This project does not have any watchers.

Recent Activity

Mon, Aug 12

gniibe added a commit to T4646: scd: Increase CCID timeout for Trustica Cryptoucan: rG879660bf4581: scd: Handle CCID bwi of time extension..
Mon, Aug 12, 3:55 AM · scd, Bug Report

Wed, Aug 7

gniibe added a commit to T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified: rG100642e77696: scd: Remove fallback mechanism to PC/SC..
Wed, Aug 7, 1:52 AM · scd, Feature Request
gniibe created T4673: 2.3-only: Don't fallback to PC/SC on failure by the internal CCID driver, only use PC/SC when --disable-ccid is specified.
Wed, Aug 7, 1:49 AM · scd, Feature Request

Tue, Aug 6

gniibe closed T4631: Difficulties to generate key on OpenPGP Smart Card V3.3 as Resolved.
Tue, Aug 6, 10:45 PM · scd, Bug Report

Sat, Jul 27

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

The card was replaced by the vendor. It seems to be a problem with the specific card. All other cards so far worked well. The issue can be closed.

Sat, Jul 27, 2:37 PM · scd, Bug Report

Thu, Jul 25

gniibe added a commit to T4646: scd: Increase CCID timeout for Trustica Cryptoucan: rG996c497a864d: scd: Handle CCID bwi of time extension..
Thu, Jul 25, 2:19 AM · scd, Bug Report
gniibe removed a project from T4646: scd: Increase CCID timeout for Trustica Cryptoucan: Info Needed.

I see your point (I am also the one who implements reader/token). That's reasonable argument.

Thu, Jul 25, 1:54 AM · scd, Bug Report

Mon, Jul 22

nephirus added a comment to T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

Thanks for clarification.
However, CCID_CMD_TIMEOUT should be then based on BWT value reported by the card/reader, as bulk_in() function will still timeout if BWT is longer than 5 seconds.

Mon, Jul 22, 12:50 PM · scd, Bug Report
nephirus closed T4645: scd: Configurable pinpad timeout as Invalid.

Thanks for pointing me in the right direction. I was confused by the hard-coded timeout value and got it all wrong.

Mon, Jul 22, 12:26 PM · Info Needed, scd, Feature Request
gniibe added a comment to T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

I realized that it's a product of token. Then, I suggest that implementing time extension correctly, if some operation doesn't finish in BWT (block waiting time).

Mon, Jul 22, 4:16 AM · scd, Bug Report
gniibe claimed T4645: scd: Configurable pinpad timeout.

In general, if it requires more time, a reader can reply with time extension.

Mon, Jul 22, 2:24 AM · Info Needed, scd, Feature Request
gniibe claimed T4646: scd: Increase CCID timeout for Trustica Cryptoucan.

What's Trustica Cryptoucan?
In general, if it requires more time, a reader can reply with time extension.

Mon, Jul 22, 2:18 AM · scd, Bug Report
gniibe added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

FYI, we have "factory-reset" command in gpg --card-edit; It is not enough for a card to have admin locked state, but it requires normal user locked state.

Mon, Jul 22, 2:11 AM · scd, Bug Report

Sat, Jul 20

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I applied the following with gpg-connect-agent --hex:

Sat, Jul 20, 3:46 PM · scd, Bug Report

Fri, Jul 19

nephirus created T4646: scd: Increase CCID timeout for Trustica Cryptoucan.
Fri, Jul 19, 3:09 PM · scd, Bug Report
nephirus created T4645: scd: Configurable pinpad timeout.
Fri, Jul 19, 2:49 PM · Info Needed, scd, Feature Request

Jul 19 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I do not wonder, that you face difficulties to reproduce it. It happened only with one card from my six cards; so five cards working fine. Therefore, I thought that this particular card was may dead at arrival and I contacted the vendor. They refused to replace it with the comment, it would be a well known issue. Do you know a test where I can demonstrate that the card is dead at arrival?

Jul 19 2019, 8:21 AM · scd, Bug Report
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

It responds somehow, but the content has invalid data of (bChainParameter=0x04):

2019-07-05 09:36:41 scdaemon[71407] DBG: chan_17 -> S LOGIN-DATA aheinecke
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 21
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 4
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 21
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bChainParameter ...: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 82 00 82
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 22
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 4
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 22
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bChainParameter ...: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 82 00 82
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: PC_to_RDR_XfrBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 9
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 23
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bBWI ..............: 0x04
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   wLevelParameter ...: 0x0000
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0010]  00 40 05 00 CA 00
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   [0016]  6E 00 E1
2019-07-05 09:36:46 scdaemon[71407] DBG: ccid-driver: usb_bulk_read error: LIBUSB_ERROR_TIMEOUT
2019-07-05 09:36:46 scdaemon[71407] ccid_transceive failed: (0x1000a)
2019-07-05 09:36:46 scdaemon[71407] apdu_send_simple(1) failed: card I/O error
Jul 19 2019, 8:05 AM · scd, gnupg
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

After the cancellation, the card reader seems being screwed up:

Jul 19 2019, 8:02 AM · scd, gnupg
gniibe added a comment to T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.

It is canceled:

2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: RDR_to_PC_DataBlock:
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   dwLength ..........: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSlot .............: 0
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bSeq ..............: 19
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bStatus ...........: 64
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver:   bError ............: 239
2019-07-05 09:36:41 scdaemon[71407] DBG: ccid-driver: CCID command failed: PIN cancelled
2019-07-05 09:36:41 scdaemon[71407] DBG: dismiss pinpad entry prompt
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 -> INQUIRE DISMISSPINPADPROMPT
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 <- END
2019-07-05 09:36:41 scdaemon[71407] verify CHV2 failed: Invalid response
2019-07-05 09:36:41 scdaemon[71407] operation decipher result: Invalid response
2019-07-05 09:36:41 scdaemon[71407] app_decipher failed: Invalid response
2019-07-05 09:36:41 scdaemon[71407] DBG: chan_7 -> ERR 100663372 Invalid response <SCD>
Jul 19 2019, 8:01 AM · scd, gnupg
gniibe removed a project from T4631: Difficulties to generate key on OpenPGP Smart Card V3.3: OpenPGP.

Please note that key generation is takes time unusually longer from a viewpoint of card reader.
It is possible for a card reader to give up the execution of key generation command as timeout.

Jul 19 2019, 6:40 AM · scd, Bug Report
gniibe claimed T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I am trying to reproduce your problem with my 3.3 card using my TTXS card reader.

Jul 19 2019, 3:37 AM · scd, Bug Report

Jul 18 2019

JW-D added a comment to T4631: Difficulties to generate key on OpenPGP Smart Card V3.3.

I use the internal driver.

Jul 18 2019, 8:37 PM · scd, Bug Report
werner edited projects for T4631: Difficulties to generate key on OpenPGP Smart Card V3.3, added: scd, OpenPGP; removed Info Needed.

Are you using pcscd (is that process running) or the internal driver.? Please try the latter if you are not already using it.

Jul 18 2019, 11:15 AM · scd, Bug Report

Jul 9 2019

gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

I pushed my change of rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
With TTXS, scdaemon correctly recovers from the error.

Jul 9 2019, 4:02 AM · gnupg, scd
gniibe added a commit to T4616: Smartcard: Card reset required - It should be automatic: rGc51a5685554a: scd: ccid-driver: Initial getting ATR more robustly..
Jul 9 2019, 4:01 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

When the computer is going to suspend, the scdaemon receives a message from USB layer as the interrupt transfer is shutting down, then scdaemon considers it's removal of device/card.
But in case of suspend (and the device does not support USB suspend), USB port is kept with the power.
So, it keeps running actually.

Jul 9 2019, 3:07 AM · gnupg, scd
gniibe added a comment to T4616: Smartcard: Card reset required - It should be automatic.

Here are results of my experiment with Intel NUC computer (which supports S4 (and S3)).

Jul 9 2019, 2:53 AM · gnupg, scd

Jul 8 2019

aheinecke created T4616: Smartcard: Card reset required - It should be automatic.
Jul 8 2019, 2:30 PM · gnupg, scd
gniibe added a comment to T4158: UIF (User Interaction Flag) DO support.

No. I intentionally select: Not-backporting this feature.
The feature is added for Yubikey, in the specification.
Use of the feature by Data-Object is not that so useful.

Jul 8 2019, 9:21 AM · Feature Request, scd, gnupg

Jul 5 2019

werner added a comment to T4158: UIF (User Interaction Flag) DO support.

I think we should not backport this to 2.2 - okay?

Jul 5 2019, 11:14 AM · Feature Request, scd, gnupg
aheinecke created T4614: GPG: Cancel on pinpad hangs decryption process for 20 seconds.
Jul 5 2019, 9:50 AM · scd, gnupg

Jun 10 2019

kaspro added a comment to T4301: Handling multiple subkeys on two SmartCards.

Thanks a lot @gniibe for this change.
I do understand and share your concerns, nevertheless are there, in my opinion valid reasons to be able to have a backup or duplicate, especially on the same or similar media type.
Consider for example giving multiple devices a chance of common interaction, using the keys for backup encryption etc. - I think there are several possible use-cases which can benefit from this.

Jun 10 2019, 7:40 PM · gnupg, scd, Bug Report

Jun 6 2019

gniibe added a commit to T3383: scdaemon option 'card-timeout' does not have any effect: rG72fe8d652fce: scd: Bring back --card-timeout option as deprecated..
Jun 6 2019, 2:57 AM · Documentation, scd, Bug Report

Jun 4 2019

gniibe added a comment to T3383: scdaemon option 'card-timeout' does not have any effect.

I see the regression of gpgconf. I wonder if it's better to fix gpgconf side, too.

Jun 4 2019, 8:46 AM · Documentation, scd, Bug Report
werner reopened T3383: scdaemon option 'card-timeout' does not have any effect as "Open".

I see a regression with your fix. This option is even controllable with gpgconf at the basic level. It would be better to make it a dummy option.

Jun 4 2019, 7:45 AM · Documentation, scd, Bug Report
gniibe closed T3383: scdaemon option 'card-timeout' does not have any effect as Resolved.
Jun 4 2019, 3:01 AM · Documentation, scd, Bug Report
gniibe added a commit to T3383: scdaemon option 'card-timeout' does not have any effect: rG4262933ef6f7: scd: Remove unsupported --card-timeout option..
Jun 4 2019, 2:56 AM · Documentation, scd, Bug Report
gniibe added projects to T3383: scdaemon option 'card-timeout' does not have any effect: scd, Documentation.

I meant, 'card-timeout' was not intended for controlling caching PIN on card. It was for "DISCONNECT" command support.
I'm going to remove questionable documentation.
Closing.

Jun 4 2019, 2:56 AM · Documentation, scd, Bug Report
gniibe closed T1854: Problems with same encryption and signing key on smartcard as Resolved.

While it's not recommended, current master has a support of sharing same raw key materials. I think that it now works (I don't try, though).
Closing.

Jun 4 2019, 2:33 AM · gnupg, Feature Request, scd
gniibe closed T2298: Unblocking a smartcard PIN not possible in 2.1 as Resolved.
Jun 4 2019, 2:29 AM · Info Needed, gnupg, scd, Bug Report
gniibe closed T1082: scd rewrites ~/.gnupg/reader_0.status with same content when SERIALNO is issued as Resolved.
Jun 4 2019, 2:25 AM · gnupg, Info Needed, gpg4win, Bug Report, scd

May 27 2019

werner added a commit to T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon.: rG9ccdd59e4e1e: agent: Stop scdaemon after reload when disable_scdaemon..
May 27 2019, 9:24 AM · Bug Report, scd, gpgagent

May 23 2019

gniibe closed T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon. as Resolved.

Simply sending "KILLSCD" is implemented.

May 23 2019, 3:19 AM · Bug Report, scd, gpgagent
gniibe added a commit to T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon.: rG7158a5696dc8: agent: Stop scdaemon after reload when disable_scdaemon..
May 23 2019, 3:18 AM · Bug Report, scd, gpgagent

May 21 2019

gniibe closed T4454: scdaemon is not working in cygwin (64bit) as Resolved.

In master, I pushed a change, closing.

May 21 2019, 9:40 AM · patch, scd, Cygwin, Bug Report
gniibe added a commit to T4454: scdaemon is not working in cygwin (64bit): rG1eb93d9229c5: scd: Fix for SCARD_IO_REQUEST structure..
May 21 2019, 9:39 AM · patch, scd, Cygwin, Bug Report
gniibe claimed T4454: scdaemon is not working in cygwin (64bit).

For future, it would make sense applying your patch, but I wonder if it works on macOS.
Let me check.

May 21 2019, 9:11 AM · patch, scd, Cygwin, Bug Report

May 20 2019

gniibe added a comment to T4301: Handling multiple subkeys on two SmartCards.

When having a backup media, I'd recommend completely different one (for example, on paper using paperkey to be stored in a locker in basement), which requires different method for recovering. Brains may be easily confused when same private key material exists in multiple similar devices.

May 20 2019, 2:12 AM · gnupg, scd, Bug Report
ageis added a comment to T4301: Handling multiple subkeys on two SmartCards.

Thanks for this @gniibe. I have long been frustrated by trying to save the correct "stubs" to have my keyring point at two different smartcards. It was common and even advocated in my former community to place one's master key on a separate smartcard (certify capability), with a different one designated for daily usage.

May 20 2019, 1:03 AM · gnupg, scd, Bug Report