scdProject
ActivePublic

Watchers

  • This project does not have any watchers.

Recent Activity

Today

werner added a comment to T3891: kdf-setup does not set admin and user PIN codes.

T4702 is our release info task for 2.3.0

Tue, Jan 26, 4:42 PM · Testing, scd, Bug Report
szszszsz-nitrokey added a comment to T3891: kdf-setup does not set admin and user PIN codes.

@gniibe Hi! Can you estimate, when this feature will be released?

Tue, Jan 26, 2:08 PM · Testing, scd, Bug Report

Mon, Jan 11

werner triaged T5219: scd: Generating CSR for SigG NetKey card key fails as Low priority.

Lowered priority because in reality it is not possible to get a certificate for an arbitrary SigG key on the card. Only accredited CAs may issue certs and they want to keep full control over the key generation.

Mon, Jan 11, 8:35 PM · scd

Fri, Jan 8

werner closed T5167: GnuPG 2.25 still have problems related to Yubikey NEO. as Resolved.
Fri, Jan 8, 9:58 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Thu, Jan 7

ikloecker added a comment to T5219: scd: Generating CSR for SigG NetKey card key fails.

do_sign() calls find_fid_by_keyref() which does a switch_application(). So, I think the SigG application should already be active. But, yes, please have a look at it.

Thu, Jan 7, 4:11 PM · scd
werner added a comment to T5219: scd: Generating CSR for SigG NetKey card key fails.

We need to switch to the SigG application. Shall I look at it?

Thu, Jan 7, 12:04 PM · scd
ikloecker added a parent task for T5219: scd: Generating CSR for SigG NetKey card key fails: T5129: Kleopatra: Generate S/MIME CSR for NetKey card key.
Thu, Jan 7, 10:35 AM · scd
ikloecker created T5219: scd: Generating CSR for SigG NetKey card key fails.
Thu, Jan 7, 10:35 AM · scd

Wed, Jan 6

ikloecker added a commit to T5184: scd: Generating CSR for NetKey card key fails: rG7eef40cc1143: I meant "SHA-2 digests" in the previous commit..
Wed, Jan 6, 3:06 PM · scd
ikloecker closed T5184: scd: Generating CSR for NetKey card key fails as Resolved.
Wed, Jan 6, 12:22 PM · scd
ikloecker added a commit to T5184: scd: Generating CSR for NetKey card key fails: rG8fe976d5b9a0: scd:nks: Add support for signing plain SHA-3 digests..
Wed, Jan 6, 12:21 PM · scd

Tue, Jan 5

werner reassigned T5184: scd: Generating CSR for NetKey card key fails from werner to ikloecker.

It seems you have a pretty good understanding and also test cases at hand. May I ask you to apply the suggested pacthes to master?

Tue, Jan 5, 11:08 AM · scd
werner claimed T5184: scd: Generating CSR for NetKey card key fails.
Tue, Jan 5, 9:13 AM · scd

Dec 25 2020

gniibe closed T5163: Cannot import NIST-P521 key to OpenPGP v3.3 smart card as Resolved.
Dec 25 2020, 8:24 AM · Testing, gnupg, scd, Bug Report

Dec 23 2020

gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Already have set another, thanks gnibe! See ya!

Dec 23 2020, 2:27 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Please change your passphrase for your card, BTW.

Dec 23 2020, 1:31 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe changed the status of T5167: GnuPG 2.25 still have problems related to Yubikey NEO. from Open to Testing.
Dec 23 2020, 1:30 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Good. The error recovery worked well.

Dec 23 2020, 1:30 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 22 2020

gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..
$ gpg --card-status
$ gpgconf --kill scdaemon
$ git fetch << (Used my PIN, I have reverted to my previous code other day, is not anymore 123456)

Dec 22 2020, 5:43 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 21 2020

aheinecke closed T5186: SCD: Stable branch "Invalid ID" when attempting to sign with bp384 yubikey as Resolved.

Yes, that worked. Thanks for the tip and sorry for the noise ;-)

Dec 21 2020, 11:11 AM · gnupg, scd
gniibe added a comment to T5186: SCD: Stable branch "Invalid ID" when attempting to sign with bp384 yubikey.

I think that ... For some reason, your private key file under .gnupg/private-keys-v1.d has wrong serial number.

Dec 21 2020, 6:50 AM · gnupg, scd
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Thank you for your testing.
May I ask more test, please?

Dec 21 2020, 1:31 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 20 2020

gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Hi, I have applied both patch and appears Yubikey is now working correct. I have uploaded the log here.

Dec 20 2020, 2:19 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 18 2020

aheinecke created T5186: SCD: Stable branch "Invalid ID" when attempting to sign with bp384 yubikey.
Dec 18 2020, 9:30 AM · gnupg, scd
ikloecker added a comment to T5184: scd: Generating CSR for NetKey card key fails.

Yes, makes sense. Although, you should use datalen = indatalen; in the last line (to prevent typos in the numbers).

Dec 18 2020, 9:19 AM · scd
gniibe added a comment to T5184: scd: Generating CSR for NetKey card key fails.

IIUC, for completeness, it would be good to add the lines like:

Dec 18 2020, 7:54 AM · scd

Dec 17 2020

ikloecker created T5184: scd: Generating CSR for NetKey card key fails.
Dec 17 2020, 3:08 PM · scd

Dec 16 2020

gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Nice, I gonna apply the patch and see if resolves for me!

Dec 16 2020, 3:55 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Nice, I gonna apply the patch and see if resolves for me!

Dec 16 2020, 3:25 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a commit to T5167: GnuPG 2.25 still have problems related to Yubikey NEO.: rG3c55e15cee4b: scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup..
Dec 16 2020, 2:18 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a commit to T5167: GnuPG 2.25 still have problems related to Yubikey NEO.: rG585cfca0a60b: scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR..
Dec 16 2020, 2:18 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 11 2020

gniibe added a commit to T5150: scd: For NetKey cards READKEY with keygrip fails: rG3b3926308813: scd:nks: Support READKEY with keygrip and for "NKS-IDLM" keyref..
Dec 11 2020, 6:12 AM · backport, gnupg (gpg23), scd
gniibe added a comment to T5150: scd: For NetKey cards READKEY with keygrip fails.

Reading the code again, I think that some configuration of NKS card doesn't work well, when it has no certificates but keys (e.g. IDLM config).
I'm going to fix do_readkey as well (the approach #1).

Dec 11 2020, 1:13 AM · backport, gnupg (gpg23), scd

Dec 10 2020

ikloecker closed T5150: scd: For NetKey cards READKEY with keygrip fails as Resolved.

With little (mostly no) knowledge of NKS card, I think I fixed this issue.

Dec 10 2020, 10:39 AM · backport, gnupg (gpg23), scd
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

With my Yubikey NEO, when I use OTP (touching the button to generate OTP output as key input), I observed "card eject" event:

2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: interrupt callback 0 (2)
2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: NotifySlotChange: 02
2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: card removed
2020-12-10 11:23:05 scdaemon[7254] DBG: enter: apdu_get_status: slot=0 hang=0
2020-12-10 11:23:05 scdaemon[7254] DBG: leave: apdu_get_status => sw=0x1000c status=0
2020-12-10 11:23:05 scdaemon[7254] DBG: Removal of a card: 0
Dec 10 2020, 3:46 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a commit to T5150: scd: For NetKey cards READKEY with keygrip fails: rG4020cd9d6562: scd:nks: Add support of KEYGRIP for do_readcert..
Dec 10 2020, 2:41 AM · backport, gnupg (gpg23), scd
gniibe added a comment to T5150: scd: For NetKey cards READKEY with keygrip fails.

Thanks a lot for your time to locate the problem. I took the approach of #2.

Dec 10 2020, 2:37 AM · backport, gnupg (gpg23), scd

Dec 9 2020

ikloecker closed T5161: scd: For NetKey cards KEYINFO with keygrip fails as Resolved.

This works now. Thanks.

Dec 9 2020, 12:23 PM · Testing, scd
ikloecker reassigned T5150: scd: For NetKey cards READKEY with keygrip fails from ikloecker to gniibe.

I'm not sure why I thought that it would work now. With current master I get

$ gpg-connect-agent "SCD READKEY --info-only -- 39400430E38BB96F105B740A7119FE113578B59D" /bye
ERR 100663414 Invalid ID <SCD>
Dec 9 2020, 12:19 PM · backport, gnupg (gpg23), scd
gniibe added a commit to T5167: GnuPG 2.25 still have problems related to Yubikey NEO.: rGf50373027222: scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup..
Dec 9 2020, 4:59 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a commit to T5167: GnuPG 2.25 still have problems related to Yubikey NEO.: rGffabc29d5ead: scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR..
Dec 9 2020, 4:43 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

I checked the development log for the addition of:

libusb_clear_halt (handle->idev, handle->ep_intr);
Dec 9 2020, 4:35 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

I have another yubikey neo but its clean. Can it help it?

Dec 9 2020, 1:30 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

I have another yubikey neo but its clean. Can it help it?

Dec 9 2020, 12:57 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Changing modes will I lose/change my OTP and FIDO codes?

Dec 9 2020, 12:38 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report

Dec 8 2020

gbschenkel added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Changing modes will I lose/change my OTP and FIDO codes?

Dec 8 2020, 11:44 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe renamed T5167: GnuPG 2.25 still have problems related to Yubikey NEO. from GnuPG 2.25 still have problems related to Yubikey. to GnuPG 2.25 still have problems related to Yubikey NEO..
Dec 8 2020, 12:01 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe triaged T5167: GnuPG 2.25 still have problems related to Yubikey NEO. as High priority.
Dec 8 2020, 12:00 PM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Following device (a bit older than yours, I guess) works well:

DBG: ccid-driver: idVendor: 1050  idProduct: 0112  bcdDevice: 0334

When I configure it to OTP+FIDO+CCID, it also works for me, it is:

DBG: ccid-driver: idVendor: 1050  idProduct: 0116  bcdDevice: 0334
Dec 8 2020, 11:58 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report
gniibe added a comment to T5167: GnuPG 2.25 still have problems related to Yubikey NEO..

Thanks a lot.
Let me explain the situation.

Dec 8 2020, 2:33 AM · gnupg (gpg22), yubikey, ssh, scd, Bug Report