Sorry, I realized this myself this morning and did couple of fixes. rG7113263a00d8 does this all however I forgot to mention the bug number.
Argh. The following patch replaces the previous patch. It fixes the calculation of the display serial number.
I think the calculation of the OpenPGP s/n is not correct. As you write, "Yubico seems to use the decimalized version of their S/N as the OpenPGP card S/N." This matches my observation for my Yubikey:
s/n printed on Yubikey: 9074582
Yubikey s/n (with our prefix): FF020001008A7796
OpenPGP AID: D2760001240102010006090745820000
Wed, Nov 25
Great. Please apply the patch.
Tue, Nov 24
Okay, I now got such a patch:
I found a good enough solution: I changed the code to compute the OpenPGP s/n from the Yubikey s/n right after a Yubikey has been detected. Later, and if OpenPGP enabled on the YK, the S/N is already there but we use the S/N from the 0x4f DO. That is needed because we can't compute the OpenPGP version number ahead and use 0.0 in the S/N.
Stable now and works as expected. Thank you!
Mon, Nov 23
Its done for 2.2 thus changing the tag.
Fri, Nov 20
How about distinguishing CARDNO and application specific SERIALNO?
Yes, it is due to a backport from master: rG1049f06c6d2e: scd:openpgp: Allow keygrip to be used to reference a key
Fixed in rG84020385be19: scd:openpgp: Public keys should be available for check_keyidstr..
Thu, Nov 19
The problem seems to have returned in 2.2.24.
Thanks again for your report.
I'm still having problems with 2.2.24. Now the card removal is detected correctly, but the initialization fails.
Wed, Nov 18
Mon, Nov 16
Fri, Nov 13
Thu, Nov 12
BTW, the idea is to fade out support for gpg --card-status and --card-edit. Thus no new features there. New features shall only go into gpg-card.
Fixing --card-status is definitely a good idea. gpg-card shows almost the same information as gpg --card-status except that it shows the correct "Version" and "Serial number". It would probably make sense to unify the code of --card-status and gpg-card's list command.
Let me describe current situation.
Wed, Nov 11
I just noticed that gpg --card-status now prints a bogus OpenPGP version number for my Yubikey. And it prints an empty serial number.
# gpg --card-status Reader ...........: 1050:0407:X:0 Application ID ...: FF020001008A7796 Application type .: OpenPGP Version ..........: 77.96 Manufacturer .....: Yubico Serial number ....:
Tue, Nov 10
For 2.2, rG61aea64b3c17: scd: Fix the use case of verify_chv2 by CHECKPIN. fixed this problem.