Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gpg --card-status shows different results when used with scdaemon and gnupg-pkcs11-scd #61

Open
alteholz opened this issue Apr 11, 2024 · 2 comments

Comments

@alteholz
Copy link

Hi everybody,

gpg --card-status shows different results when used with scdaemon and gnupg-pkcs11-scd

For example with scdaemon it shows:

Reader ...........: Cherry GmbH SmartTerminal ST-2xxx [Vendor Interface] (21121324107485) 00 00
(...)

wheras with gnupg-pkcs11-scd it only shows:

Reader ...........: [none]
(...)

I don't know whether this is related, but the debug log contains some:
gnupg-pkcs11-scd[2117546]: chan_0 <- GETATTR $SIGNKEYID
gnupg-pkcs11-scd[2117546]: chan_0 -> ERR 79 Invalid data

and some:
Get certificate attributes failed: 179:'CKR_SESSION_HANDLE_INVALID'

(there are no keys stored on this smartcard yet, so this might be ok)

Otherwise there are only: rv=0-'CKR_OK'

Do you have any idea what went wrong? I am using gnupg-pkcs11-scd v0.10.0

@alonbl
Copy link
Owner

alonbl commented Apr 13, 2024

Hi,
Each interface shows different attributes, this is normal.
I would need the full debug log to see what happens.
You must have at least one key+certificate on the token and follow the map page to the letter before you produce the log.
Thanks,

@saper
Copy link

saper commented Sep 28, 2024

I think you are not running pcscd.

Add disable-ccid to your scdaemon.conf so that GnuPG is also using pcscd to talk to the reader.

For troubleshooting, running pcscd -adf can be very helpful. Enjoy the show - but keep in mind that the output of pcscd usually contains sensitive data, so be careful when sharing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants