FS#71279 - gnupg 2.2.28 does not work with Smart Cards
Attached to Project:
Arch Linux
Opened by Adam Jimerson (vendion) - Thursday, 17 June 2021, 14:46 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 17 June 2021, 21:18 GMT
Opened by Adam Jimerson (vendion) - Thursday, 17 June 2021, 14:46 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 17 June 2021, 21:18 GMT
|
Details
Description:
With GnuPG 2.2.27 and older I was able to have a split key with part of it being stored on my Yubikey NEO, and when I did an action that needed my key I would be prompted to insert the key and then put in my password. Also I was able to have the `gpg` query the status of my smart card with `gpg --card-status`: [~/Downloads]─> gpg --card-status Reader ...........: 1050:0116:X:0 Application ID ...: D2760001240102000006085023460000 Application type .: OpenPGP Version ..........: 2.0 Manufacturer .....: Yubico Serial number ....: 08502346 Name of cardholder: Adam Jimerson Language prefs ...: en Salutation .......: Mr. URL of public key : https://keybase.io/vendion/pgp_keys.asc?fingerprint=e91020f1e7b30f18e24a8315f1f26b789fc642d0 Login data .......: vendion Signature PIN ....: not forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 3326 Signature key ....: 2CB9 41E0 3DDD 2502 FA60 8A96 B666 52C8 DA53 1A49 created ....: 2014-06-19 03:01:03 Encryption key....: E7C3 C547 A29E 4D47 932D B8B1 B460 C43F A28F D091 created ....: 2014-06-19 03:01:03 Authentication key: A3D7 864F 5A52 445D 1BF7 12B1 9FFF 49F8 DFE4 655F created ....: 2018-08-13 23:31:04 General key info..: sub rsa2048/0xB66652C8DA531A49 2014-06-19 keybase.io/vendion <vendion@keybase.io> sec rsa4096/0xF1F26B789FC642D0 created: 2014-06-19 expires: never ssb> rsa2048/0xB66652C8DA531A49 created: 2014-06-19 expires: 2022-06-17 card-no: 0006 08502346 ssb> rsa2048/0xB460C43FA28FD091 created: 2014-06-19 expires: 2022-06-17 card-no: 0006 08502346 ssb> rsa2048/0x9FFF49F8DFE4655F created: 2018-08-13 expires: never card-no: 0006 08502346 After the update to 2.2.28 nothing seems to work with my smart card, `gpg --card-status` reports the following: gpg: selecting card failed: No such device gpg: OpenPGP card not available: No such device and if I try to do something that requires my GPG key (use my password manager, make a gpg signed git commit, etc) I just keep get asked to insert my card. Looking at `dmesg` I don't really see anything relavent to this other than when I unplugged and plugged my yubikey back in. Downgrading gnupg to 2.2.27 fixes the issue though. |
This task depends upon
Closed by Levente Polyak (anthraxx)
Thursday, 17 June 2021, 21:18 GMT
Reason for closing: Fixed
Additional comments about closing: backported in 2.2.28-2
Thursday, 17 June 2021, 21:18 GMT
Reason for closing: Fixed
Additional comments about closing: backported in 2.2.28-2
[1] https://github.com/gpg/gnupg/commit/01a413d5235f1bbd00f83fb86d0e183d8f0b1a57
[2] https://github.com/gpg/gnupg/commit/f8588369bcb0e66118725793b53e871ce2acb10d
[3] https://github.com/gpg/gnupg/commit/ec56996029d95d4bd26e1badfe207232270c6247
[1] https://github.com/gpg/gnupg/commit/01a413d5235f1bbd00f83fb86d0e183d8f0b1a57.patch