gpg --card-status shows different results when used with scdaemon and gnupg-pkcs11-scd
Opened this issue · 2 comments
Hi everybody,
gpg --card-status shows different results when used with scdaemon and gnupg-pkcs11-scd
For example with scdaemon it shows:
Reader ...........: Cherry GmbH SmartTerminal ST-2xxx [Vendor Interface] (21121324107485) 00 00
(...)
wheras with gnupg-pkcs11-scd it only shows:
Reader ...........: [none]
(...)
I don't know whether this is related, but the debug log contains some:
gnupg-pkcs11-scd[2117546]: chan_0 <- GETATTR $SIGNKEYID
gnupg-pkcs11-scd[2117546]: chan_0 -> ERR 79 Invalid data
and some:
Get certificate attributes failed: 179:'CKR_SESSION_HANDLE_INVALID'
(there are no keys stored on this smartcard yet, so this might be ok)
Otherwise there are only: rv=0-'CKR_OK'
Do you have any idea what went wrong? I am using gnupg-pkcs11-scd v0.10.0
Hi,
Each interface shows different attributes, this is normal.
I would need the full debug log to see what happens.
You must have at least one key+certificate on the token and follow the map page to the letter before you produce the log.
Thanks,
I think you are not running pcscd
.
Add disable-ccid
to your scdaemon.conf so that GnuPG is also using pcscd to talk to the reader.
For troubleshooting, running pcscd -adf
can be very helpful. Enjoy the show - but keep in mind that the output of pcscd usually contains sensitive data, so be careful when sharing.