Prompting for two different challenge codes at once
Opened this issue · 1 comments
Lerrrtaste commented
After executing onlykey-gpg init "Name <email>"
The prompt for the 3 digit challenge code appears, but after pressing the first digit, I am being asked for a second, different challenge code. Typing the second digit causes the error below. None of the two codes are accepted, it always crashes after the second digit.
OnlyKey v2.1.2-prodc
onlykey-agent=1.1.13
lib-agent=1.0.4
$ rm .gnupg/onlykey -rf; onlykey-gpg init "Name <email>"
Enter the 3 digit challenge code on OnlyKey to authorize <gpg://Name <email>|ed25519>
3 6 3
Enter the 3 digit challenge code on OnlyKey to authorize <gpg://Name <email>|ed25519>
1 1 3
gpg: inserting ownertrust of 6
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: error reading key: No secret key
Traceback (most recent call last):
File "/nix/store/4xdxhkmadnxspak0c8lhcqfc2ngx65l1-onlykey-agent-1.1.13/bin/.onlykey-gpg-wrapped", line 9, in <module>
sys.exit(gpg_tool())
File "/nix/store/4xdxhkmadnxspak0c8lhcqfc2ngx65l1-onlykey-agent-1.1.13/lib/python3.9/site-packages/onlykey_agent/__init__.py", line 6, in <lambda>
gpg_tool = lambda: libagent.gpg.main(DeviceType)
File "/nix/store/1kswc7h6ns4658pkymcfp0j8ss11wanb-python3.9-libagent-1.0.4/lib/python3.9/site-packages/libagent/gpg/__init__.py", line 392, in main
return args.func(device_type=device_type, args=args)
File "/nix/store/1kswc7h6ns4658pkymcfp0j8ss11wanb-python3.9-libagent-1.0.4/lib/python3.9/site-packages/libagent/gpg/__init__.py", line 226, in run_init
check_call(keyring.gpg_command(['--homedir', homedir,
File "/nix/store/1kswc7h6ns4658pkymcfp0j8ss11wanb-python3.9-libagent-1.0.4/lib/python3.9/site-packages/libagent/gpg/__init__.py", line 114, in check_call
subprocess.check_call(args=args, stdin=stdin, env=env)
File "/nix/store/j652sgyb3137c19v5vy5ziaarw5k5bf6-python3-3.9.15/lib/python3.9/subprocess.py", line 373, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/nix/store/1zxblwdng71wsl4lwwpl5gm1k533c1pi-gnupg-2.3.6/bin/gpg', '--homedir', '/home/username/.gnupg/onlykey', '--list-secret-keys', 'Name <email>']' returned non-zero exit status 2.
onlykey commented
Hey I wasn't able to replicate this. To use the GPG agent you do need to set derived key challenge mode to press only.
https://docs.onlykey.io/onlykey-agent.html#setting-derived-key-user-input-mode
% onlykey-gpg init "Name <email>"
Enter the 3 digit challenge code on OnlyKey to authorize <gpg://Name <email>|ed25519>
3 5 4
Enter the 3 digit challenge code on OnlyKey to authorize <gpg://Name <email>|ed25519>
6 3 6
gpg: inserting ownertrust of 6
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
sec ed25519 1970-01-01 [SC]
649BED8398B2593790FDC7DA
uid [ultimate] Name <email>
ssb cv25519 1970-01-01 [E]