15 Mar 2020 |
cyril.lu | Hey there | 12:43:36 |
cyril.lu | I have troubles to use an OpenPGP Smart Card with gpg | 12:44:09 |
cyril.lu | Here are some tests I did with gpg and OpenSC https://pastebin.com/gE9VXWjw, which eventually fail with 'Transmit failed' | 12:44:59 |
Aroop Roelofs | what is the issue? : > | 12:45:36 |
cyril.lu | Do you have ideas of things I can try to troubleshoot the problem? | 12:45:31 |
cyril.lu | :p I get "gpg: OpenPGP card not available: Card removed" when trying gpg --card-status | 12:46:50 |
cyril.lu | I used to do it with a yubikey which worked well, this time I am using an OpenPGP Smart Card with a Cherry keyboard with card reader embedded | 12:47:54 |
Aroop Roelofs | I take it you're on Linux? | 12:50:44 |
cyril.lu | It does the same on Linux and macOS | 12:51:05 |
cyril.lu | I am trying to get a log from scdaemon on Linux, I guess it might help | 12:51:42 |
Aroop Roelofs | Is the keyboard brandspanking new or? | 12:52:36 |
cyril.lu | It is recognised as Cherry SmartBoard XX44, I bought it used and don’t really know his age / working condition | 12:53:51 |
cyril.lu | Here is a debugging log from scdaemon https://pastebin.com/zHgHwnKv (this time, gpg2 --card-status timed out with No such device) | 12:57:49 |
cyril.lu | Ok, the smart card might not be supported by my reader | 14:25:21 |
cyril.lu | OpenPGP smart card specification v3.3 states "Extended length should be supported" for card readers | 14:26:39 |
cyril.lu | and my reader XX44 is listed with Limitations: No extended APDU on https://ccid.apdu.fr/ccid/supported.html | 14:28:56 |
cyril.lu | But the keyboard is listed on https://www.gnupg.org/howtos/card-howto/en/ch02s02.html | 14:31:14 |
cyril.lu | and some articles suggests that is can work with an OpenPGP smart card V2 | 14:34:24 |
cyril.lu | in the V2 specs, it is mentioned "Extended length shall be supported." | 14:34:45 |
cyril.lu | I am not sure to understand should and shell correctly :p | 14:35:20 |
wiktor | cyril.lu: I guess these words come from https://tools.ietf.org/html/rfc2119 | 15:23:12 |
wiktor | but as for the errors I'd ask on gnupg-devel mailing list https://lists.gnupg.org/pipermail/gnupg-devel/ as there are smartcard people out there who can directly answer you | 15:23:50 |
wiktor | (no promises though ;) ) | 15:23:56 |
cyril.lu | ok thanks! I will ask in the following days if I don't manage to find more information | 15:25:00 |
wiktor | in OpenPGP Card world there are actually two people that are most knowledgeable, you'll find one of them (NIIBE Yutaka) on GnuPG ML so don't hesitate to ask there :) | 15:26:29 |
cyril.lu | Yes, I am actually planing to develop a smart card reader, so I have to read some specs anyway :p | 15:27:55 |
wiktor | is this just for fun or are there any business use cases that your reader will solve better than what's on the market? :) | 15:28:28 |
cyril.lu | It is the follow up of a personal project | 15:29:20 |
cyril.lu | I made a DIY mechanical keyboard with an embedded trackball | 15:30:38 |
cyril.lu | now I want to be able to use it to log into servers or decrypt passwords | 15:31:19 |