Mailing List Archive

Smartcard decryption still doesn't work on 2.1 beta...
I tracked this down to get_it() in g10/pubkey_enc.c. The card flag
never gets set, so we never hit the right branch of code.

At first I thought it would be as easy as checking to see if sk.mode ==
1002, and setting the flag, but it seems like the key passed into get_it
intentionally doesn't have any secret key info. It also doesn't have
valid settings for sk->flags.serialno_valid or sk->serialno.

I did write a patch for my system. It works by adding one last step to
get_seckey() in g10/getkey.c. After everything else succeeds, it calls
agent_get_keyinfo(), and sets pk->serialno and pk->flags.serialno_valid
to the correct values.

I haven't attached a patch because (1) I'm not sure if this is the best
solution, and (2) I didn't want to provide any copyright contamination.
But the patch is probably 10-15 lines once I clean it up. So let me
know if you want it Werner.

--
-Grant

"Look around! Can you construct some sort of rudimentary lathe?"
Re: Smartcard decryption still doesn't work on 2.1 beta... [ In reply to ]
On Tue, 22 Mar 2011 00:47, kgo@grant-olson.net said:

> At first I thought it would be as easy as checking to see if sk.mode ==
> 1002, and setting the flag, but it seems like the key passed into get_it
> intentionally doesn't have any secret key info. It also doesn't have

Right. gpg shall not know anything about smartcards. It is now all up
to gpg-agent to decide whether a smartcard is to be used. If gpg wants
to know whether the key is on a smartcard, it has to ask gpg-agent for
that information. It is pretty likely that some stuff does not yet
work; there are still a few FIXMEs in the code.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel