Hello,
I'm preparing the move to a new FreeBSD version (bleeding edge CURRENT with all
ports from beginning of February).
My OpenPGP card works in the "Identiv uTrust 3512 SAM slot Token" fine on
the new setup for decrypting my passwordstore and SSH.
On the old system where GnuPG is 2.2.12, the 'gpg2 --card-status' says:
$ gpg2 --card-status
Reader ...........: 04E6:5816:55511725600891:0
Application ID ...: D27600012401020100050000532B0000
Version ..........: 2.1
Manufacturer .....: ZeitControl
Serial number ....: 0000532B
Name of cardholder: Matthias Apitz
...
But on the new system it does work correctly. Here are the details:
$ uname -a
FreeBSD c720-r357756 13.0-CURRENT FreeBSD 13.0-CURRENT #2 r357756: Tue Feb 11 18:52:09 CET 2020 guru@jet:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
$ gpg2 --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/guru/.gnupg-ccid
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$ gpg2 --card-status
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
$ gpg2 --card-edit
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
gpg/card>
A trussing (it's like Linux strace) shows the offending dialog with the
gpg-agent:
$ truss -o tr gpg2 --card-status
...
connect(3,{ AF_UNIX "/var/run/user/1001/gnupg/d.m4rfaasqebhjmgto9ddm6m7y/S.gpg-agent" },65) = 0 (0x0)
read(3,"OK Pleased to meet you",1002) = 22 (0x16)
read(3,"\n",980) = 1 (0x1)
write(3,"RESET",5) = 5 (0x5)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 34379100160 (0x801277000)
mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 34379104256 (0x801278000)
write(3,"OPTION ttyname=/dev/pts/1",25) = 25 (0x19)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION ttytype=rxvt-unicode-256c"...,36) = 36 (0x24)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION display=:0",17) = 17 (0x11)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION xauthority=/home/guru/.Xa"...,40) = 40 (0x28)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION lc-ctype=es_ES.UTF-8",27) = 27 (0x1b)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION lc-messages=es_ES.UTF-8",30) = 30 (0x1e)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"GETINFO version",15) = 15 (0xf)
write(3,"\n",1) = 1 (0x1)
read(3,"D 2.2.19\n",1002) = 9 (0x9)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION allow-pinentry-notify",28) = 28 (0x1c)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION agent-awareness=2.1.0",28) = 28 (0x1c)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"SCD GETINFO version",19) = 19 (0x13)
write(3,"\n",1) = 1 (0x1)
read(3,"D 2.2.19\n",1002) = 9 (0x9)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"SCD SERIALNO",12) = 12 (0xc)
write(3,"\n",1) = 1 (0x1)
read(3,"ERR 100696144 Operation not supp"...,1002) = 54 (0x36)
fstatat(AT_FDCWD,"/usr/share/nls/es_ES.UTF-8/libc.cat",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/share/nls/libc/es_ES.UTF-8",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/local/share/nls/es_ES.UTF-8/libc.cat",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/local/share/nls/libc/es_ES.UTF-8",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
write(2,"gpg: selecting card failed: Oper"...,61) = 61 (0x3d)
write(2,"\n",1) = 1 (0x1)
On the old system the agent answers:
write(3,"SCD SERIALNO openpgp",20) = 20 (0x14)
write(3,"\n",1) = 1 (0x1)
read(3,"S SERIALNO D27600012401020100050"...,1002) = 44 (0x2c)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"LEARN --sendinfo",16) = 16 (0x10)
write(3,"\n",1) = 1 (0x1)
What could be causing this?
Thanks
matthias
--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
I'm preparing the move to a new FreeBSD version (bleeding edge CURRENT with all
ports from beginning of February).
My OpenPGP card works in the "Identiv uTrust 3512 SAM slot Token" fine on
the new setup for decrypting my passwordstore and SSH.
On the old system where GnuPG is 2.2.12, the 'gpg2 --card-status' says:
$ gpg2 --card-status
Reader ...........: 04E6:5816:55511725600891:0
Application ID ...: D27600012401020100050000532B0000
Version ..........: 2.1
Manufacturer .....: ZeitControl
Serial number ....: 0000532B
Name of cardholder: Matthias Apitz
...
But on the new system it does work correctly. Here are the details:
$ uname -a
FreeBSD c720-r357756 13.0-CURRENT FreeBSD 13.0-CURRENT #2 r357756: Tue Feb 11 18:52:09 CET 2020 guru@jet:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
$ gpg2 --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/guru/.gnupg-ccid
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$ gpg2 --card-status
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
$ gpg2 --card-edit
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
gpg/card>
A trussing (it's like Linux strace) shows the offending dialog with the
gpg-agent:
$ truss -o tr gpg2 --card-status
...
connect(3,{ AF_UNIX "/var/run/user/1001/gnupg/d.m4rfaasqebhjmgto9ddm6m7y/S.gpg-agent" },65) = 0 (0x0)
read(3,"OK Pleased to meet you",1002) = 22 (0x16)
read(3,"\n",980) = 1 (0x1)
write(3,"RESET",5) = 5 (0x5)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 34379100160 (0x801277000)
mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(12),-1,0x0) = 34379104256 (0x801278000)
write(3,"OPTION ttyname=/dev/pts/1",25) = 25 (0x19)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION ttytype=rxvt-unicode-256c"...,36) = 36 (0x24)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION display=:0",17) = 17 (0x11)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION xauthority=/home/guru/.Xa"...,40) = 40 (0x28)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION lc-ctype=es_ES.UTF-8",27) = 27 (0x1b)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"OPTION lc-messages=es_ES.UTF-8",30) = 30 (0x1e)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"GETINFO version",15) = 15 (0xf)
write(3,"\n",1) = 1 (0x1)
read(3,"D 2.2.19\n",1002) = 9 (0x9)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION allow-pinentry-notify",28) = 28 (0x1c)
write(3,"\n",1) = 1 (0x1)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"OPTION agent-awareness=2.1.0",28) = 28 (0x1c)
write(3,"\n",1) = 1 (0x1)
read(3,"OK",1002) = 2 (0x2)
read(3,"\n",1000) = 1 (0x1)
write(3,"SCD GETINFO version",19) = 19 (0x13)
write(3,"\n",1) = 1 (0x1)
read(3,"D 2.2.19\n",1002) = 9 (0x9)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"SCD SERIALNO",12) = 12 (0xc)
write(3,"\n",1) = 1 (0x1)
read(3,"ERR 100696144 Operation not supp"...,1002) = 54 (0x36)
fstatat(AT_FDCWD,"/usr/share/nls/es_ES.UTF-8/libc.cat",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/share/nls/libc/es_ES.UTF-8",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/local/share/nls/es_ES.UTF-8/libc.cat",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
fstatat(AT_FDCWD,"/usr/local/share/nls/libc/es_ES.UTF-8",0x7fffffffd570,0x0) ERR#2 'No such file or directory'
write(2,"gpg: selecting card failed: Oper"...,61) = 61 (0x3d)
write(2,"\n",1) = 1 (0x1)
On the old system the agent answers:
write(3,"SCD SERIALNO openpgp",20) = 20 (0x14)
write(3,"\n",1) = 1 (0x1)
read(3,"S SERIALNO D27600012401020100050"...,1002) = 44 (0x2c)
read(3,"OK\n",1002) = 3 (0x3)
write(3,"LEARN --sendinfo",16) = 16 (0x10)
write(3,"\n",1) = 1 (0x1)
What could be causing this?
Thanks
matthias
--
Matthias Apitz, ? guru@unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
Attached Files:
-
signature.asc (0.81 KB)