https://bugzilla.novell.com/show_bug.cgi?id=863294 https://bugzilla.novell.com/show_bug.cgi?id=863294#c0 Summary: Smartcartsupport with opensc and gpg seems broken in 13.1. Complains about not being able to do the "connect call to IPC" Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: x86-64 OS/Version: openSUSE 13.1 Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: stakanov@freenet.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0 The crypto-stick (https://www.crypto-stick.com/) is a opensmartcard, openhardware based solution to store gpg keys (ver. 1 and 1.2 and soon also other autentication-means (v.1.4). The version 1.2 worked out of the box with 12.3. Now in 13.1 it seems to be broken. The card is seen but neither gpg nor gpa nor kleopatra can access the card. The error reported in terminal is: sudo gpg --card-status gpg-agent[12366]: can't connect to the SCdaemon: Chiamata "connect" IPC non riuscita gpg: OpenPGP card not available: Nessun demone per la SmartCard. This seems to me a permission problem (I googled about this error but got no specific result). Reproducible: Always Steps to Reproduce: 1.enter the card in the usb-slot 2.card lights up and is reconginzed as Bus 001 Device 003: ID 20a0:4107 Clay Logic 3.card is not accessible by any program giving the above error about IPC connect call failed Actual Results: apparently you have no functionality anymore with usb-opensc hardwarebased cards under 13.1? Expected Results: The card should be recognized out of the box (this is actually a regression with respect to 12.3). It should be accessible with kleopatra, gpa and gpg by using opensc and or pcsc-lite. pcsc_scan PC/SC device scanner V 1.4.22 (c) 2001-2011, Ludovic Rousseau <ludovic.rousseau@free.fr> Compiled with PC/SC lite version: 1.8.10 Using reader plug'n play mechanism Scanning present readers... 0: German Privacy Foundation Crypto Stick v1.2 00 00 Mon Feb 3 16:31:17 2014 Reader 0: German Privacy Foundation Crypto Stick v1.2 00 00 Card state: Card inserted, ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C defined(@array) is deprecated at /usr/lib/perl5/vendor_perl/5.18.1/x86_64-linux-thread-multi/Chipcard/PCSC.pm line 69. (Maybe you should just omit the defined()?) ATR: 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C + TS = 3B --> Direct Convention + T0 = DA, Y(1): 1101, K: 10 (historical bytes) TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU 129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/s TC(1) = FF --> Extra guard time: 255 (special value) TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1 ----- TD(2) = B1 --> Y(i+1) = 1011, Protocol T = 1 ----- TA(3) = FE --> IFSC: 254 TB(3) = 75 --> Block Waiting Integer: 7 - Character Waiting Integer: 5 TD(3) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following ----- TA(4) = 03 --> Clock stop: not supported - Class accepted by the card: (3G) A 5V B 3V + Historical bytes: 00 31 C5 73 C0 01 40 00 90 00 Category indicator byte: 00 (compact TLV data object) Tag: 3, len: 1 (card service data byte) Card service data byte: C5 - Application selection: by full DF name - Application selection: by partial DF name - EF.DIR and EF.ATR access services: by GET DATA command - Card without MF Tag: 7, len: 3 (card capabilities) Selection methods: C0 - DF selection by full DF name - DF selection by partial DF name Data coding byte: 01 - Behaviour of write functions: one-time write - Value 'FF' for the first byte of BER-TLV tag fields: invalid - Data unit in quartets: 2 Command chaining, length fields and logical channels: 40 - Extended Lc and Le fields - Logical channel number assignment: No logical channel - Maximum number of logical channels: 1 Mandatory status indicator (3 last bytes) LCS (life card cycle): 00 (No information given) SW: 9000 (Normal processing.) + TCK = 0C (correct checksum) Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): 3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C GnuPG card V2 so the card is visible but it seems not usable: With opensc-tool: opensc-tool --atr Using reader with a card: German Privacy Foundation Crypto Stick v1.2 00 00 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:c5:73:c0:01:40:00:90:00:0c We all know that privacy doesn't matter, gpg keys are never stolen and that system.d does not open all possible ports to everybody listening. At least this one should work for security reasons. I would suppose this applies also to other opensc based solutions. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.