Problems with GPG, a Cardman4000 and the FSFE card

Alessandro Bottoni alessandro.bottoni at infinito.it
Mon Dec 17 18:27:56 CET 2007


Hi Guys,
I'm trying to use this stuff:

Card Reader: PCMCIA CardMan4000
Smartcard: FSFE (OpenGPG) Card
Distro: Linux Mint 3.0 (something like Kubuntu 7.04)
GPG 1.4.6 (and GPG2 2.0.3, as an alternative)
OpenSC 0.11.1.3 (ubuntu)
PCSCD 1.3.3.1 (ubuntu)
PCSC-Lite 1.3.3.1 (ubuntu)

All this stuff works fine with Windows XP (winscard.dll).
On Linux, the card is reacheable from opensc-tool, openct-tool and from
the PKCS#11 part of Mozilla Thunderbird (that is:
edit/options/security/devices...).

But:
There is no way to see the card from GPG 1.4 or GPG 2.0.3.
There is no way to see it from the Enigmail part of Mozilla Thunderbird
(that is: the OpenGPG menu).

I just keep on getting this message:
$ gpg --card-status
winscard_clnt.c:3349:SCardCheckDaemonAvailability() PCSC Not Running
gpg: pcsc_establish_context failed: no service (0x8010001d)
gpg: reader not available
gpg: OpenPGP card not available

Thunderbird/Enigmail says: "Your card reader is not accessible".

So, it looks like my reader is not visible but... that is not true! The
CardMan4000 is visible from PCSC (that should be used by GPG, behind the
scene). Even the card is visible from PCSC (and PCSCD is obviously
running...).

Here the output of a few diagnostic programs:
$ openct-tool list
  0 OMNIKEY CardMan 4000
$ opensc-tool -l
winscard_clnt.c:3349:SCardCheckDaemonAvailability() PCSC Not Running
Readers known about:
Nr.    Driver     Name
0      openct     OMNIKEY CardMan 4000
1      openct     OpenCT reader (detached)
2      openct     OpenCT reader (detached)
3      openct     OpenCT reader (detached)
4      openct     OpenCT reader (detached)
$ opensc-tool -n
winscard_clnt.c:3349:SCardCheckDaemonAvailability() PCSC Not Running
OpenPGP
$ opensc-tool -a
winscard_clnt.c:3349:SCardCheckDaemonAvailability() PCSC Not Running
3b:fa:13:00:ff:81:31:80:45:00:31:c1:73:c0:01:00:00:90:00:b1
$ opensc-tool --serial
winscard_clnt.c:3349:SCardCheckDaemonAvailability() PCSC Not Running
sc_card_ctl(*, SC_CARDCTL_GET_SERIALNR, *) failed

Thunderbird is able to access the card from within its PKCS#11 internal
support and lists the FSFE card, as expected, amongst the others
security devices in its "preferences/security/devices" page.

(I tried both GPG1.4 and GPG2, with and without the "--disable-ccid"
option, and it does not make any difference.)

Is anybody able to understand why this card is not visible/usable from
GPG and GPG2 while it is still visible from PCSC?

Many thanks in advance
-- 

Alessandro Bottoni
Website: http://www.alessandrobottoni.it/

"Don't ask what Linux can do for you, ask what you can do for Linux"
     -- Greg Klebus



More information about the Gnupg-users mailing list