gpg-agent ssh access with OpenPGP card V1.1.

Sat Jul 7 10:44:47 CEST 2018

I'm experimenting a problem using the gpg-agent of
the last available version of gnupg, gnupg-2.2.8,
under a Gentoo system.

I'm using an "aged" OpenPGP card, V1.1:

Version ..........: 1.1
Manufacturer .....: PPC Card Systems
Serial number ....: 00001045

to authenticate my ssh access, without problems,
from about ten years.

With gnupg-2.2.8 something seems to be wrong,
the authentication against new versions of the sshd daemon
(version SSH-2.0-OpenSSH_7.5p1) fails while
gpg-agent log show the error:

gpg-agent[9939] DBG: chan_11 <- ERR 100663427 Conditions of use not satisfied <SCD>
gpg-agent[9939] smartcard signing failed: Conditions of use not satisfied
gpg-agent[9939] ssh sign request failed: Conditions of use not satisfied <SCD>

Instead authentication with older versions (SSH-2.0-OpenSSH_5.3) seem
to work correctly.

I know very few things about ciphering and the gnupg
implementation, but, because gnupg-2.2.4 works correctly
in this setup, I tried some naive debugging to trace
the origin of the problem.

Comparing 2.2.8 against 2.2.4, I've found is a small patch of 
"agent/command-ssh.c" which seems to let gpg-agent(2.2.8) to work with
my OpenPGP card, a small fragment of code I'm attaching
to this message as "sign.patch".

I'm pretty sure this is just the "surface" of the problem,
as, from my tests, the call

"stream_read_uint32 (request, &flags);"

returns 0x04 into the "flags" variables, which, reading the
code, I think is SSH_AGENT_RSA_SHA2_512, which "match" with
the "request" the sshd is sending to my ssh client (same
version OpenSSH_7.5p1):

  Server accepts key: pkalg rsa-sha2-512 blen 151

The OpenPGP card V1.1 only accepts:

SHA1, SHA256, RIPEMD160

and it looks to my naive eyes the "agent/command-ssh.c"
code is "forcing", when it receive "flags==0x04":

   spec.hash_algo = GCRY_MD_SHA512;

while my OpenPGP card seems to work only with:

   hash_algo = GCRY_MD_SHA1;

the "default".

My patch is just a way to debug the problem, I'm coming
to the list to ask advices about the correct way to
fix this problem.

Regards, G. Vitillaro.









-------------- next part --------------

--- a/agent/command-ssh.c	2018-04-10 07:56:52.000000000 +0200
+++ b/agent/command-ssh.c	2018-07-06 18:49:38.979118383 +0200
@@ -2890,31 +2890,6 @@
     err = stream_read_uint32 (request, &flags);
     if (err)
       goto out;
-
-    if (spec.algo == GCRY_PK_RSA)
-      {
-        if ((flags & SSH_AGENT_RSA_SHA2_512))
-          {
-            flags &= ~SSH_AGENT_RSA_SHA2_512;
-            spec.ssh_identifier = "rsa-sha2-512";
-            spec.hash_algo = GCRY_MD_SHA512;
-          }
-        if ((flags & SSH_AGENT_RSA_SHA2_256))
-          {
-            /* Note: We prefer SHA256 over SHA512.  */
-            flags &= ~SSH_AGENT_RSA_SHA2_256;
-            spec.ssh_identifier = "rsa-sha2-256";
-            spec.hash_algo = GCRY_MD_SHA256;
-          }
-      }
-
-    /* Some flag is present that we do not know about.  Note that
-     * processed or known flags have been cleared at this point.  */
-    if (flags)
-      {
-        err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
-        goto out;
-      }
   }
 
   hash_algo = spec.hash_algo;
