gpa.exe hungs when click on "smartcards" AND scdaemon cannot recognise SC-HSM
Minas Argyrou
minasargyrou at outlook.com
Fri Jun 24 22:47:55 CEST 2022
I am tring it get GnuPG to work with my SmartCard-HSM 4K on Windows, using the
GP4Win bundle.
Kleopatra doesn't recognise the SC-HSM 4K at all, even though, it DOES
recognise the YubiKey 5 NFC in BOTH PIV and Openpgp Card apps.
When trying to use the GPA.exe alternative, it just freezes when I click on
the "smartcards" button; not sure if it's related.
Trying to debug this, using CMD:
scdaemon --server
serialno
I get the following result:
> scdaemon[xxxxx]: detected reader 'ACS ACR38U 0' scdaemon[xxxxx]:
> reader slot 0: not connected scdaemon[xxxxx]: pcsc_control failed:
> invalid PC/SC error code (0x1) scdaemon[xxxxx]:
> pcsc_vendor_specific_init: GET_FEATURE_REQUEST failed: 65547
> scdaemon[xxxxx]: reader slot 0: active protocol: T1 scdaemon[xxxxx]:
> slot 0: ATR=3bde18ff8191fe1fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> scdaemon[xxxxx]: error parsing PrKDF record: Invalid object
> scdaemon[xxxxx]: no supported card application found: Invalid object S
> PINCACHE_PUT 0// ERR 100696144 No such device <SCD>
Below I am including my configuration files.
scdaemon.conf
###+++--- GPGConf ---+++###
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
disable-ccid
###+++--- GPGConf ---+++### 09/06/y22 23:29:33 GTB Daylight Time
# GPGConf edited this configuration file.
# It will disable options before this marked block, but it will
# never change anything below these lines.
#pcsc-shared
I have tried all possible combinations with `disable-ccid` and `pcsc-shared`
and nothing works.
gpgagent.conf
###+++--- GPGConf ---+++###
enable-extended-key-format
ignore-cache-for-signing
no-allow-external-cache
no-allow-loopback-pinentry
grab
pinentry-timeout 10
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
ssh-fingerprint-digest SHA384
###+++--- GPGConf ---+++### 18/04/y22 07:30:51 GTB Daylight Time
# GPGConf edited this configuration file.
# It will disable options before this marked block, but it will
# never change anything below these lines.
enable-putty-support
enable-ssh-support
use-standard-socket
default-cache-ttl 600
max-cache-ttl 7200
gpgsm.conf
###+++--- GPGConf ---+++###
auto-issuer-key-retrieve
enable-crl-checks
enable-ocsp
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
verbose
include-certs -1
cipher-algo AES256
###+++--- GPGConf ---+++### 01/04/y22 19:10:26 GTB Daylight Time
# GPGConf edited this configuration file.
# It will disable options before this marked block, but it will
# never change anything below these lines.
I was never able to get the SC-HSM to work with GnuPG, even though it is
supposedly supported. This is the current time I am trying to figure it out.
This time, I haven't played with anything else than scdaemon.conf, but, as far
as I can tell, the SC-HSM didn't work even with the defaults on a fresh
install.
The card otherwise works nicely with everything else. Any help would be
greatly appreciated!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6027 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment-0001.bin>
More information about the Gnupg-users
mailing list