I am tring it get GnuPG to work with my SmartCard-HSM 4K on Windows, using the GP4Win bundle.
Kleopatra doesn't recognise the SC-HSM 4K at all, even though, it DOES recognise the YubiKey 5 NFC in BOTH PIV and Openpgp Card apps. When trying to use the GPA.exe alternative, it just freezes when I click on the "smartcards" button; not sure if it's related. Trying to debug this, using CMD: scdaemon --server serialno I get the following result: > scdaemon[xxxxx]: detected reader 'ACS ACR38U 0' scdaemon[xxxxx]: > reader slot 0: not connected scdaemon[xxxxx]: pcsc_control failed: > invalid PC/SC error code (0x1) scdaemon[xxxxx]: > pcsc_vendor_specific_init: GET_FEATURE_REQUEST failed: 65547 > scdaemon[xxxxx]: reader slot 0: active protocol: T1 scdaemon[xxxxx]: > slot 0: ATR=3bde18ff8191fe1fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > scdaemon[xxxxx]: error parsing PrKDF record: Invalid object > scdaemon[xxxxx]: no supported card application found: Invalid object S > PINCACHE_PUT 0// ERR 100696144 No such device <SCD> Below I am including my configuration files. scdaemon.conf ###+++--- GPGConf ---+++### verbose verbose verbose verbose verbose verbose verbose verbose verbose disable-ccid ###+++--- GPGConf ---+++### 09/06/y22 23:29:33 GTB Daylight Time # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. #pcsc-shared I have tried all possible combinations with `disable-ccid` and `pcsc-shared` and nothing works. gpgagent.conf ###+++--- GPGConf ---+++### enable-extended-key-format ignore-cache-for-signing no-allow-external-cache no-allow-loopback-pinentry grab pinentry-timeout 10 verbose verbose verbose verbose verbose verbose verbose verbose verbose ssh-fingerprint-digest SHA384 ###+++--- GPGConf ---+++### 18/04/y22 07:30:51 GTB Daylight Time # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. enable-putty-support enable-ssh-support use-standard-socket default-cache-ttl 600 max-cache-ttl 7200 gpgsm.conf ###+++--- GPGConf ---+++### auto-issuer-key-retrieve enable-crl-checks enable-ocsp verbose verbose verbose verbose verbose verbose verbose verbose verbose include-certs -1 cipher-algo AES256 ###+++--- GPGConf ---+++### 01/04/y22 19:10:26 GTB Daylight Time # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. I was never able to get the SC-HSM to work with GnuPG, even though it is supposedly supported. This is the current time I am trying to figure it out. This time, I haven't played with anything else than scdaemon.conf, but, as far as I can tell, the SC-HSM didn't work even with the defaults on a fresh install. The card otherwise works nicely with everything else. Any help would be greatly appreciated!
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users