[Gnuk-users] Gnuk 1.2.7 / Chopstx 1.6
NIIBE Yutaka
gniibe at fsij.org
Thu Nov 30 09:55:47 UTC 2017
NIIBE Yutaka <gniibe at fsij.org> wrote:
> But, just after the release, I found that a bug of Gnuk for admin-less
> mode. So, I plan to have another release soon.
All releases of Gnuk 1.2.x is affected.
I assumed the following scenario, with two different sessions.
A: KEYTOCARD session on secure machine
(1) Make a temporal directory
(2) Import my backup key a temporal directory
(3) gpg --edit-key and "keytocard" by admin
(4) finish the session: kill gpg-agent and scdaemon,
and remove the directory
B: Changing passphrase on usual machine
(1) Run gpg --card-edit and "passwd" by user
This way, it goes well.
However, I found that if a user keeps the session A and B with same
scdaemon running (same GNUPGHOME) on same computer, it may go wrong. I
haven't yet investigated fully and I don't know all impact of how it can
go wrong.
The partial fix on Gnuk side in the commit:
c81544fffd2f89cb3cf1b791fe7adf21c75200ad
We need to fix GnuPG side as well, for this problem, to synchronize
authentication status.
More fixes are expected to Gnuk side, too.
--
More information about the gnuk-users
mailing list