Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 5:56 pm

View unanswered posts | View active topics


Board index » Yubikey » Yubikey NEO

All times are UTC + 1 hour




Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Print view Previous topic | Next topic 
Author Message
tequir00t
PostPosted: Mon Dec 21, 2015 11:30 am 
Offline

Joined: Mon Dec 21, 2015 9:59 am
Posts: 2
Hello!

I've got some strange problems with my new shiny Yubikey 4. gpg doesn't detect it:

Code:
gpg --debug-level guru --card-status
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing cardio ipc clock lookup extprog
gpg: DBG: [not enabled in the source] start
gpg: DBG: chan_3 <- OK Pleased to meet you, process 19168
gpg: DBG: connection to agent established
gpg: DBG: chan_3 -> RESET
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttyname=/dev/pts/9
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttytype=xterm-256color
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION display=:0
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION xauthority=/home/daniel/.Xauthority
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-ctype=en_US.utf8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-messages=en_US.utf8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION allow-pinentry-notify
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION agent-awareness=2.1.0
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> AGENT_ID
gpg: DBG: chan_3 <- ERR 67109139 Unknown IPC command <GPG Agent>
gpg: DBG: chan_3 -> SCD SERIALNO openpgp
gpg: DBG: chan_3 <- ERR 100663356 Not supported <SCD>
gpg: OpenPGP card not available: Not supported
gpg: DBG: [not enabled in the source] stop
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: secmem usage: 0/32768 bytes in 0 blocks


This looks like the OpenPGP applet was not installed.
lsusb -v output:

Code:
Bus 001 Device 015: ID 1050:0405 Yubico.com
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            0
  bDeviceSubClass         0
  bDeviceProtocol         0
  bMaxPacketSize0        64
  idVendor           0x1050 Yubico.com
  idProduct          0x0405
  bcdDevice            4.1a
  iManufacturer           1 Yubico
  iProduct                2 Yubikey 4 OTP+CCID
  iSerial                 0
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength          118
    bNumInterfaces          2
    bConfigurationValue     1
    iConfiguration          0
    bmAttributes         0x80
      (Bus Powered)
    MaxPower               30mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         3 Human Interface Device
      bInterfaceSubClass      1 Boot Interface Subclass
      bInterfaceProtocol      1 Keyboard
      iInterface              0
        HID Device Descriptor:
          bLength                 9
          bDescriptorType        33
          bcdHID               1.10
          bCountryCode            0 Not supported
          bNumDescriptors         1
          bDescriptorType        34 Report
          wDescriptorLength      71
         Report Descriptors:
           ** UNAVAILABLE **
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0008  1x 8 bytes
        bInterval              10
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        1
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass        11 Chip/SmartCard
      bInterfaceSubClass      0
      bInterfaceProtocol      0
      iInterface              0
      ChipCard Interface Descriptor:
        bLength                54
        bDescriptorType        33
        bcdCCID              1.00
        nMaxSlotIndex           0
        bVoltageSupport         7  5.0V 3.0V 1.8V
        dwProtocols             2  T=1
        dwDefaultClock       4000
        dwMaxiumumClock      4000
        bNumClockSupported      0
        dwDataRate         307200 bps
        dwMaxDataRate      307200 bps
        bNumDataRatesSupp.      0
        dwMaxIFSD            1190
        dwSyncProtocols  00000000
        dwMechanical     00000000
        dwFeatures       000400FE
          Auto configuration based on ATR
          Auto activation on insert
          Auto voltage selection
          Auto clock change
          Auto baud rate change
          Auto parameter negotation made by CCID
          Short and extended APDU level exchange
        dwMaxCCIDMsgLen      1200
        bClassGetResponse    echo
        bClassEnvelope       echo
        wlcdLayout           none
        bPINSupport             0
        bMaxCCIDBusySlots       1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x02  EP 2 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x83  EP 3 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0008  1x 8 bytes
        bInterval              32
can't get device qualifier: Resource temporarily unavailable
can't get debug descriptor: Resource temporarily unavailable
Device Status:     0x0000
  (Bus Powered)


So OTP and CCID is enabled, this shouldn't be the problem. When I try to install the OpenPGP applet according to this guide: http://forum.yubico.com/viewtopic.php?f=26&t=1344, I get the following error:

Code:
mode_211
enable_trace
establish_context
card_connect
select -AID a000000003000000
Command --> 00A4040008A000000003000000
Wrapped command --> 00A4040008A000000003000000
Response <-- 6A82
select_application() returns 0x80216A82 (6A82: The application to be selected could not be found.)


Any help is appreciated. I'm happy to provide more information if required.
Top
 Profile  
Reply with quote  

Share On:
Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

mouse008
PostPosted: Mon Jan 04, 2016 4:32 am 
Offline

Joined: Sun Nov 15, 2015 11:47 pm
Posts: 36
I suspect that something else on your machine opens/connects-to the card first, and then gpg refuses to connect to it because it considers it "busy". Reason - GnuPG stupidly (and by design) enforces the requirement that only one application can access the card.
Top
 Profile  
Reply with quote  
plad0n
PostPosted: Sat Mar 05, 2016 11:49 pm 
Offline

Joined: Sat Mar 05, 2016 11:45 pm
Posts: 1
I have the very same problem and i can tell that under windows as well as under linux (where i'm pretty sure nothing else accesses the card) the gpshell responses by the error described above. help would be appreciated.

Edit:
2016-03.05 23:49
to be correct, under linux the error message is one else:
Code:
$ gpshell gpinstall.txt
mode_211
enable_trace
establish_context
card_connect
list_readers failed with error 0x8010002E (Cannot find a smart card reader.)


2016-03.05 00:29
Now i found out that for linux by executing the script https://raw.githubusercontent.com/Yubic ... -ccid-udev the error message has changed to the exact same message as under windows.
Code:
$ gpshell gpinstall.txt
mode_211
enable_trace
establish_context
card_connect -readerNumber 1
select -AID a000000003000000
Command --> 00A4040008A000000003000000
Wrapped command --> 00A4040008A000000003000000
Response <-- 6A82
select_application() returns 0x80216A82 (6A82: The application to be selected could not be found.)


regards,
plad0n
Top
 Profile  
Reply with quote  
SirJ
PostPosted: Fri Jun 03, 2016 9:28 pm 
Offline

Joined: Wed Apr 24, 2013 2:13 pm
Posts: 9
What I've found on my Windows 10 PC is that Yubikey NEO Manager 1.4 shows an entry YubiKey NEO under Devices for every card reader I have in the system. When programming your NEO via GPShell the wrong reader gets selected and you get that error when reader can not respond to command select -AID a000000003000000 that calls Card Manage app. Probably because there is no app like that and you see it in the error.

I've called certutil -scinfo command in Windows to get information about card readers available in the system. It turned out that my Virtual Smartcard was one of them. That was easy as it sits in appropriate branch of Device Manager - under Smart Card Readers. Disabled it. Hard to find was another reader. A software reader. You will see it as a GUID in the certutil output. In Device Manager you have to select View -> Show hidden devices to see Software Devices branch. Then find that GUID and disable it too.

gpshell works fine after that.

good luck
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Board index » Yubikey » Yubikey NEO

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 10 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group