tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/69059-inability-to-use-smart-card-reader-pinpadGPGTools: Discussion 2018-09-20T16:22:36Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-02-23T22:42:35Z2018-02-23T22:42:36ZMacGPG: Inability to use smart card reader pinpad.<div><p>Hello,</p>
<p>I have managed to resolve this issue, but fixing it globally it requires some changes to GPG Tools.</p>
<p>The first thing I noticed is that whilst scdaemon was using the PCSC driver for my reader on macOS, scdaemon on Linux and Windows was using the internal CCID driver. My reader pinpad works with the CCID driver, but not quite with the PCSC driver in my tests (well, certainly not in macOS Sierra). Unfortunately, it seems like the scdaemon distributed with GPG Tools doesn't have CCID support (which in turn needs libusb). Then, the other issue is that the CCID driver won't work if com.apple.ifdreader is running, which runs by default on my system.</p>
<p>So, the fix was:<br>
1. Compile my own version of scdaemon with CCID support. This requires libusb.<br>
2. Ensure that com.apple.ifdreader is not running. This service can be disabled, or it can be manually stopped / killed. If the latter, reconnecting the reader restarts the service.</p>
<p>Would it be possible to include CCID support in a future GPG Tools release?</p></div>Anonymous Coward tag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-03-22T15:23:32Z2018-03-22T15:23:32ZMacGPG: Inability to use smart card reader pinpad.<div><p>Hi Anonymous Coward,</p>
<p>welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.</p>
<p>Unfortunately smart card support on macOS is pretty buggy at the moment, since gnupg doesn't use the macOS system API (which is also buggy) but its own. We have recently added ccid support to our build of GnuPG, which wasn't present in the last official release.</p>
<p>Could you please download and install our <a href="https://hotfixes.gpgtools.org/">latest hotfix GPG Suite</a> and see if that solves your problem.</p>
<p>All the best,<br>
steve</p>
<p>Disclaimer: This is a development version which has not been thoroughly tested yet - bugs or crashes are to be expected. Thanks for helping us test.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-05-08T19:24:39Z2018-05-08T19:24:41ZMacGPG: Inability to use smart card reader pinpad.<div><p>The nightly build did indeed resolve the issue, for so long as com.apple.ifdreader remains disabled. I suppose this is the best that can be done without having GPG use the macOS API.</p>
<p>Thanks!</p></div>Anonymous Cowardtag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-06-04T13:01:00Z2018-06-04T13:16:44ZMacGPG: Inability to use smart card reader pinpad.<div><p>After uninstalling 2018.1, rebooting, and installing nightly 2189n, the device's pinpad is still unusable and pinentry-mac still allows only keyboard input.</p></div>Alextag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-06-04T13:10:03Z2018-06-04T13:10:05ZMacGPG: Inability to use smart card reader pinpad.<div><p>I'm the original anonymous coward. Have you tried killing com.apple.ifdreader? You need to kill com.apple.ifdreader (after connecting your reader) and then restart gpg-agent. com.apple.ifdreader seems to prevent GPG agent from using the internal CCID driver, which in my experience is the only way to get the pinpad working.</p>
<p>I disabled com.apple.ifdreader from launching at all, which solves the manual killing issue.</p>
<p>A downside of disabling or killing com.apple.ifdreader is that you won't be able to use macOS native smartcard support (such as Keychain integration), so a long term solution would be to get GPG working without this step (possibly fixing GPG to support pinpad entry using the PCSC driver on macOS.)</p></div>Anonymous Cowardtag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-06-04T13:23:05Z2018-06-04T13:23:08ZMacGPG: Inability to use smart card reader pinpad.<div><p>Killing com.apple.ifdreader works, yes. OpenSC works fine with the native drivers in macOS High Sierra, so why is GPGTools not using them on that OS version? :/</p></div>Alextag:gpgtools.tenderapp.com,2011-11-04:Comment/447139622018-07-07T14:15:01Z2018-07-07T14:15:01ZMacGPG: Inability to use smart card reader pinpad.<div><p>Hi Alex,</p>
<p>while of course using the OpenSC or Apple's token framework might be the better option to use smart cards with OpenPGP on macOS, unfortunately that's not what GnuPG does. And it is currently out of the scope of GPG Suite to add such an implementation to GnuPG.</p></div>Luke Le