Bug 605946

Summary:	app-admin/pass-1.6.5 PATCH adding support for gnupg smartcard and gemalto usb shelltoken reader
Product:	Gentoo Linux	Reporter:	Filip Bole <bolefilip>
Component:	Current packages	Assignee:	Jason A. Donenfeld <zx2c4>
Status:	UNCONFIRMED ---
Severity:	enhancement	CC:	bertrand, jstein
Priority:	Normal	Keywords:	PATCH
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	add USE smartcard reload scdaemon after decrypting a password to clear the pin

Description Filip Bole 2017-01-17 00:30:49 UTC

When unlocking the pin of a gnu smartcard in a gemalto usb shelltoken reader, by design it stays unlocked until you power down, remove or reload scdaemon. Whil this might be practical in some use cases, it might be undesired in conjunction with app-admin/pass as entering the pin only once, you can decrypt all passwords in the store.

Reproducible: Always

Steps to Reproduce:
1.pass Category/password
2.enter pin in pinentry
Actual Results:  
the smartcard stays unlocked for decryption

Expected Results:  
By default gnupg would clear the pass phrase after a timeout. This doesn't happen with the smartcard in the gemalto usb shelltoken reader.

Comment 1 Filip Bole 2017-01-17 00:35:27 UTC

Created attachment 460404 [details, diff]
add USE smartcard

Comment 2 Filip Bole 2017-01-17 00:36:58 UTC

Created attachment 460406 [details, diff]
reload scdaemon after decrypting a password to clear the pin