Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 605946

Summary: app-admin/pass-1.6.5 PATCH adding support for gnupg smartcard and gemalto usb shelltoken reader
Product: Gentoo Linux Reporter: Filip Bole <bolefilip>
Component: Current packagesAssignee: Jason A. Donenfeld <zx2c4>
Status: UNCONFIRMED ---    
Severity: enhancement CC: bertrand, jstein
Priority: Normal Keywords: PATCH
Version: unspecified   
Hardware: All   
OS: Linux   
Package list:
Runtime testing required: ---
Attachments: add USE smartcard
reload scdaemon after decrypting a password to clear the pin

Description Filip Bole 2017-01-17 00:30:49 UTC
When unlocking the pin of a gnu smartcard in a gemalto usb shelltoken reader, by design it stays unlocked until you power down, remove or reload scdaemon. Whil this might be practical in some use cases, it might be undesired in conjunction with app-admin/pass as entering the pin only once, you can decrypt all passwords in the store.

Reproducible: Always

Steps to Reproduce:
1.pass Category/password
2.enter pin in pinentry
Actual Results:  
the smartcard stays unlocked for decryption

Expected Results:  
By default gnupg would clear the pass phrase after a timeout. This doesn't happen with the smartcard in the gemalto usb shelltoken reader.
Comment 1 Filip Bole 2017-01-17 00:35:27 UTC
Created attachment 460404 [details, diff]
add USE smartcard
Comment 2 Filip Bole 2017-01-17 00:36:58 UTC
Created attachment 460406 [details, diff]
reload scdaemon after decrypting a password to clear the pin