From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nils Gillmann Subject: bug#31337: Unable to use gnuk usb smartcard token on GuixSD Date: Wed, 2 May 2018 05:57:07 +0000 Message-ID: <20180502055707.5c7cpbrnykso6h2h@abyayala> References: <87r2mvui1b.fsf@aikidev.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:42540) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fDlmG-000786-H3 for bug-guix@gnu.org; Wed, 02 May 2018 03:02:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fDlm6-0008Hy-Sv for bug-guix@gnu.org; Wed, 02 May 2018 03:02:12 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:38447) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fDlm6-0008Hq-P5 for bug-guix@gnu.org; Wed, 02 May 2018 03:02:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fDlm6-0006QR-D8 for bug-guix@gnu.org; Wed, 02 May 2018 03:02:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <87r2mvui1b.fsf@aikidev.net> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Vagrant Cascadian Cc: 31337@debbugs.gnu.org Vagrant Cascadian transcribed 3.3K bytes: > I've been unable to use my gnuk usb smartcard token with gnupg on > GuixSD, and it appears this is because scdaemon is built without libusb > support: > > $ gpg --card-status > gpg: selecting openpgp failed: No such device > gpg: OpenPGP card not available: No such device > > Attached is a patch that gets scdaemon working for me and a gnuk... > > Unfortunately, enabling libusb causes one of the tets to hang > indefinitely: > > PASS: tests/openpgp/decrypt-session-key.scm > Checking unwrapping the encryption. > > encsig-2-keys-3 encsig-2-keys-4 < > PASS: tests/openpgp/decrypt-unwrap-verify.scm > Checking signing with the default hash algorithm > > There should be a test-suite.log in some location in the build chroot, have you checked that? You might need to build with -K. > So far, I've only been able to get it to work by disabling the > tests... so it's obviously not a good idea to enable without further > troubleshooting. > > Another option might be to use pcsc-lite and ccid, but I had even less > luck getting that to work. > > > live well, > vagrant > > > diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm > index f397482ab..0e9e72784 100644 > --- a/gnu/packages/gnupg.scm > +++ b/gnu/packages/gnupg.scm > @@ -39,6 +39,7 @@ > #:use-module (gnu packages curl) > #:use-module (gnu packages crypto) > #:use-module (gnu packages emacs) > + #:use-module (gnu packages libusb) > #:use-module (gnu packages openldap) > #:use-module (gnu packages perl) > #:use-module (gnu packages perl-check) > @@ -232,6 +233,7 @@ compatible to GNU Pth.") > ("libgcrypt" ,libgcrypt) > ("libgpg-error" ,libgpg-error) > ("libksba" ,libksba) > + ("libusb" ,libusb) > ("npth" ,npth) > ("openldap" ,openldap) > ("pcsc-lite" ,pcsc-lite) > @@ -246,12 +248,17 @@ compatible to GNU Pth.") > "--enable-all-tests") > #:phases > (modify-phases %standard-phases > + ;; (delete 'check) > (add-before 'configure 'patch-paths > (lambda* (#:key inputs #:allow-other-keys) > (substitute* "scd/scdaemon.c" > (("\"(libpcsclite\\.so[^\"]*)\"" _ name) > (string-append "\"" (assoc-ref inputs "pcsc-lite") > "/lib/" name "\""))) > + (substitute* "configure" > + (("/usr/include/libusb-1.0") > + (string-append (assoc-ref inputs "libusb") > + "/include/libusb-1.0"))) > #t)) > (add-after 'build 'patch-scheme-tests > (lambda _