feat(yubikey): add GPG agent, pcscd, and YubiKey support

Enable gpg-agent with SSH support and pinentry-gnome3, add
yubikey-manager and pcscd service, configure GPG with hardened
preferences and scdaemon, disable gnome-keyring SSH agent, and
prepare git signing configuration.

home.nix

@@ -22,6 +22,8 @@
     minicom
     kicad
     ghostty
+    gnupg
+    pinentry-gnome3
     gnomeExtensions.blur-my-shell
     gnomeExtensions.just-perfection
     gnomeExtensions.arc-menu
@@ -114,11 +116,34 @@
       exec = "ghostty";
       exec-arg = "";
     };
+    "org/gnome/crypto/cache" = {
+      enable-ssh-agent = false;
+    };
+  };
+
+  # GPG configuration
+  programs.gpg = {
+    enable = true;
+    settings = {
+      keyserver = "hkps://keys.openpgp.org";
+      keyid-format = "0xlong";
+      with-fingerprint = true;
+      personal-cipher-preferences = "AES256 AES192 AES";
+      personal-digest-preferences = "SHA512 SHA384 SHA256";
+      personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed";
+    };
+    scdaemonSettings = {
+      disable-ccid = true;
+    };
   };
 
   # Manage your git configuration declaratively
   programs.git = {
     enable = true;
+    signing = {
+      key = null; # Will be set after GPG key generation
+      signByDefault = true;
+    };
     settings = {
       user = {
         name = "0xWheatyz";