Quantcast

Re: Card fails to decrypt using 4096-bit key

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Card fails to decrypt using 4096-bit key

Yves-Alexis Perez
[sorry, I'm replying from an old mail and as I'm not subscribed I can't
reply with the full text and correct headers]


> However, whenever I try to decrypt a document encrypted to the
> 4096 bit encryption key on the card, the decryption process fails to
> even begin, with an error like the following:
>
> Version: GnuPG v2.0.19 (Darwin)
> gpg: armor header:
> gpg: public key is 0xA9D4A64F1FADF7D2
> gpg: using subkey 0xA9D4A64F1FADF7D2 instead of primary key
> 0x24620B795999A6DB
> gpg: using subkey 0xA9D4A64F1FADF7D2 instead of primary key
> 0x24620B795999A6DB
> gpg: encrypted with 4096 bit RSA key, ID 0xA9D4A64F1FADF7D2, created
> 2012-05-16
>      "Kevin Kammer <kevin [at] hansaeditions.net>"
> gpg: public key decryption failed: General error
> gpg: decryption failed: No secret key
>
Yes, I can confirm this. I have a recently bought OpenPGPv2 smartcard.
Signing using a 4096R key works just fine, but decryption using an 4096R
encryption key doesn't, with the same error. This is using GnuPG v2.0.19
on Debian sid, with pcscd 1.8.6 (in case that matters).

I don't know if the issue is in GnuPG (wether gpg, gpg-agent or
scdaemon) or in the smartcard, but I can do some debugging if needed.

Please CC: me on replies, I'm not subscribed to the list.
--
Yves-Alexis


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Card fails to decrypt using 4096-bit key

Werner Koch
On Wed, 31 Oct 2012 16:17, [hidden email] said:

> Signing using a 4096R key works just fine, but decryption using an 4096R
> encryption key doesn't, with the same error. This is using GnuPG v2.0.19
> on Debian sid, with pcscd 1.8.6 (in case that matters).

I fixed this yesterday for 2.0 and master.  The log file will now also
show a note if you try to decrypt using a key > 2048 with one of the
non-working cards.


Shalom-Salam,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Loading...