GnuPG Smartcard and Authentication Key

Volker Dormeyer volker at
Fri Jun 2 23:13:10 CEST 2006

 * On Sun, 28 May 2006 23:12:34 +0200,
 * Volker Dormeyer <volker at> wrote:

 * On Sun, 28 May 2006 16:30:55 -0400,
 * David Shaw <dshaw at> wrote:

 > On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote:
 >> Hello all,
 >> recently I received a message which is encrypted with my public
 >> authentication key instead of my encryption key.
 >> I wonder how this can happen, because I thought GnuPG does not use the
 >> authentication key as encryption key. Am I wrong?
 >> Further, I am not able to decrypt the message. I tried it manually with
 >> "--try-all-secrets", but it doesn't seem to work. Basically it should
 >> work. I mean, I have the authentication private key.

 > This is unfortunately turning into a FAQ.  Basically, you've run into
 > an old PGP bug.  It was recently fixed (I don't recall exactly in what
 > version), but there are countless installations of PGP that predate
 > the fix.

 > This is what I read in the gnupg-users archive before I send the
 > question. I have to admit, I do not understand exactly, because I know
 > that the user who sent me the message is using GnuPG. It shows

 > -----BEGIN PGP MESSAGE-----
 > Version: GnuPG v1.2.5 (GNU/Linux)

Just thought a bit about it...

Is it possible, that GnuPG prior to version 1.4 was not able to
interpret those "key flags"? I didn't use an authentication with
versions prior to 1.4 for myself.

 > in the ASCII armored cipher text.

 > OpenPGP keys have "key flags" that indicate what a key is to be used
 > for (encryption, signing, or authentication).  GnuPG honors these
 > flags and will not encrypt to any key that isn't marked for
 > encryption.  The bug is that PGP is not properly looking at the key
 > and will happily encrypt to a signing or authentication key.

 > I am aware of the different "key flags". This was the reason why I
 > wondered how this could be happen.

 > As to what you can do about it, your best bet is to contact the sender
 > and ask for a retransmission encrypted to the proper key.  It might be
 > possible to write a program that can essentially trick the smartcard
 > into decrypting the message by pretending it is a signature that needs
 > to be verified but it depends on how exactly the card handles
 > signatures.  In any event, no such program exists today.


 Volker Dormeyer                                  <volker at>
 Join the Fellowship and protect your Freedom!    (

More information about the Gnupg-users mailing list