PART 2 - OpenPGP card - adding subkeys on PC keyring generates encrypted "pass-free" files - Part 2

dany_list at natzo.com dany_list at natzo.com
Sun Jan 9 01:36:59 CET 2005 

Using the edit-key command I tried to setup a password for this 
additional subkey 0xB8910295 (I did select it first using key 2)

I was surprised to discover that gnupg wiped out all my links (card-no : 
xxxx) to the smarcard :

sec  1024R/04B4BC74  created: 2005-01-08  expires: never          
                  
ssb  1024R/6E62C723  created: 2005-01-08  expires: never          
                   
ssb  1024R/B8910295  created: 2005-01-08  expires: never          (1)  
Card Tester <card at tester.com>

 From now I can only encrypt/decrypt using the third key (secret in the 
keyring).

So to summarize I have the following issues :
- adding a RSA1024 encrypt subkey to my keyring which contains links to 
the OpenPGP card will make any further encryption to use this new subkey 
(even if forced with -r 0x...)
- This new subkey doesn't have any passphrase associated to it so 
resulting encrypted files can be decrypted freely
- Setting up a password for this specific third subkey wipes out the 
links to the OpenPGP for the two other keys (primary and 1st sub key)

Dany



dany_list at natzo.com wrote:

> Hello,
>
> I got my OpenPGP card and played around for a while. It worked well 
> except for one case which produces a weird behavior :
>
> Conditions :
> Win2K + GPG 1.4.0, Towitoko micro 130 USB smartcard reader, OpenPGP 
> card from g10code.de
>
> I couldn't use the on-card key generation (it looks like a PC/SC 
> problem) so I generated the primary signing key (RSA 1024) as well an 
> encryption subkey (RSA 1024) on my PC. Then I used the keytocard 
> command twice to move those two keys to the card.
> Now --edit-key gives me :
> ----------------------------------
> sec  1024R/04B4BC74  created: 2005-01-08  expires: never          
>                     card-no: 0001 00000123
> ssb  1024R/6E62C723  created: 2005-01-08  expires: never          
>                     card-no: 0001 00000123
> ----------------------------------
>
> So using this configuration I can easily encrypt and decrypt stuff.
>
> --------------------------------------
> C:\GnuPG>gpg -e -r 0x6E62C723 test.txt        test.txt contains the 
> string "test me now"
>
> C:\GnuPG>gpg -d test.txt.gpg
> gpg: detected reader `SCM Microsystems Inc. CHIPDRIVE USB 
> SmartCardReader 0'
> gpg: DBG: asking for PIN 'PIN'
>
> PIN
> gpg: encrypted with 1024-bit RSA key, ID 6E62C723, created 2005-01-08
>      "Card Tester <card at tester.com>"
> test me now
> --------------------------------------
>
> If I don't insert the card and try to decrypt I get :
>
> ------------------------------------------
> C:\GnuPG>gpg -d test.txt.gpg
> gpg: detected reader `SCM Microsystems Inc. CHIPDRIVE USB 
> SmartCardReader 0'
> gpg: pcsc_connect failed: removed card (0x80100069)
> gpg: card reader not available
> gpg: encrypted with 1024-bit RSA key, ID 6E62C723, created 2005-01-08
>      "Card Tester <card at tester.com>"
> gpg: public key decryption failed: general error
> gpg: decryption failed: secret key not available
> ---------------------------------------------
>
> For your information, --list-packets reports :
>
> ------------------------------------------------
> C:\GnuPG>gpg --list-packets < test.txt.gpg
> :pubkey enc packet: version 3, algo 1, keyid 3FC9C8B76E62C723
>        data: [1023 bits]
> gpg: detected reader `SCM Microsystems Inc. CHIPDRIVE USB 
> SmartCardReader 0'
> gpg: pcsc_connect failed: removed card (0x80100069)
> gpg: card reader not available
> :encrypted data packet:
>        length: 78
>        mdc_method: 2
> gpg: encrypted with 1024-bit RSA key, ID 6E62C723, created 2005-01-08
>      "Card Tester <card at tester.com>"
> gpg: public key decryption failed: general error
> gpg: decryption failed: secret key not available
> -----------------------------------------------
>
> So now, if I just add one subkey (encrypt, RSA 1024) to my keyring 
> (without transferring anything to the card)
> ----------------------------------
> sec  1024R/04B4BC74  created: 2005-01-08  expires: never          
>                     card-no: 0001 00000123
> ssb  1024R/6E62C723  created: 2005-01-08  expires: never          
>                     card-no: 0001 00000123
> ssb  1024R/B8910295  created: 2005-01-08  expires: never          (1)  
> Card Tester <card at tester.com>
> --------------------------------------
> and encrypt the same file using the same previous recipient (the RSA 
> encrypt key from the card)
>
> --------------------------------------------
> C:\GnuPG>gpg -e -r 0x6E62C723 test.txt
>
> =====>> This is where the fun comes up, you can get the clear text 
> without entering any pin or passphrase !
>
> -------------------------------------------------
> C:\GnuPG>gpg -d test.txt.gpg
> gpg: encrypted with 1024-bit RSA key, ID B8910295, created 2005-01-08
>      "Card Tester <card at tester.com>"
> test me now                                        
> ---------------------------------------------------
>
> As you can see the message has been encrypted with the latest RSA key 
> added (off-card) even if I explicitly selected the other one 
> (0xB8910295 instead of 0x6E62C723)
>
> For information, the list-packets give :
>
> ----------------------------------------------------
> C:\GnuPG>gpg --list-packets < test.txt.gpg
> :pubkey enc packet: version 3, algo 1, keyid 00756FAAB8910295
>        data: [1024 bits]
> :encrypted data packet:
>        length: 78
>        mdc_method: 2
> gpg: encrypted with 1024-bit RSA key, ID B8910295, created 2005-01-08
>      "Card Tester <card at tester.com>"
> :compressed packet: algo=2
> :literal data packet:
>        mode b (62), created 1105224996, name="test.txt",
>        raw data: 13 bytes
> --------------------------------------------------------
>
> I tried the same thing without using any smartcard (1 primary RSA 
> (sign) and 2 subkeys (RSA encrypt)) and it asked me for the passphrase.
>
> Am I missing something here regarding the way a new subkey is added 
> with a primary signing key on the OpenPGP card ?
> Why didn't gnupg use the keyid I specified ?
>
> It was very disturbing as I was sending encrypted test messages to 
> myself and was surprised to discover that I could decrypt them without 
> having the card inserted (or entering any passphrase).
>
> Sorry for this long (first) post. I hope someone will help me 
> understanding this phenomena. I'm trying to write a quick tutorial on 
> how to use easily those cards with GnuPG and also Enigmail for 
> Thunderbird so proper warnings should be issued to explain the 
> limitations.
>
> Thanks
> Dany
>
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel

More information about the Gnupg-devel mailing list