smartcard stub not imported when migrating to gnupg 2.1

Alphazo alphazo at
Wed Jul 10 15:07:06 CEST 2013

Hi Werner,

Thanks for coming back to me. I'm glad that it helped to highlight an issue.

That being said, workaround doesn't seem to work.

After issuing   gpg-connect-agent learn /bye I got:
gpg-connect-agent learn /bye
S PROGRESS learncard k 0 0
S PROGRESS learncard k 0 0

Then gpg2 -K correctly showed the stub:
sec#  4096R/C23D45E6 2010-11-07
uid                  Test Key <test at>
ssb   3072R/4BC5DE67 2010-11-07 [expire : 2014-11-03]
ssb   3072R/A45B67C8 2010-11-07 [expire : 2014-11-03]

Then I tried to decrypt a file encrypted with the 0xA45B67C8 key. I got
prompted for the PIN that I correctly entered but file refused to decrypt:
gpg: encrypted with 3072-bit RSA key, ID A45B67C8, created 2010-11-07
      "Test Key" <test at>"
gpg: public key decryption failed: Wrong secret key used
gpg: decryption failed: No secret key


On Wed, Jul 10, 2013 at 1:39 PM, Werner Koch <wk at> wrote:

> Hi,
> here is a simple workaround:
> Insert the card and run
>   gpg-connect-agent learn /bye
> this creates the stub (here called a shadowed-private-key).  After that
> a "gpg2 -K" should indicate that the decryption is actually available.
> Shalom-Salam,
>    Werner
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130710/6a46153f/attachment.html>

More information about the Gnupg-devel mailing list