Bad signature when generating key in OpenPGP Java Card Applet
erik.nellessen at informatik.hu-berlin.de
Fri Apr 8 17:11:36 CEST 2016
By the way, as you can see here
(especially if you read "Importing keys" and "Card edit"), Yubico instructs its users to generate the keys on the PC and import them on the token. Maybe this is for the same reason?
I tried their procedure and it also works in my setting. But generating the key on the token would be the saver way and should also be possible, in my opinion.
> I just used gpg (GnuPG) 2.1.11 libgcrypt 1.6.5. The error is still the same, but the debug messages are different (actually, you do not see the data in the rsa_verify function anymore, although it still might be different). You can find a log of the whole procedure in the attachment. On the smart card side, the APDUs seem to have stayed the same.
> Kind regards,
> Werner Koch:
>> On Wed, 6 Apr 2016 17:29, erik.nellessen at informatik.hu-berlin.de said:
>>> Today's system is openSUSE 13.2 (Harlequin) (x86_64) with gpg (GnuPG)
>>> 2.0.26 libgcrypt 1.6.1. The debian system was i386, by the way.
>> Please try to use gnupg 2.1.11 - we have changed a lot of things and it
>> is easier for us to comment on this version.
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
More information about the Gnupg-devel