Oh Dear, Pin Entry Broken on openPGP card!

Edward Robinson eddrobinson at gmail.com
Mon Jun 23 11:18:52 CEST 2008 

Hello all,

For some reason entering the pin to my smartcard card (for decrypting,
signing, authenticating) has broken...

$ gpg --card-status

Returns, among the usual blurb this:  PIN retry counter : 3 0 3.  I am pretty
sure that this should say 3 3 3 or 2 2 3 or 0 0 3.  basically the first and
second digit (which refer to the unlocking pin) should always be the same.  3
0 3 should not happen....

Whenever I enter my pin to decrypt something i get:

$ gpg Desktop/myTest.txt.pgp

gpg: detected reader `OmniKey CardMan 3121 00 00'

PIN (Here pin-entry-gtk2 pops up and asks me for my pin, which I enter)

gpg: verify CHV2 failed: invalid passphrase
gpg: encrypted with ELG-E key, ID 00000000
gpg: encrypted with 1024-bit RSA key, ID 987D9D66, created 2008-04-25
       "Edward Robinson <email>"
gpg: public key decryption failed: invalid passphrase
gpg: decryption failed: secret key not available


I am 100% sure I haven't forgotten the pin!!!  I am definitely putting the
correct pin in.

$ gpg --edit-card

Command> verify

PIN (pinentrygtk2 asks for the pin, I enter it and get the following:)

gpg: verify CHV2 failed: invalid passphrase

So then I try this:

$ gpg --change-pin

1 - change PIN
2 - unblock PIN
3 - change Admin PIN
Q - quit

Your selection? 2

gpg: sending command `SCD PASSWD' to agent failed: ec=6.32769
Error unblocking the PIN: general error


I have no idea how to proceed, I can't unblock the pin (that is if it is even
block CHV1 = 3 would suggest not...)

$ dpkg -l |grep  gnupg
ii  gnupg                                1.4.6-2.2                        GNU
privacy guard - a free PGP replacement
ii  gnupg-agent                          2.0.9-2                          GNU
privacy guard - password agent
ii  gnupg2                               2.0.9-2                          GNU
privacy guard - a free PGP replacement
ii  python-gnupginterface                0.3.2-9
Python interface to GnuPG (GPG)

$ dpkg -l |grep gpg
ii  gpgsm                                2.0.9-2                          GNU
privacy guard - S/MIME version
ii  gpgv                                 1.4.6-2.2                        GNU
privacy guard - signature verification t
ii  libgpg-error0                        1.4-2
library for common error values and messages
ii  libgpgme11                           1.1.6-2
GPGME - GnuPG Made Easy

$ dpkg -l |grep pinentry
ii  pinentry-curses                      0.7.5-2
curses-based PIN or pass-phrase entry dialog
ii  pinentry-gtk2                        0.7.5-2
GTK+-2-based PIN or pass-phrase entry dialog

gpg-agent.conf:
	pinentry-program /usr/bin/pinentry-gtk-2
	default-cache-ttl 10
	enable-ssh-support

gpg.conf:

	use-agent

	#default recipient is my encryption subkey
	default-recipient 0x987D9D66!
	#Hidden encryption to my 2048 subkey
	hidden-encrypt-to 0x87F568A7!
	#key to encrypt with by default
	default-key 0x3A5F0761!
	#KEY SERVER
	keyserver hkp://keyserver.ubuntu.com
	
Any ideas??


Cheers,

Edd

More information about the Gnupg-users mailing list