Problems generating keys on OpenPGP SmartCard V2

Helmut gnupg at westhaeuser.de
Thu Nov 19 14:42:10 CET 2009 

Hi there,
I'm new to the list and actually trying to get my Smartcard working  
for encryption, using the Shell Token V2 from gemalto.

If I try to generate a key or to change the password of the card, I  
get errors (see debug below).

I bought a OpenPGP SmartCard V2 from kernel concepts and have a card  
reader from gemalto (should be the "USB Shell Token V2", showed as  
`Gemplus USB Key Smart Card Reader 0'). I tried on Ubuntu 9.10,  
Windows XP and Windows 2000, everytime with the latest GnuPg Version.  
I also tried an ORGA USB Card Reader Eco 5000 (shown as "OMNIKEY  
CardMan 3x21 0") and a PCMCIA Smartcardreader from chipdrive (shown as  
`SCM Microsystems Inc. SCR24x PCMCIA Smart Card Reader 0'). I get  
alway the same error.

The following log was produced on W2k on two different computers,  
GnuPg Version 1.4.9 and latest Driver versions for the different  
readers:

--------------------------------------------------------------------------------------------
Application ID ...: XXX....XXX
Version ..........: 2.0
Manufacturer .....: unknown
Serial number ....: 00000085
Name of cardholder: Helmut Westhaeuser
Language prefs ...: de
Sex ..............: männlich
URL of public key : [nicht gesetzt]
Login data .......: [nicht gesetzt]
Signature PIN ....: zwingend
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

Befehl> generate
gpg: DBG: send apdu: c=00 i=CA p0=00 p1=C4 lc=-1 le=256
gpg: DBG:   PCSC_data: 00 CA 00 C4 00
gpg: DBG:  response: sw=9000  datalen=7
gpg: DBG:       dump:  00 20 20 20 03 00 03
Sicherung des Verschlüsselungsschlüssel außerhalb der Karte erstellen? (J/n)
gpg: DBG: send apdu: c=00 i=DA p0=00 p1=C4 lc=1 le=-1
gpg: DBG:   PCSC_data: 00 DA 00 C4 01 01
gpg: DBG:  response: sw=9000  datalen=0
gpg: DBG:      dump:
Bitte wählen Sie, wie lange der Schlüssel gültig bleiben soll.
          0 = Schlüssel verfällt nie
       <n>  = Schlüssel verfällt nach n Tagen
       <n>w = Schlüssel verfällt nach n Wochen
       <n>m = Schlüssel verfällt nach n Monaten
       <n>y = Schlüssel verfällt nach n Jahren
Wie lange bleibt der Schlüssel gültig? (0) 0
Schlüssel verfällt nie
Ist dies richtig? (j/N) j

Sie benötigen eine User-ID, um Ihren Schlüssel eindeutig zu machen; das
Programm baut diese User-ID aus Ihrem echten Namen, einem Kommentar und
Ihrer Email-Adresse in dieser Form auf:
     "Heinrich Heine (Der Dichter) <heinrichh at duesseldorf.de>"

Ihr Name ("Vorname Nachname"): Test5
Email-Adresse: test at test.de
Kommentar:
Sie haben diese User-ID gewählt:
     "Test5 <test at test.de>"

Ändern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(B)eenden? f
gpg: DBG: send apdu: c=00 i=CA p0=00 p1=6E lc=-1 le=256
gpg: DBG:   PCSC_data: 00 CA 00 6E 00
gpg: DBG:  response: sw=9000  datalen=217
gpg: DBG:       dump:  4F 10 D2 76 00 01 24 01 02 00 00 05 00 00 00 85  
00 00 5F
52 0A 00 31 C5 73 C0 01 40 05 90 00 73 81 B7 C0 0A 7C 00 08 00 08 00  
08 00 08 00
  C1 06 01 08 00 00 20 00 C2 06 01 08 00 00 20 00 C3 06 01 08 00 00 20  
00 C4 07 0
1 20 20 20 03 00 03 C5 3C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
00 00 00 00
  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6 3C 00 00 00 00 00 00  
00 00 00 0
0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
00 CD 0C 00
  00 00 00 00 00 00 00 00 00 00 00
gpg: neue Schlüssel werden erzeugt
gpg: Bitte warten, der Schlüssel wird erzeugt ...
gpg: DBG: send apdu: c=00 i=47 p0=80 p1=00 lc=2 le=256
gpg: DBG:   PCSC_data: 00 47 80 00 02 B6 00 00
gpg: DBG:  response: sw=6700  datalen=0
gpg: Schlüsselerzeugung fehlgeschlagen
gpg: key generation failed: Allgemeiner Fehler
Schlüsselerzeugung fehlgeschlagen: Allgemeiner Fehler
gpg: DBG: send apdu: c=00 i=DA p0=00 p1=C4 lc=1 le=-1
gpg: DBG:   PCSC_data: 00 DA 00 C4 01 00
gpg: DBG:  response: sw=9000  datalen=0
gpg: DBG:      dump:

Befehl>


gpg --version
gpg (GnuPG) 1.4.9
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: D:/hwe/GnuPG
Unterstützte Verfahren:
Öff.Schlüssel: RSA, RSA-E, RSA-S, ELG-E, DSA
Verschlü.: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2


gpg --change-pin
gpg: detected reader `OMNIKEY CardMan 3x21 0'
gpg: OpenPGP Karte Nr. XXXXXXXXXX....XXXXXXXX erkannt

1 - change PIN
2 - unblock PIN
3 - change Admin PIN
Q - quit

Ihre Auswahl? 1

PIN

Neue PIN

Neue PIN
Error changing the PIN: Ungültiges Argument (Argument not valid)

1 - change PIN
2 - unblock PIN
3 - change Admin PIN
Q - quit

Ihre Auswahl? q
--------------------------------------------------------------------------------------------


Help would be great, I didn't find anything in the web.

Thanx
helmut

More information about the Gnupg-users mailing list