OpenPGP 2.0 and Hushmail keys
mcse83 at hotmail.com
Thu Sep 10 19:36:38 CEST 2009
This is the error I get when I try to decrypt Hushmail emails in
Thunderbird with the OpenPGP card:
Error - secret key needed to decrypt message
gpg command line and output:
gpg: detected reader `AKS ifdh 0'
gpg: detected reader `AKS ifdh 1'
gpg: detected reader `AKS VR 0'
gpg: detected reader `Aladdin Token JC 0'
gpg: detected reader `SCM Microsystems Inc. SCR3340 ExpressCard Reader 0'
gpg: fingerprint on card does not match requested one (huh, whats this
gpg: encrypted with 2048-bit RSA key, ID xxxxxxxx, created 2006-07-11
""xxxxxxxxxx at hush.com" <xxxxxxxxx at hush.com>"
gpg: encrypted with 2048-bit RSA-E key, ID xxxxxxxx, created 2009-05-27
""xxxxxxxx at hushmail.com" <xxxxxxxxxxx at hushmail.com>"
gpg: public key decryption failed: wrong secret key used
gpg: decryption failed: secret key not available
This happens after copying my Hushmail keys to the OpenPGP card...
David Shaw wrote:
> On Sep 10, 2009, at 3:36 AM, Sean Wilson wrote:
>> Does anyone know if the new OpenPGP 2.0 card supports Hushmail keys?
>>> From what I understand Hushmail is based on OpenPGP so it should work.
>> The key I have from my Hushmail account is 2048bit in length but once I
>> copy the key onto the OpenPGP 2.0 card I can't decrypt Hushmail email
>> anymore, any idea why?
> It should work fine. It sounds like a different sort of problem.
>> Also, if I generate a brand new key pair ON the OpenPGP 2.0 card, will
>> anyone be able to export or copy the private key (if the OpenPGP card is
>> NOT inserted in the reader)? Does GPG write a copy of the keys anywhere
>> else besides on the card?
> No, but there is a stub secret key that lives in the usual secret
> keyring. This isn't a true secret key (it does not contain the actual
> key data), but is the OpenPGP information (user IDs and other things),
> along with a pointer that says "the key is on smartcard XYZ".
> So if they can get ahold of your computer, someone could steal this
> stub, but there is nothing secret about it, and it won't do them any
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 5590 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gnupg-users