OpenPGP Card "CHV* failed: general error"
Mike Cardwell
gnupg at lists.grepular.com
Tue Aug 9 22:31:01 CEST 2011
Hi,
My OpenPGP Card (v2) has been working fine for a couple of days now, but
it has stopped tonight.
Simply trying to sign some text gives the following error:
========================================================================
mike at Fuzzbutt:~$ date|gpg --clearsign
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tue Aug 9 21:19:53 BST 2011
gpg: detected reader `Lenovo Integrated Smart Card Reader 00 00'
gpg: signatures created so far: 32
Please enter the PIN
[sigs done: 32]
gpg: verify CHV1 failed: general error
gpg: signing failed: general error
gpg: [stdin]: clearsign failed: general error
mike at Fuzzbutt:~$
========================================================================
The output of "gpg --card-status" is:
========================================================================
mike at Fuzzbutt:~$ gpg --card-status
gpg: detected reader `Lenovo Integrated Smart Card Reader 00 00'
Application ID ...: D276000124010200000500000D580000
Version ..........: 2.0
Manufacturer .....: ZeitControl
Serial number ....: 00000D58
Name of cardholder: Mike Cardwell
Language prefs ...: en
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: forced
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 32
Signature key ....: 9845 7968 9D81 214F 1171 CDA2 9D26 2301 C1D1 E704
created ....: 2011-07-22 12:24:32
Encryption key....: 5ACB CDDD 3FE6 C24D 0FDB C157 FA37 2B88 0711 5CE9
created ....: 2011-07-22 12:25:33
Authentication key: DF22 F678 083E 1025 5750 A4A0 124D 48BF 4D72 5086
created ....: 2011-08-09 15:04:19
General key info..: pub 2048R/C1D1E704 2011-07-22 Mike Cardwell
<mike.cardwell at grepular.com>
sec# 4096R/0018461F created: 2010-11-02 expires: 2015-11-01
ssb 4096R/01DE408F created: 2010-11-02 expires: 2015-11-01
ssb> 2048R/C1D1E704 created: 2011-07-22 expires: 2012-07-21
card-no: 0005 00000D58
ssb> 2048R/07115CE9 created: 2011-07-22 expires: 2012-07-21
card-no: 0005 00000D58
mike at Fuzzbutt:~$
========================================================================
If I try to run any admin commands like "passwd" after doing a gpg
--card-edit, I get the same sort of error, eg:
gpg: verify CHV2 failed: general error
The only thing that I can think I've changed is that I added an
authentication subkey earlier. Previously, I was just using encryption
and signing subkeys. I'm sure it worked for at least a little while
after that though...
Any ideas what it could be? Here is some more info which might be useful:
========================================================================
mike at Fuzzbutt:~$ gpg --version|head -1
gpg (GnuPG) 1.4.11
mike at Fuzzbutt:~$ gpg-agent --version|head -1
gpg-agent (GnuPG) 2.0.14
mike at Fuzzbutt:~$ pcscd --version|head -1
pcsc-lite version 1.7.0.
mike at Fuzzbutt:~$ ps auxwww|egrep -i 'pcsc|gpg|gnupg'
mike 2239 0.0 0.0 13128 1056 pts/0 S+ 21:26 0:00 egrep
--color=auto -i pcsc|gpg|gnupg
mike 4946 0.0 0.0 52072 1476 ? Sl 20:50 0:00 pcscd
mike 6038 0.0 0.0 12092 284 ? Ss 20:57 0:00
/usr/bin/ssh-agent /usr/bin/gpg-agent --daemon --sh
--write-env-file=/home/mike/.gnupg/gpg-agent-info-Fuzzbutt
/usr/bin/dbus-launch --exit-with-session gnome-session
--session=classic-gnome
mike 6039 0.0 0.0 18668 1220 ? Ss 20:57 0:00
/usr/bin/gpg-agent --daemon --sh
--write-env-file=/home/mike/.gnupg/gpg-agent-info-Fuzzbutt
/usr/bin/dbus-launch --exit-with-session gnome-session
--session=classic-gnome
mike at Fuzzbutt:~$
========================================================================
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
More information about the Gnupg-users
mailing list