Problem: cannot generate / copy keys larger than 1024bit on my OpenPGP-compatible card

Robin Kipp mlists at robin-kipp.net
Sat Jun 2 17:39:31 CEST 2012


Hello all,
I'm trying to setup my OpenPGP-compatible SmartCard with 2048-bit subkeys, using GnuPG version 2.0.18. However, it seems that I currently can neither copy nor create keys larger than 1024bit on the SmartCard.
When I try to generate a completely new set of keys on the card using gpg --card-edit -> admin -> generate and choosing to overwrite the existing key, GPG will seem to start generating the key, but then exits with a "Card error" but no more details.
I then edited my scdaemon.conf file and set the debug-level to expert, then restarted GPG-Agent and SCDaemon and repeated the process, reproducing the same error.
Here's what I ended up with in the SCDaemon log file:

2012-06-02 15:46:48 scdaemon[6044] DBG: send apdu: c=00 i=47 p1=80 p2=00 lc=2 le=2048 em=1
2012-06-02 15:46:48 scdaemon[6044] DBG:   PCSC_data: 00 47 80 00 00 00 02 B6 00 08 00
2012-06-02 15:46:48 scdaemon[6044] pcsc_transmit failed: not transacted (0x80100016)
2012-06-02 15:46:48 scdaemon[6044] apdu_send_simple(0) failed: general error
2012-06-02 15:46:48 scdaemon[6044] Key generation failed
2012-06-02 15:46:48 scdaemon[6044] operation genkey result: Card error
scdaemon[6044]: chan_7 -> ERR 100663404 Card error <SCD>
scdaemon[6044]: chan_7 <- RESTART
scdaemon[6044]: chan_7 -> OK

This did not result in anything being written to the card, but according to gpg --card-status I now have no keys on the card whatsoever.
Just to make sure the problem wasn't specific to my system, I tried going through this process using GRML and Ubuntu Live CDs, however I always ended up with the same issue at all times...
Please, can anyone here help me out with this one? I've already tried some googling and came up with some results, however none of them offered any helpful solutions as far as I could tell.
Thanks!
Robin


More information about the Gnupg-users mailing list