Gnupg 2.1.7 can't decrypt using smartcard key.

NIIBE Yutaka gniibe at fsij.org
Sun Sep 13 03:27:57 CEST 2015


On 09/12/2015 09:03 PM, perillamint wrote:
> Signature key ....: 09CD 5C9E 15E4 F7CA 123A  8A25 5840 050B 37AA 8068
>       created ....: 2015-09-10 18:40:00
> Encryption key....: 09CD 5C9E 15E4 F7CA 123A  8A25 5840 050B 37AA 8068
>       created ....: 2015-09-10 18:40:00
> Authentication key: 09CD 5C9E 15E4 F7CA 123A  8A25 5840 050B 37AA 8068
>       created ....: 2015-09-10 18:40:00
> General key info..: pub  rsa4096/37AA8068 2015-09-10 perillamint
> <perillamint at gentoo.moe>
> sec>  rsa4096/37AA8068  created: 2015-09-10  expires: 2017-09-09
>                         card-no: F517 76EB5FFA

I think that there must be something broken.  It shows that all of
keys on your card are same (37AA8068).

As I showed in the previous mail, each key should have different
fingerprint.

In another command of the following, I can check:

===========================
$ gpg-connect-agent "KEYINFO --list" /bye
S KEYINFO 5D6C89682D07CCFC034AF508420BF2276D8018ED T D276000124010200F517000000010000 OPENPGP.3 - - - - -
S KEYINFO 101DE7B639FE29F4636BDEECF442A9273AFA6565 T D276000124010200F517000000010000 OPENPGP.1 - - - - -
S KEYINFO 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C T D276000124010200F517000000010000 OPENPGP.2 - - - - -
OK
$
===========================

It shows that I have three different keys on a card.

Could you check it?

Or, did you intentionally register a single key to multiple slots?  I
think that this kind of use case is not supported by GnuPG.  It
assumes that each key on card is different.  In that case, I'd
understand the reason why it returns an error of "Invalid ID".
-- 



More information about the Gnupg-users mailing list