Decryption fails with 4096bit key on SmartCard

NIIBE Yutaka gniibe at fsij.org
Thu Sep 24 02:46:45 CEST 2015 

On 09/22/2015 10:26 PM, Marcus Ilgner wrote:
> Thank you for the hint. I updated the gist at
> https://gist.github.com/milgner/b823685c8a5960f1f13b to include both the
> output of `gpg --card-status` (which works fine) as well as the log for
> trying to decrypt with CCID disabled in scdaemon.conf (which unfortunately
> it yields the same error as before).

Thank you.  Other than the particular error of decryption failure,
everything looks fine.

> all data stems from the secret key? I.e. the key is moved to the
> card in full and the blinded/public key as well as the fingerprints
> are derived from it there?

When you wrote your private key to the card (with gpg --edit-key and
its sub-command "keytocard"), gpg sent your private key to the card.
After that, gpg sent fingerprint and timestamp to the card.  Public
key is generated by the card from private key.

Could you please try following commands (with debug option in
.gnupg/scdaemon.conf enabled) to see what's going on?

    $ gpgconf --reload scdaemon
    $ rm <old-debug-log of scdaemon>
    $ gpg --card-status

The scdaemon accesses public key information on the card.

You'll see the debug dump of following line:

    raw apdu: 00 47 81 00 02 B8 00 00

This is to read public key (of decryption) from the card.

It should have valid response of public key as a response of
this command.

In my case (of RSA-2048 key), it's like:

==================================================
2015-09-24 09:22:40 scdaemon[5848] DBG:       dump:  7F 49 82 01 09 81 82 01 00 94 9D ED 4A 70 67 E0 6F 4E C4 90 59 BF 8C C5 AD 71 CB FB D8 1D
B8 A8 D4 EE 24 5C 74 42 01 81 C7 3E 7F D8 3D 9E D8 9F D7 9F 93 96 C9 86 C8 0F C0 90 68 A7 7C 4F 91 3F A0 43 DA 3B 8B AF A8 5E 7B 32 46 33 A7 29
88 3F 6B 97 2F FF FE A4 78 33 DF CA 99 05 02 8C 60 BE 65 E6 7A 63 2B E5 43 5F 42 D9 BC F2 4C 3C DF 69 41 26 86 B2 23 68 CB 66 59 D0 15 18 4E 2E
C3 5B 79 4A 51 85 F2 3A 5B CC 98 90 89 79 AD 0B D3 5E 78 C0 00 53 E8 6B E6 AD 83 5F AC E4 C7 40 AE E6 CA 29 23 0A B6 70 77 C3 17 85 6A CF 67 CB
EF B0 B9 14 B0 5A CB 80 03 21 E4 01 34 32 A9 1F BF 46 79 A8 C7 C9 89 F6 A1 C2 19 B1 59 A8 B4 F5 AF DF D4 DA 12 C9 AD 83 7C DD DF D8 16 B3 95 23
3E 3D C0 4A 6B C5 22 C3 FF FC EC 8B 0D 9C 22 4E 0D DA D2 DA D0 BC 5A 68 EF CD 78 69 A3 F9 89 16 F2 CE 7A 7F D1 D6 E8 8E B6 C6 01 82 03 01 00 01
2015-09-24 09:22:40 scdaemon[5848] DBG: chan_5 -> S KEYPAIRINFO 65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C OPENPGP.2
==================================================

'7F 49 82 01 09 81 82 01 00' is a header for the public key.  Then,
raw RSA public key of 256-byte.  Followed by '82 03 01 00 01', which
is public exponent.

65F67E742101C7FE6D5B33FCEFCF4F65EAF0688C is a keygrip of my decryption
key.  "OPENPGP.2" is the name of decryption key of the card (2 means
second key on the card; first key is for singing, third key is for
authentication).


If you will see success of this public key retrieval from your card, I
think that your private key is on your card correctly, but something
was going wrong for decryption operation.

If you will see failure of this public key retrieval from your card, I
think that your private key is not on your card correctly.  Something
was going wrong when you invoked "keytocard" sub-command, but it was
not reported so (and proceeded to register fingerprint and timestamp).
--

More information about the Gnupg-users mailing list