Decryption fails with 4096bit key on SmartCard

NIIBE Yutaka gniibe at fsij.org
Mon Sep 28 09:03:59 CEST 2015


On 09/25/2015 02:55 PM, Marcus Ilgner wrote:
>> You'll see the debug dump of following line:
>>
>>     raw apdu: 00 47 81 00 02 B8 00 00
>>
> 
> Not sure whether that is significant but there were a few zero bytes more:
> raw apdu: 00 47 81 00 00 00 02 B8 00 08 00

It is also correct.  Short form is 02 and extended form is 00 (the prefix)
and two-byte (00 02).

> Also some slight differences: it says
> 7F 49 82 *02* *0A* 81 82 *02* 00

That's no problem.  It is correct for RSA-4096 key.

> That part looks ok again. Although my public exponent is different, too but
> I guess that's expected :) Yet 527 bytes total sounds plausible for a
> 4096bit key.
> You can find the full output at
> https://gist.github.com/milgner/b823685c8a5960f1f13b#file-public_key_read-log

Thanks.  It looks no problem at all (other than the specific error of
decryption).

> I would assume that the key was indeed transferred successfully then.

Yes.  I think so, too.

> Thanks for the help, I have a feeling we're making some headway towards a
> solution.

The error code of 6A88 is a kind of strange for me.  If it's
OpenPGPcard v3.x with AES symmetric key decryption support, I think
that we could see the error of 6A88, though.

It would be possible this error occurs on other Nitrokey Pro (or other
OpenPGPcard v2.1 implementation), if this were firmware issue.
-- 



More information about the Gnupg-users mailing list