Non-deterministic behavior using GnuPG and a smart-card
Adam Sherman
adam at sherman.ca
Wed Feb 8 23:03:56 CET 2017
Is it always the same files that aren't decrypting, or is it truly random?
On Wed, Feb 8, 2017 at 16:22 Dr. Basil Becker <basil at basilbecker.de> wrote:
> Hello,
>
> Peter, thanks for the clarification. I understand your point ;)
>
> On 08.02.2017 20:05, Peter Lebbing wrote:
> > Hello,
> >
> >> I wrote about the problem in more detail at launchpad.net
> >> https://answers.launchpad.net/ubuntu/+source/gnupg/+question/452490
> >
> > I think it is appreciated if you actually describe the problem on the
> > mailing list itself rather than only linking to a website.
> >
> I'm having a setup consisting of a main key, and three sub-keys for
> encryption, authorization and signature. The three sub-keys are stored
> on a Yubikey 4 smart-card.
>
> Authentication and signatures work like a charme. I'm only having
> problems concerning the decryption of mails I received. I'm using
> thunderbird together with enigmail to read my mails, but as the problem
> also occurrs at the CLI, I assume that enigmail is not part of the puzzle.
>
> Well, some messages could be successfully decrypted:
> bb at melmac:~$ gpg2 -vv --output /dev/null -d /tmp/message.txt
> gpg: armor: BEGIN PGP MESSAGE
> gpg: armor header: Version: GnuPG v2
> # off=0 ctb=85 tag=1 hlen=3 plen=400
> :pubkey enc packet: version 3, algo 1, keyid DBC1D85BA9D1D189
> data: [3103 bits]
> gpg: public key is 0xDBC1D85BA9D1D189
> gpg: using subkey 0xDBC1D85BA9D1D189 instead of primary key
> 0x8501968486DF0281
> gpg: public key encrypted data: good DEK
> # off=403 ctb=d2 tag=18 hlen=2 plen=0 partial new-ctb
> :encrypted data packet:
> length: unknown
> mdc_method: 2
> gpg: using subkey 0xDBC1D85BA9D1D189 instead of primary key
> 0x8501968486DF0281
> gpg: encrypted with 3104-bit RSA key, ID 0xDBC1D85BA9D1D189, created
> 2017-01-10
> "Dr. Basil Becker <basil at basilbecker.de>"
> gpg: AES256 encrypted data
> # off=424 ctb=a3 tag=8 hlen=1 plen=0 indeterminate
> :compressed packet: algo=2
> # off=426 ctb=cb tag=11 hlen=2 plen=0 partial new-ctb
> :literal data packet:
> mode b (62), created 1486478293, name="",
> raw data: unknown length
> gpg: original file name=''
> gpg: decryption okay
>
>
> Some messages, however, fail to decrypt:
> bb at melmac:~$ gpg2 -vv --output /dev/null -d /tmp/message-fail.txt
> gpg: armor: BEGIN PGP MESSAGE
> gpg: armor header: Version: GnuPG v2
> # off=0 ctb=85 tag=1 hlen=3 plen=400
> :pubkey enc packet: version 3, algo 1, keyid DBC1D85BA9D1D189
> data: [3104 bits]
> gpg: public key is 0xDBC1D85BA9D1D189
> gpg: using subkey 0xDBC1D85BA9D1D189 instead of primary key
> 0x8501968486DF0281
> # off=403 ctb=d2 tag=18 hlen=2 plen=0 partial new-ctb
> :encrypted data packet:
> length: unknown
> mdc_method: 2
> gpg: using subkey 0xDBC1D85BA9D1D189 instead of primary key
> 0x8501968486DF0281
> gpg: encrypted with 3104-bit RSA key, ID 0xDBC1D85BA9D1D189, created
> 2017-01-10
> "Dr. Basil Becker <basil at basilbecker.de>"
> gpg: public key decryption failed: Hardware problem
> gpg: decryption failed: No secret key
>
> The only difference I see, is that the pubkey data is 3103 bits vs 3104
> bits. Unfortunately, I have no idea, whether this is a meaningful
> difference and if this
>
> If anyone could help me identifying what my problem is or even to solve
> it, I'd appreciate it :) If you need any additional information or
> dedicated log-output, I'm happy to provide it.
>
> Cheers,
> Basil
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
--
Adam Sherman
Directeur des opérations, Sauvetage bénévole Outaouais
Director of Operations, Ottawa Volunteer SAR
CTO, Versature Corp.
+1 613 797 6819
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170208/7d2f68dd/attachment.html>
More information about the Gnupg-users
mailing list