DECIPHER operation fails with 3072 bit keys on OpenPGP 2.0 card
Closed, ResolvedPublic

Description

Using a 3072 bit key on a OpenPGP 2.0 card with GnuPG 2.0.12+patches from issue
1094 fails with a card error. Signing and SSH logins works great and I've
succesfully transferred 3072 bit keys to the card, but DECIPHER fails with this:
2009-08-17 12:16:06 scdaemon[5132] DBG: response: sw=640A datalen=0

Looking at the spec, 640A doesn't even look like a valid error?

What other information can I provide?

Details

Version
2.0.12
soren set Version to 2.0.12.
soren added a subscriber: soren.
werner added a subscriber: werner.Aug 18 2009, 9:34 AM

What card reader are you using?

This is the relevant lsusb output:

Bus 001 Device 005: ID 0b97:7762 O2 Micro, Inc. Oz776 SmartCard Reader

I forgot to mention, by the way, that everything worked fine with my old
Fellowship card (which I lost).

soren added a comment.Aug 18 2009, 1:01 PM

This is the built-in reader in my Dell Latitude D430, by the way.

soren added a comment.Aug 26 2009, 8:55 AM

Is there any more information I can provide? Can you reproduce it?

According to http://pcsclite.alioth.debian.org/shouldwork.html#0x0B970x7762
this reader should work but it has not been tested.

From your description is seems that it works with short APDUs but nut properly
with extended length APDUs which are required for decryption of keys >= 2048
bit. The problem with 3072 bit keys may be due to internal buffer limitations
in the reader of in libccid.

I have no experience with these low-end readers (character level exchange) but
given all the problems with extended lengths APDUs, it is not unlikely that it
just does not work.

Given that you need to use libccid (i.e. pcscd), I'd recommend to ask the
libccid maintainer to look at a dump created with pcscd.

soren added a comment.Sep 1 2009, 10:18 PM

Does the fact that I can encrypt, sign, and authenticate correctly with 3072 bit
keys affect your hypothesis?

This is now a known problem. The likely reason is bug in the card's code. The
workaround is to forget about card based 3072 bit encryption keys.

FWIW, encryption is not done by the card.

We can't do anything about it.
Cards with manufacturer id 5 and serial numbers up to 346 (0x15a) are affected.
Newer cards work fine.

werner closed this task as Resolved.Dec 21 2009, 3:40 PM
werner claimed this task.