decryption fails with "Missing item in object" even though private key is available
Closed, DuplicatePublic

Description

Decryption of files that have been encrypted to a specific public key and also
to my own key, which is stored on an OpenPGP card, fails with an error:

gpg: public key decryption failed: Missing item in object

A similar problem has been reported on the gnupg-user list before, without
resolution:
https://lists.gnupg.org/pipermail/gnupg-users/2015-September/054352.html

Using other public keys as a recipient, in addition to the same on-card private
key, works.

Here is a detailed reproduction of the problem, sensitive info removed:

$ gpg2 --version
gpg (GnuPG) 2.0.26
libgcrypt 1.6.3
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA, RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

My key is E1E4240C, with three subkeys:

$ gpg2 --list-secret-keys E1E4240C
sec# 4096R/0x811D6940E1E4240C 2015-07-29 [expires: 2016-07-28]

Key fingerprint = 263A 9EB0 29CF C77A 3D06  FD13 811D 6940 E1E4 240C

uid Jean-Luc Picard (Lead Developer of The Nxt
Generation) <jlp@secure.mailbox.org>
uid Jean-Luc Picard (Lead Developer of The Nxt
Generation) <jlp@mailbox.org>
uid Jean-Luc Picard (Lead Developer of The Nxt
Generation) <jlp666@yandex.ru>
ssb> 4096R/0xDAAF6B191688FE19 2015-07-29 [expires: 2016-07-28]
ssb> 4096R/0x6680CC7534D723A6 2015-07-29 [expires: 2016-07-28]
ssb> 4096R/0x4795F071203F4B56 2015-07-29 [expires: 2016-07-28]

The subkeys are available on the smart card:

$ gpg2 --card-status
Application ID ...: {removed for privacy}
Version ..........: 2.1
Manufacturer .....: ZeitControl
Serial number ....: {removed for privacy}
Name of cardholder: [not set]
Language prefs ...: en
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: 4096R 4096R 4096R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 3 3
Signature counter : 1089
Signature key ....: CC45 5265 FF23 E437 3001 74BC DAAF 6B19 1688 FE19

created ....: 2015-07-29 23:02:34

Encryption key....: 63B2 3D39 557F 903D C1C5 49F0 6680 CC75 34D7 23A6

created ....: 2015-07-29 23:04:30

Authentication key: CDB1 6EE8 7CE2 85C2 1697 D1A2 4795 F071 203F 4B56

created ....: 2015-07-29 23:06:38

General key info..: pub 4096R/0xDAAF6B191688FE19 2015-07-29 Jean-Luc Picard
(Lead Developer of The Nxt Generation) <jlp@secure.mailbox.org>
sec# 4096R/0x811D6940E1E4240C created: 2015-07-29 expires: 2016-07-28
ssb> 4096R/0xDAAF6B191688FE19 created: 2015-07-29 expires: 2016-07-28

card-no: {removed for privacy}

ssb> 4096R/0x6680CC7534D723A6 created: 2015-07-29 expires: 2016-07-28

card-no: {removed for privacy}

ssb> 4096R/0x4795F071203F4B56 created: 2015-07-29 expires: 2016-07-28

                      card-no: {removed for privacy}

These are the two public keys to which I am testing encryption in addition to my
own:

$ gpg2 --list-keys riker
pub 2048R/0x1752ECBD29712427 2016-03-11 [expires: 2026-03-09]

Key fingerprint = E3A2 681A 5FD1 58F5 D345  1746 1752 ECBD 2971 2427

uid [ full ] Riker <riker@mailbox.org>
uid [ full ] {removed for privacy} <riker@mailbox.org>
sub 2048R/0xEA5FEB25110053DD 2016-03-11 [expires: 2026-03-09]

pub 2048R/0xD30FDF6E06022130 2016-03-12 [expires: 2026-03-10]

Key fingerprint = 6ACF 480D C422 20F9 9DEC  EA53 D30F DF6E 0602 2130

uid [ full ] {removed for privacy} <riker@mailbox.org>
sub 2048R/0x22D1006BB6C92DB2 2016-03-12 [expires: 2026-03-10]

Encrypting a text file to my key and also to 29712427 works:

$ echo qwerty > a.txt
$ gpg2 -r 29712427 -r E1E4240C -o bad.gpg -e a.txt

Trying to decrypt the resulting bad.gpg file however fails:

$ gpg2 -o a1.txt -d bad.gpg
gpg: encrypted with 4096-bit RSA key, ID 0x6680CC7534D723A6, created 2015-07-29

"Jean-Luc Picard (Lead Developer of The Nxt Generation)

<jlp@secure.mailbox.org>"
gpg: public key decryption failed: Missing item in object
gpg: encrypted with 2048-bit RSA key, ID 0xEA5FEB25110053DD, created 2016-03-11

"Riker <riker@mailbox.org>"

gpg: decryption failed: No secret key

Encrypting the same text file to my key and also to 06022130 works:

$ gpg2 -r 06022130 -r E1E4240C -o good.gpg -e a.txt

And decryption of good.gpg also works:

$ gpg2 -o a2.txt -d good.gpg
gpg: encrypted with 2048-bit RSA key, ID 0x22D1006BB6C92DB2, created 2016-03-12

"{removed for privacy} <riker@mailbox.org>"

gpg: encrypted with 4096-bit RSA key, ID 0x6680CC7534D723A6, created 2015-07-29

"Jean-Luc Picard (Lead Developer of The Nxt Generation)

<jlp@secure.mailbox.org>"

$ more a2.txt
qwerty
$ more a.txt
qwerty

This is the public key with which the problem occurs:

$ gpg2 --armour --export 29712427
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBFbiqPwBCACewqedPW3jBThXEz6YjJUOrwOa0/bjxDswdehnQTX9tF0snvIv
DlQioSUqmlDJDyXP+zzJCyuXU5kpMtuMPIp7YZyOa78DUYhsJUn237qZGwspXtk1
THs88f4fai5bivYheHcP+kvMWaK9LKe7wpDm0Glg1uipMttEQwuHozcKujnVMV
c+bTzg/TEVO1ODMROyIkIwMa4RBE29JgnNpoDP5QDB0rclmSrKiplRRUcN3Cn4In
qSFbx6xiIGXDqpk2k+gkgJH5hs7YUP7Fkn5Wc5a2/ZMU0D+xD4x1WStfPzWCN2ZN
b+kn1IbyF9P6/yF53nOSclaiEmApBbnNwsd3ABEBAAG0GVJpa2VyIDxyaWtlckBt
YWlsYm94Lm9yZz6JARwEEwECAAYFAlbisqAACgkQF1LsvSlxJCd7EAf+KqQiKt32
fRM15Li8xFQqJWFyQNcGN8jxjvU9Qbr4Sa/Is3+8dvlzx/AV8Xz0SQ/plPIVoMTz
S+AHX88yAuUV6BVebOVaaimGl7YRE120tyzn4Am49aUVOz6MjeZ7N1kbAp4mx7IL
qQntiwvBet2FvWo5zwt0M3RvztHwhPQw91/R9IV3ZCCIz9NzpVpvEeId6C9deF2P
TU8hJiDcio4/F4eklL2yurFZoYaK2h6IC93ZSk+tbbcmsdlnF+knHw3+0rU9baiC
g1ByBHV3VBImFuWcmHdlsX2iSH/vrdCbsSKyl1lOl9j6XSEMty+6z4OuW+qAq+rz
TL43hSJXSFKl3LQeTGlvciBZYWZmZSA8cmlrZXJAbWFpbGJveC5vcmc+iQExBBMB
AgAbBQJW4qj8AhsDBAsJCAcGFQgCCQoLBQkSzAMAAAoJEBdS7L0pcSQnYz4H/347
gHzTS5g3CXOauUH+NXWU5AUBPD+ytEIpFB38BBTvycw0O4j/iJnZj0WQNzpB4POT
clszp/4C1JECVc0EzoT+LbC4WTDwLsbr4lH4guCxIEDHEcRN2D8+SczUpA3bwUSq
/giZIdQVgyqELZU1Ye87eqSD06NWRTUFl9pv9A+53fy/pMip6klqBydp2pM1xDcA
xdLs7v1SQM6A8te9aQ3Vs4HCaPsGqt6DgPfNxJ9BspkDEZGB/AI/QT8RXsqoSsGA
ftJVlmlqCJJr/tFDXxDrtm3LXxQBPtK4CAQIyuBSBr0iyuW/LIceYu96EUBiW7nd
Ftc9yxRad1lhHvElEri5AQ0EVuKo/AEIALpTaJuYxeEve5dnGe3ZQ0z2AUyeeasy
Jq6Br8H5gX7nR2MOPD+FXLx1q88XU2sbEpxEi0YPuM3W5FpC51glWUhlDd5oL5TF
1QPuw85vQpWqhzSFYdgZs5otQTOmhiVqWmZi5DqtMvdZ+61xos3DaN6U4eRUgcce
tDf61ybXtzXmNgtyrfU+iGlL780wvq/nLus4NlB2HpA8xr/lBs3O4p5MjGprz1QQ
Z4TXWMUhUcfIJ9tL7nq/Ycygv6fWZdSUfj+Sse56jg1eSx9N/tSojZdbdRNhbCcP
mgNJBpe6K4eqJMg7s3PkBVI/uorvdl+RmsIgYz9xktVDddZXnJXhXokAEQEAAYkB
MQQYAQIAGwUCVuKo/AIbDAQLCQgHBhUIAgkKCwUJEswDAAAKCRAXUuy9KXEkJz5R
B/0Y3hkXbhbROtUxDY+GG3NIWCNwKeCTVSeFkekfpT4AD2zs0GB7i8EjTC29tXTc
Yu+bqUpds/sgamq2+XvsamBluE5RQfeTc0aD2VEzhJmLr2Uk2wx6rf1di3qL0Qyp
Jntm2zv8xQROqzP3gHFI8f6AN45P2EnDkyREc1oWZY0aFwegn4QDbFZRiRsbfyAA
ffUdR+9Q1BfwdWI3ke6
GgSPJskWIfKBBBNz95K0kp7kgHsvS61DsDGYpnP4ktF
xCDSZFEf9tpToqmifpUaErDXoBHqro8l536KgqeYnz21f65yovoFfoXTCCRMZeiR
vnJy5SJcTqrHRrm2c6gNzIHM

ZLC1

-----END PGP PUBLIC KEY BLOCK-----

Details

Version
2.0.26
jlp set Version to 2.0.26.
jlp added a subscriber: jlp.
werner added a subscriber: werner.Mar 17 2016, 3:39 PM

The current version is 2.0.29 - please try again using this version.

jlp added a comment.Mar 19 2016, 9:22 AM

Fails with 2.0.29 too, compiled from source. With enabled debug-all verbose in
scdaemon.conf, the log ends with:

2016-03-19 10:12:09 scdaemon[1988] DBG: response: sw=6A88 datalen=0
2016-03-19 10:12:09 scdaemon[1988] operation decipher result: Missing item in object
2016-03-19 10:12:09 scdaemon[1988] app_decipher failed: Missing item in object
scdaemon[1988]: chan_7 -> ERR 100663364 Missing item in object <SCD>
scdaemon[1988]: chan_7 <- RESTART
scdaemon[1988]: chan_7 -> OK

Thanks. We need to know some more detailed information. Please
put

debug 2018
debug 1024
log-file /somewhere/scd.log

into scdaemon.conf, kill scdaemon and try again. It seems you have not yet been
asked for a PIN so the log won't reveal the PIN. Anyway, you may want to send
the log to me by PM (wk@gnupg.org - key 1e42b367).

debug 2048
debug 1024

is what I need.

jlp added a comment.Mar 21 2016, 10:13 PM

Without pcscd running, I get a "Not supported" error. The scd.log is attached.
Using pcscd, it works, except for that special case.

jlp added a comment.Mar 21 2016, 10:13 PM

There seems to be a problem with your reader. We would need to closer analyze
the log (which I copy below):

DBG: send apdu: c=00 i=A4 p1=00 p2=0C lc=2 le=-1 em=0
DBG: ccid-driver: PC_to_RDR_IccPowerOn:
DBG: ccid-driver: dwLength ..........: 0
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 145
DBG: ccid-driver: bPowerSelect ......: 0x01 (5.0 V)
DBG: ccid-driver: [0008] 00 00
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 21
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 145
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] 3B DA 18 FF 81 B1
DBG: ccid-driver: [0016] FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C
DBG: ccid-driver: PC_to_RDR_XfrBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 146
DBG: ccid-driver: bBWI ..............: 0x00
DBG: ccid-driver: wLevelParameter ...: 0x0000
DBG: ccid-driver: [0010] FF 11 18 F6
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 146
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] FF 11 18 F6
DBG: ccid-driver: PC_to_RDR_SetParameters:
DBG: ccid-driver: dwLength ..........: 7
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 147
DBG: ccid-driver: bProtocolNum ......: 0x01
DBG: ccid-driver: [0008] 00 00 18 10 FF 75 00 FE
DBG: ccid-driver: [0016] 10
DBG: ccid-driver: RDR_to_PC_Parameters:
DBG: ccid-driver: dwLength ..........: 7
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 147
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: protocol ..........: T=1
DBG: ccid-driver: bmFindexDindex ....: 18
DBG: ccid-driver: bmTCCKST1 .........: 10
DBG: ccid-driver: bGuardTimeT1 ......: FF
DBG: ccid-driver: bmWaitingIntegersT1: 75
DBG: ccid-driver: bClockStop ........: 00
DBG: ccid-driver: bIFSC .............: 254
DBG: ccid-driver: bNadValue .........: 16
DBG: ccid-driver: PC_to_RDR_XfrBlock:
DBG: ccid-driver: dwLength ..........: 5
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 148
DBG: ccid-driver: bBWI ..............: 0x00
DBG: ccid-driver: wLevelParameter ...: 0x0000
DBG: ccid-driver: [0010] 10 C1 01 FE 2E
DBG: ccid-driver: RDR_to_PC_DataBlock:
DBG: ccid-driver: dwLength ..........: 4
DBG: ccid-driver: bSlot .............: 0
DBG: ccid-driver: bSeq ..............: 148
DBG: ccid-driver: bStatus ...........: 0
DBG: ccid-driver: [0010] 00 82 00 82
DBG: ccid-driver: invalid response for S-block (Change-IFSD)
apdu_send_simple(0) failed: unknown host status error
DBG: send apdu: c=00 i=A4 p1=04 p2=00 lc=6 le=-1 em=0

werner added a subscriber: gniibe.Mar 22 2016, 6:03 PM

Thank you for your report and the log, but it doesn't have useful information so
that I can debug.

The information of card reader is required, if the problem happens for specific
card reader only. Please include full log which includes card reader information.

gniibe claimed this task.Mar 23 2016, 3:52 AM