Release: 1.4.0
Environment
FreeBSD 5.3.0
SCM SCR331 CCID SmartCard reader (latest firmware)
OpenPGP SmartCard
Description
I don't have any problem generating a key on-card using a serial reader for example (GCR415) on FreeBSD.
Now if I use the SCR331 CCID (firmware updated to the latest .18), I can go through the key generation but it fails at the end :
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
I remember having the same problem on a Windows machine with the same reader (maybe I should try with the --disable-ccid to see how it goes with PC/SC). As soon as I find another CCID reader, I'll give it a try to with the built-in CCID driver.
How To Repeat
ash-2.05b$ gpg --card-edit
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
Command> admin
Command> generate
Make off-card backup of encryption key? (Y/n) y
gpg: DBG: asking for PIN 'PIN'
PIN
Please specify how long the key should be valid.
0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: ONCARDBIS
Email address: ggg@qol.qqq
Comment:
You selected this USER-ID:
"ONCARDBIS <ggg@qol.qqq>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
gpg: existing key will be replaced
gpg: 3 Admin PIN attempts remaining before card is permanently locked
gpg: DBG: asking for PIN '|A|Admin PIN'
Admin PIN
gpg: please wait while key is being generated ...
gpg: key generation completed (17 seconds)
gpg: signing failed: wrong secret key used
gpg: make_keysig_packet failed: wrong secret key used
You need a Passphrase to protect your secret key.
..+++++
+++++
gpg: ccid_transceive failed: (0x1000a)
gpg: apdu_send_simple(0) failed: card I/O error
gpg: failed to store the key: general error
gpg: storing key onto card failed: general error
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: error reading application data
gpg: key generation failed: general error
Key generation failed: general error
Command>
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
gpg: ccid_transceive failed: (0x1000d)
gpg: apdu_send_simple(0) failed: aborted
Fix
Unknown
Release Note
Fixed in CVS by applying the SCM workaround also for later versions. We need to figure out a list of fixed firmare versions per reader type.