Release: 1.4.0
Environment
Win2K and FreeBSD 5.3
SCM SCR331 CCID SmartCard reader (latest firmware) and Gemplus GRC415
OpenPGP SmartCard
Description
Assuming that I have :
- primary signing key in OpenPGP card (RSA1024) (stub in local keyring)
- encryption subkey (RSA1024) in OpenPGP card (stub in local keyring). Now if I add an additional encryption subkey (RSA1024) to my local keyring I have something like :
pub 1024R/3186D0DD created: 2005-01-09 expires: never usage: CS trust: ultimate validity: ultimate sub 1024R/7FFB5067 created: 2005-01-09 expires: never usage: E sub 1024R/012BAB53 created: 2005-01-09 expires: never usage: E [ultimate] (1). TESTNUMBER4
Command> toggle
sec 1024R/3186D0DD created: 2005-01-09 expires: never card-no: 0001 000000F4 ssb 1024R/7FFB5067 created: 2005-01-09 expires: never card-no: 0001 000000F4 ssb 1024R/012BAB53 created: 2005-01-09 expires: never (1) TESTNUMBER4
If I edit the keyring, select the last key added (external subkey) and do a passwd, the links to the smart card get wiped out for the two first keys and the key becomes unusable.
sec 1024R/3186D0DD created: 2005-01-09 expires: never ssb 1024R/7FFB5067 created: 2005-01-09 expires: never ssb* 1024R/012BAB53 created: 2005-01-09 expires: never (1) TESTNUMBER4
How To Repeat
bash-2.05b$ gpg --edit-key TESTNUMBER4
gpg (GnuPG) 1.4.0; Copyright (C) 2004 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
Secret key is available.
pub 1024R/3186D0DD created: 2005-01-09 expires: never usage: CS
trust: ultimate validity: ultimate
sub 1024R/7FFB5067 created: 2005-01-09 expires: never usage: E
sub 1024R/012BAB53 created: 2005-01-09 expires: never usage: E
[ultimate] (1). TESTNUMBER4
Command> key 2
pub 1024R/3186D0DD created: 2005-01-09 expires: never usage: CS
trust: ultimate validity: ultimate
sub 1024R/7FFB5067 created: 2005-01-09 expires: never usage: E
sub* 1024R/012BAB53 created: 2005-01-09 expires: never usage: E
[ultimate] (1). TESTNUMBER4
Command> toggle
sec 1024R/3186D0DD created: 2005-01-09 expires: never
card-no: 0001 000000F4
ssb 1024R/7FFB5067 created: 2005-01-09 expires: never
card-no: 0001 000000F4
ssb 1024R/012BAB53 created: 2005-01-09 expires: never
(1) TESTNUMBER4
Command> key 2
sec 1024R/3186D0DD created: 2005-01-09 expires: never
card-no: 0001 000000F4
ssb 1024R/7FFB5067 created: 2005-01-09 expires: never
card-no: 0001 000000F4
ssb* 1024R/012BAB53 created: 2005-01-09 expires: never
(1) TESTNUMBER4
Command> passwd
Please use the command "toggle" first.
Command> toggle
pub 1024R/3186D0DD created: 2005-01-09 expires: never usage: CS
trust: ultimate validity: ultimate
sub 1024R/7FFB5067 created: 2005-01-09 expires: never usage: E
sub* 1024R/012BAB53 created: 2005-01-09 expires: never usage: E
[ultimate] (1). TESTNUMBER4
Command> passwd
Key is protected.
Enter the new passphrase for this secret key.
Command> list
pub 1024R/3186D0DD created: 2005-01-09 expires: never usage: CS
trust: ultimate validity: ultimate
sub 1024R/7FFB5067 created: 2005-01-09 expires: never usage: E
sub* 1024R/012BAB53 created: 2005-01-09 expires: never usage: E
[ultimate] (1). TESTNUMBER4
Command> toggle
sec 1024R/3186D0DD created: 2005-01-09 expires: never
ssb 1024R/7FFB5067 created: 2005-01-09 expires: never
ssb* 1024R/012BAB53 created: 2005-01-09 expires: never
(1) TESTNUMBER4
===> card-no stubs for two first keys have disappeared!
Fix
Unknown
Release Note
Fixed in CVS