Dear Yutaka, > > Let us show more info about your key. I'm afraid your key size > is not the one OpenPGP card supports. I tested RSA-2048 with > OpenPGP card version 2.1, it works fine for me. > -- >
================== 1. Moving keys to card ================== Using the correct default Admin PIN value of *12345678* I could now successfully move private keys to card, which also set the PIN retry counter correctly: >>>>>>>>>>>>> gpg/card> verify ... Key attributes ...: rsa4096 rsa4096 rsa4096 ... PIN retry counter : 3 3 3 ... <<<<<<<<<<<<< Sofar so good. =================== 2. Changing Admin PIN =================== However, one quite awkward behavior I noticed that I think caused a whole lot confusion on my side. On a card after fresh factory-reset, the first thing I did was trying to set Admin PIN: >>>>>>>>>>>>> gpg/card> admin Admin commands are allowed gpg/card> passwd gpg: OpenPGP card no. DXXX detected 1 - change PIN 2 - unblock PIN 3 - change Admin PIN 4 - set the Reset Code Q - quit Your selection? 3 <<<<<<<<<<<<< It then asks me to "Please enter the Admin PIN". Now, in the believe that *123456789* was the correct default Admin PIN value, I would enter this *wrong* value. I am then prompted to enter "New Admin PIN" value and confirm that. Let's say I use the value *smartcardrocks*. My change is then confirmed with; >>>>>>>>>>>>> PIN changed. <<<<<<<<<<<<< I would now be in the believe that *smartcardrocks* is the new correct Admin PIN. However, any subsequent command that would require the Admin PIN would fail (e.g. moving keys to card, setting reset code, changing admin pin). For example, when I try to set a new reset code I am asked to enter the Admin PIN. I enter *smartcardrocks* I get "Error setting the Reset Code: Bad PIN". I enter *12345678* I also get "Error setting the Reset Code: Bad PIN". I seems the Admin PIN is then broken and set to an "unknown" value. Can you replicate the above described behavior? Thank you kindly. fibmoro _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
