On 09/24/2013 03:36 AM, Jörg Deckert wrote:
>> You are right. Sorry, there is no standard solution for this. It
>> depends on how a CA handles encryption keys. Set up your own CA and you
>> do not need a CSR.
>
> I have my own CA (XCA / openssl). I think I have 2 options:
> - transfer the key
> You are right. Sorry, there is no standard solution for this. It
> depends on how a CA handles encryption keys. Set up your own CA and you
> do not need a CSR.
I have my own CA (XCA / openssl). I think I have 2 options:
- transfer the key from gnupg to openssl before I move it to card
- tra
On Tue, 24 Sep 2013 08:03, joe...@bitquell.de said:
> This is because the encryption key cannot sign the CSR.
You are right. Sorry, there is no standard solution for this. It
depends on how a CA handles encryption keys. Set up your own CA and you
do not need a CSR.
With the card there is no w
> I think I see what's going wrong here. On my card, OPENPGP.3 refers to the
> authentication key. If you are trying to use this to decrypt stuff, the card
> will outright refuse. Only the encryption key of the card will decrypt
> stuff, and that one should refuse to sign. The other two will only s
On Mon, 23 Sep 2013 20:23, pe...@digitalbrains.com said:
> I think I see what's going wrong here. On my card, OPENPGP.3 refers to the
> authentication key. If you are trying to use this to decrypt stuff, the card
> will outright refuse. Only the encryption key of the card will decrypt stuff,
Righ
On 23/09/13 11:01, Jörg Deckert wrote:
>(1) C080E663512A54C29D1D1108308AF44D28A0EBAE OPENPGP.1
>(2) F106A6B05C3E509BC3BC5C25D02E7D1DE94060F2 OPENPGP.2
>(3) 719D81D0405AF65B1BEC322725CB23DCECE389C4 OPENPGP.3
> Your selection? 3
> Possible actions for a RSA key:
>(1) sign, encrypt
>
> How did you create the key for S/MIME?
$ gpgsm --learn-card
$ LC_ALL=C gpgsm --gen-key > ~/joergd-csr.pem
gpgsm (GnuPG) 2.0.21; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by la
On Sat, 21 Sep 2013 19:28, joe...@bitquell.de said:
> S/MIME decryption with OpenPGP card doesn't work for me:
How did you create the key for S/MIME?
> $ LC_ALL=C gpg --list-secret-keys
Please run
LC_ALL=C gpg --with-keygrip --list-secret-keys
(I assume gpg2 is installed as gpg.)
> $ LC_A
Hi,
S/MIME decryption with OpenPGP card doesn't work for me:
$ gpgsm --armor --encrypt --recipient addr@mail Test.txt >Test.txt.asc
gpgsm: encrypted data created
$ LC_ALL=C gpgsm --decrypt Test.txt.asc
gpgsm: DBG: recp 0 - issuer: x
gpgsm: DBG: recp 0 - serial: 0096A601DB1CC451E4
gpgsm:
