Closed MauroMombelli closed 7 years ago
Hi! What OS and GPG version do you use? And what is the version of the device? I have checked lately 4096 bit key generation on Nitrokey Pro using Ubuntu 16.04/GPG 2.1.11 and it worked.
Arch Linux with gnupg 2.1.19, notrokey with firmware 0.8.
Just to be sure, during the key creation procedure I set 4096, my data (I set no expire) and it ask me for the pins. Then it fail, it remember I tryed with 4096 but there are no keys.
One thing I notice is the company in the firmware info does not match what I saw on other example on internet
One thing I notice is the company in the firmware info does not match what I saw on other example on internet
Could you elaborate? Where did you saw it and how it looked like?
gpg --card-status
[...] Version ..........: 2.1 Manufacturer .....: ZeitControl [...]
my bad seems to be correct, i got confused.
when i fail to generate the key, the 4096 size is reported in
Key attributes ...: rsa2048 rsa2048 rsa2048
Despite 4096 bit keys being said as supported, any try to generate them with GPG or GPG2 failed. The same identical setup with 2048 worked first time.
This looks like a bug in GPG 2.1.19. We have just registered one with 2.1.15 but it would be great to have logs from the latest version. Could you take the logs? Please follow these steps to do so:
~/.gnupg/scdaemon.conf
and correct the absolute path there to match own user home directory. If any config is already there please backup it and swap with this one.scdaemon
with pkill scdaemon
.scdaemon
in the background.scdaemon.conf
with the backup, so log files will not be generated during day-to-day use.scdaemon.log
here in a comment as a file.i would add a point
btw in the end it seems to fail because a libusb timeout.
Ah, you are right. I have forgot to mention about the PINs. Sorry! Thank you for the logs! Indeed it looks like the timeout is a cause. I will send it further to GnuPG team.
is there any open issue on gpg that i can follow?
2017-03-24 10:21 GMT+01:00 szszszsz notifications@github.com:
Ah, you are right. I have forgot to mention about the PINs. Sorry! Thank you for the logs! Indeed it looks like the timeout is a cause. I will send it further to GnuPG team.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Nitrokey/nitrokey-pro-firmware/issues/33#issuecomment-288972187, or mute the thread https://github.com/notifications/unsubscribe-auth/AGE80VQlViveXVDaSQa2s97_Wv9rQ4ZIks5ro4sCgaJpZM4Ml80n .
The issue is already fixed in the current development version which should be released as GnuPG 2.1.20.
Just updated GPG to .20, generation worked succesfully. Key not tested but if they will have issue I'll open a new bug report as the problem itself is solved.
Thanks!
Great, thank you for re-testing!
Despite 4096 bit keys being said as supported, any try to generate them with GPG or GPG2 failed. The same identical setup with 2048 worked first time.