Unable to import GnuPG keys moved to smartcard (gnu-divert-to-card)

[koto]

From asel...@gmail.com on July 26, 2014 21:35:43

I am not able import my existing gnupg key. During the import, I get the following message.

"Unsupported id:0"

Note: My key is "2048-bit RSA key" and it does contain a small stamp size jpg in it and I am wondering if that has anything to do with import failure.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=122

[koto]

From asel...@gmail.com on July 26, 2014 12:56:18

Update: It appears that import problem is not related to my existing keys. I created a brand new key with end-to-end, exported the key, and try to import it back and I get the following error.

"undefined is not a function"

[koto]

From asel...@gmail.com on July 26, 2014 13:08:44

Screenshot of the javascript console attached.

Attachment: import_error.png

[koto]

From kkotowicz on July 27, 2014 04:04:02

"Undefined is not a function" is probably because of issue 121 - https://code.google.com/p/end-to-end/issues/detail?id=121 (key import does not work in the current version) , but the GnuPG key is another thing. Is the "Unsupported id: 0" happening when you try to import a public key? If so, would you mind sharing the public key with us?

Or, e.g. sharing the output of:

$ gpg --export | gpg --list-packets

[koto]

From asel...@gmail.com on July 27, 2014 09:04:49

Sorry for the confusion, the "Unsupported id: 0" error happens only when I try to import a private key (i.e. a private GPG key from "Yubikey OpenPGP"). For my other gpg generated private or public key imports, I get the "Undefined is not a function" error. I now realize the later is a known issue.

Not sure you still need my public key for issue 121 but here it is. http://selvans.net/aruls/pub_key.html

[koto]

From koto@google.com on July 28, 2014 04:12:39

"Unsupported id " info is displayed when parsing various algorithm types in e2e/openpgp/constants.js . ID=0 is either dummy "unencrypted" algorithm used as symmetric algorithm ( http://tools.ietf.org/html/rfc4880#section-9.2 ) or "uncompressed" as a compression algorithm ( http://tools.ietf.org/html/rfc4880#section-9.3 ).

If you know how to debug Chrome extensions ( https://developer.chrome.com/extensions/tut_debugging ) , set up a debugger in a throw statement in e2e.openpgp.constants.getAlgorithm function to check when is that happening. Or check what kind of algorithm (compression or symmetric) is triggering that behaviour. Start with this:

$ gpg --export-secret-keys your-user-id | gpg --list-packets | grep alg

and look for zeroes.

Remember - don't share your private key with us, unless it's a throwaway key.

Summary: Unable to import GnuPG keys - Unsupported id: 0 (was: unable to import gnupg keys)

[koto]

From asel...@gmail.com on August 01, 2014 07:12:47

I don't have any experience in chrome extensions development but will certainly attempt to debug it over this weekend as per your suggestion and provide more details.

Here is the output looking for algo 0.

arul@cheetah:~$ gpg --export-secret-keys 6675D56A | gpg --list-packets | sed -rn 's/._(algo._0,)/\0/p' gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0 gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0 gnu-divert-to-card S2K, algo: 0, simple checksum, hash: 0

[koto]

From asel...@gmail.com on August 02, 2014 09:07:25

Attached the screenshot of the exception call stack

Attachment: unsupported_error_callstack.png

[koto]

From koto@google.com on August 04, 2014 03:30:56

It looks as if you're using a key which has been moved to a smart card (or at least one of the keys/subkeys you're trying to import has been moved to a smart card). So what you are importing is just a stub without necessary key material. We don't smartcard keys.

[koto]

From koto@google.com on August 04, 2014 03:32:57

Summary: Unable to import GnuPG keys moved to smartcard (gnu-divert-to-card) (was: Unable to import GnuPG keys - Unsupported id: 0)

[koto]

From asel...@gmail.com on August 04, 2014 06:21:19

Yes, it is a key exported from a smart card (i.e. YubiKey in this case). I did not realize the export of the private key from smart card is only a stub and thank you for clarifying that. Sounds like this is not a problem and the issue can be closed.

[koto]

From evn@google.com on August 05, 2014 13:26:38

while we won't be supporting Yubikey's USB protocol, we'll be adding support for the concept of "hardware" keys, so we might be able in the future to support these keys.

for now, I'll mark it as closed.

Status: WontFix