Re: OpenPGP card not available- Card error

2010-01-15 Thread taurus 


On 16 January 2010, at 00:39, Benjamin Donnachie wrote:


2010/1/16 taurus :

Are you using MacGPG2, http://macgpg2.sourceforge.net/ ?

Yes, and is working fine in both notebooks.


But you're having trouble with the OpenPGP cards?


Could it be  related to the fact that in the new macbook I have
installed the software for the ID card (pt)?

Link:
http://www.cartaodecidadao.pt/index.php?option=com_content&task=view&id=102&Itemid=44&lang=pt




___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: OpenPGP card not available- Card error

2010-01-15 Thread Benjamin Donnachie 
2010/1/15 taurus :
> Change to a new macbook pro and my card reader is not recognized by gpg2.
> In the old notebook is fine. OS is the same in both; Mac OSX 10.5.8

Are you using MacGPG2, http://macgpg2.sourceforge.net/ ?

Ben

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

OpenPGP card not available- Card error

2010-01-15 Thread taurus 

Hi list,

Change to a new macbook pro and my card reader is not recognized by  
gpg2.

In the old notebook is fine. OS is the same in both; Mac OSX 10.5.8



computer:~$ pcsctest

MUSCLE PC/SC Lite Test Program

Testing SCardEstablishContext: Command successful.
Testing SCardGetStatusChange
Please insert a working reader   : Command successful.
Testing SCardListReaders : Command successful.
Reader 01: Gemplus GemPC Twin 00 00
Enter the reader number  : 01
Waiting for card insertion
 : Command successful.
Testing SCardConnect : Command successful.
Testing SCardStatus  : Command successful.
Current Reader Name  : Gemplus GemPC Twin 00 00
Current Reader State : 0x34
Current Reader Protocol  : 0x1
Current Reader ATR Size  : 20 (0x14)
Current Reader ATR Value : 3B FA 13 00 FF 81 31 80 45 00 31 C1  
73 C0 01 00 00 90 00 B1

Testing SCardDisconnect  : Command successful.
Testing SCardReleaseContext  : Command successful.
Testing SCardEstablishContext: Command successful.
Testing SCardGetStatusChange
Please insert a working reader   : Command successful.
Testing SCardListReaders : Command successful.
Reader 01: Gemplus GemPC Twin 00 00
Enter the reader number  : 01
Waiting for card insertion
 : Command successful.
Testing SCardConnect : Command successful.
Testing SCardStatus  : Command successful.
Current Reader Name  : Gemplus GemPC Twin 00 00
Current Reader State : 0x34
Current Reader Protocol  : 0x1
Current Reader ATR Size  : 20 (0x14)
Current Reader ATR Value : 3B FA 13 00 FF 81 31 80 45 00 31 C1  
73 C0 01 00 00 90 00 B1

Testing SCardDisconnect  : Command successful.
Testing SCardReleaseContext  : Command successful.

PC/SC Test Completed Successfully !
~$ gpg --card-status
gpg: selecting openpgp failed: Card error
gpg: OpenPGP card not available: Card error
computer:~$




Any idea?

TIA.



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

[admin] web pages not updated

2010-01-15 Thread Marco Maggi 
Ciao,

  I generate some noise here in the hope to reach the admins
of www.gnupg.org;  despite the recent releases  of gpgme and
libassuan, the page at:

   

still proposes  links to  gpgme version 1.1.8  and libassuan
version 1.0.5.

TIA
-- 
Marco Maggi

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: weird behavior of symmetrically encrypted file

2010-01-15 Thread Daniel Kahn Gillmor 
Hi Tobias--

On 01/15/2010 04:24 AM, Tobias wrote:
> Why do I get a passphrase ("3ity") which I can't remember having ever
> used in my life? Why does gpg regard it as correct but still not decrypt
> my file? And apart from these somewhat academical questions: Is there a
> way I can use the half-correct passphrase to refine (which means, speed
> up) my search for the truly correct one? If I can use it to
> significantly reduce the set of possible passphrases, it may save me
> some decades worth of blind guessing.

I suspect what you're seeing is a function of the way the OpenPGP
standard handles passphrase calculations for "Symmetrically Encrypted
Data Packet" [0].

Basically, the data that is being symmetrically encrypted is prefixed
with an IV that contains a duplicated chunk of 16 bits for a
non-normative "quick check" that the session key was correct.  This
means that 1 out of 2^16 choices of session key will falsely pass the
quick-check purely by chance, even though the material is actually not
correctly decrypted.

I don't know what brute force method you were using, but i suspect you
had about 5 bits of entropy per character in your enumerations.  For
example, all lower-case letters plus numbers is a total of 36
possibilities, which is just about 5 bits (2^5 == 32).  With 4-character
passphrases at 5 bits per character, you would run through 2^20
passphrases.  So it's likely that you exhausted 2^16 passphrases, and
stumbled into one of the "quick check" false positives.  This does *not*
mean that your data is insecure.  It means the quick check is advisory
at best.

(see also the security considerations related to this "quick check" [1])

hope this helps,

--dkg

[0] http://tools.ietf.org/html/rfc4880#section-5.7
[1] http://tools.ietf.org/html/rfc4880#page-84



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

weird behavior of symmetrically encrypted file

2010-01-15 Thread Tobias 
Hi there,

I have a symmetrically encrypted gpg file I want to decrypt. It seems I
have forgotten the passphrase, because none of the ones I'd usually use
for such a file will work. So I wrote a python script that tries to find
the correct passphrase by brute force. I didn't put much hope in it, but
hey, better to do something else other than agonize about the correct
passphrase, right?

So imagine my surprise when after only a couple of hours my script says
it has found the correct passphrase. I try it and hooray, gpg doesn't
throw the "decrpytion failed: bad key" message. Unfortunately, it still
doesn't decrypt the file. It simply does nothing at all.
.
# gpg --no-use-agent --passphrase "3ity" usbkey-howto.txt.gpg
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected
# ls usbkey-howto.txt
ls: cannot access usbkey-howto.txt: No such file or directory

Why do I get a passphrase ("3ity") which I can't remember having ever
used in my life? Why does gpg regard it as correct but still not decrypt
my file? And apart from these somewhat academical questions: Is there a
way I can use the half-correct passphrase to refine (which means, speed
up) my search for the truly correct one? If I can use it to
significantly reduce the set of possible passphrases, it may save me
some decades worth of blind guessing.

I'm using GnuPG 1.4.9 on Ubuntu 9.04. The encrypted file is attached for
reference. Glad for any help!


-- 
Liebe Grüße
Tobias





usbkey-howto.txt.gpg
Description: application/pgp-encrypted
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users