Yubico Forum
https://forum.yubico.com/

[QUESTION] Yubikey 4 - gpg - Assertion failed
https://forum.yubico.com/viewtopic.php?f=35&t=2480
Page 1 of 1

Author:  helenfornazier [ Tue Nov 08, 2016 4:26 pm ]
Post subject:  [QUESTION] Yubikey 4 - gpg - Assertion failed

Hi,

I just got a Yubikey 4. I am running linux and I am trying to generate a key with gpg --card-edit, but I am getting the error "gpg: ../../g10/app-openpgp.c:2271: build_privkey_template: Assertion `rsa_e_len <= rsa_e_reqlen' failed"
Any ideas how I can solve this?

Code:
$ gpg --card-edit

gpg: detected reader `Yubico Yubikey 4 OTP+CCID 00 00'
Application ID ...: D2760001240102010006049143800000
Version ..........: 2.1
Manufacturer .....: unknown
Serial number ....: 04914380
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: not forced
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 5
Signature key ....: 51C3 E6FE C41E 5262 4DBE  7F03 6E1F EC0D C627 A14F
      created ....: 2016-11-08 13:49:14
Encryption key....: 59CE 2819 D4DB F088 B983  792B 2994 DA99 8781 5F8D
      created ....: 2016-11-08 13:49:14
Authentication key: B963 EC3F 3674 C298 8981  C2CF 353F F934 F626 4878
      created ....: 2016-11-08 13:49:14
General key info..: [none]

gpg/card> admin
Admin commands are allowed

gpg/card> generate
Make off-card backup of encryption key? (Y/n) y

gpg: NOTE: keys are already stored on the card!

Replace existing keys? (y/N) y

Please note that the factory settings of the PINs are
   PIN = `123456'     Admin PIN = `12345678'
You should change them using the command --change-pin


Please enter the PIN
What keysize do you want for the Signature key? (2048)
What keysize do you want for the Encryption key? (2048)
What keysize do you want for the Authentication key? (2048)
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Dak Yubikey
Email address: dak.yubikey@test.org
Comment:
You selected this USER-ID:
    "Dak Yubikey <dak.yubikey@test.org>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
gpg: existing key will be replaced
gpg: 3 Admin PIN attempts remaining before card is permanently locked

Please enter the Admin PIN
gpg: please wait while key is being generated ...
gpg: key generation completed (13 seconds)
gpg: signatures created so far: 0
gpg: existing key will be replaced
gpg: please wait while key is being generated ...
gpg: key generation completed (6 seconds)
gpg: signatures created so far: 1
gpg: signatures created so far: 2
You need a Passphrase to protect your secret key.

                   
Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 186 more bytes)
.....+++++
...........+++++
gpg: existing key will be replaced
gpg: ../../g10/app-openpgp.c:2271: build_privkey_template: Assertion `rsa_e_len <= rsa_e_reqlen' failed.
Aborted (core dumped)

$ lsb_release -a
No LSB modules are available.
Distributor ID:   Ubuntu
Description:   Ubuntu 16.04.1 LTS
Release:   16.04
Codename:   xenial


Author:  kentukynitemare [ Tue Jul 18, 2017 9:36 pm ]
Post subject:  Re: [QUESTION] Yubikey 4 - gpg - Assertion failed

I had the same issue.
For anyone else who has this problem:

install gnupg2
(I had to install scdaemon)
run gpg2 --card-edit

After that you can follow the prompt (or walkthrough here).

Apparently og gpg doesn't play well with newer smart cards.


Edit: https://www.jfry.me/articles/2015/gpg-smartcard/ << Not me, but useful walk through.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/