Hi!
I’ve been successfully using my Nitrokey Pro with GNUPG for some time now.
However, I recently received a mail that I can’t decrypt, and I don’t understand why:
% gpg -d badsample.gpg
gpg: encrypted with 4096-bit RSA key, ID 0x5755EC3454023731, created 2016-09-19
"Vincent Brillault <vincent.brillault@cern.ch>"
gpg: public key decryption failed: Conditions of use not satisfied
gpg: decryption failed: No secret key
My key is usually working fine:
% echo ThisKeyIsUsuallyWorking | gpg -aer 0x5755EC3454023731 > test.gpg
% gpg -d test.gpg
gpg: encrypted with 4096-bit RSA key, ID 0x5755EC3454023731, created 2016-09-19
"Vincent Brillault <vincent.brillault@cern.ch>"
ThisKeyIsUsuallyWorking
I tried looking at the scdaemon logs, but it’s not much verbose:
2017-07-24 09:40:23 scdaemon[5253] DBG: chan_14 <- PKDECRYPT OPENPGP.2
2017-07-24 09:40:23 scdaemon[5253] DBG: send apdu: c=00 i=2A p1=80 p2=86 lc=513 le=512 em=1
2017-07-24 09:40:23 scdaemon[5253] DBG: raw apdu: 00 2A 80 86 00 02 01 00 [...]
2017-07-24 09:40:26 scdaemon[5253] DBG: response: sw=6985 datalen=0
2017-07-24 09:40:26 scdaemon[5253] operation decipher result: Conditions of use not satisfied
2017-07-24 09:40:26 scdaemon[5253] app_decipher failed: Conditions of use not satisfied
2017-07-24 09:40:26 scdaemon[5253] DBG: chan_14 -> ERR 100663427 Conditions of use not satisfied <SCD>
2017-07-24 09:40:26 scdaemon[5253] DBG: chan_14 <- BYE
I’m using: gpg (GnuPG) 2.1.21 with libgcrypt 1.7.8 on Archlinux
Any suggestion on what might be going wrong?