[solved] Nitrokey Pro - RHEL / CentOS 7 - Key generation failed: Card error

I’ve been trying to run the Nirokey Pro under CentOS 7 and gnupg for days now.

I can access the key with nitrokey-app without a problem. I can address the stick without any problems with the nitrokey-app and so e.g. store my name and/or change the PIN.

I can also use the command gpg --change-pin to change the PIn numbers.

But as soon as I try to generate a PGP key on the smartcard I get the error message “Key generation failed: Card error”. It doesn’t matter if I use the key length 2048 or 4096.

gpg/card> generate
Sicherung des Verschlüsselungsschlüssel außerhalb der Karte erstellen? (J/n) n
Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (2048) 
Welche Schlüssellänge wünschen Sie für den Verschlüsselungs-Schlüssel? (2048) 
Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? (2048) 
Bitte wählen Sie, wie lange der Schlüssel gültig bleiben soll.
         0 = Schlüssel verfällt nie
      <n>  = Schlüssel verfällt nach n Tagen
      <n>w = Schlüssel verfällt nach n Wochen
      <n>m = Schlüssel verfällt nach n Monaten
      <n>y = Schlüssel verfällt nach n Jahren
Wie lange bleibt der Schlüssel gültig? (0) 0
Schlüssel verfällt nie
Ist dies richtig? (j/N) j

GnuPG erstellt eine User-ID um Ihren Schlüssel identifizierbar zu machen.

Ihr Name ("Vorname Nachname"): Django aka BOfH
Email-Adresse: secmail@mailserver.guru
Kommentar: Bastard Operator from Hell
Sie haben diese User-ID gewählt:
    "Django aka BOfH (Bastard Operator from Hell) <secmail@mailserver.guru>"

Ändern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(A)bbrechen? f
gpg: key generation failed: Kartenfehler
Schlüsselerzeugung fehlgeschlagen: Kartenfehler

Any idea?

If I try to generate a key on my Fedora 29 host, it is crashing also:

$ gpg --card-edit

Application ID ...: D276000124010303000500006FDA0000
Version ..........: 3.3
Manufacturer .....: ZeitControl
Serial number ....: 00006FDA
Name of cardholder: Michael Nausch
Language prefs ...: de
Sex ..............: male
URL of public key : -
Login data .......: -
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: not forced
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

gpg/card> admin
Admin commands are allowed

gpg/card> generate
Make off-card backup of encryption key? (Y/n) n

Please enter the PIN
What keysize do you want for the Signature key? (2048) 
What keysize do you want for the Encryption key? (2048) 
What keysize do you want for the Authentication key? (2048) 
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Django aka BOfH
Email address: secmail@mailserver.guru
Comment: Bastard Operator from Hell
You selected this USER-ID:
    "Django aka BOfH (Bastard Operator from Hell) <secmail@mailserver.guru>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
gpg: generating new key
gpg: 3 Admin PIN attempts remaining before card is permanently locked

Please enter the Admin PIN
gpg: please wait while key is being generated ...
gpg: ccid_transceive failed: (0x1000a)
gpg: apdu_send_simple(0) failed: card I/O error
gpg: generating key failed
gpg: key generation failed: general error
Key generation failed: general error

gpg/card> 

It’s very strange …

I don’t want anybody to say that I’m not going to bother.

Since the generation of the key material on the smartcard currently does not work, I simply generated a new key as usual. The three keys for encrypting, signing and authorizing were moved to the Nitrokey Pro.

Application ID ...: D276000124010303000500006FDA0000
Version ..........: 3.3
Manufacturer .....: ZeitControl
Serial number ....: 00006FDA
Name of cardholder: Django aka BOfH
Language prefs ...: de
Sex ..............: männlich
URL of public key : [nicht gesetzt]
Login data .......: django
Signature PIN ....: zwingend
Key attributes ...: 4096R 4096R 4096R
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 2
Signature key ....: 2FF4 8288 4984 7D27 3CBF  69EF 421B 7A5D 1621 AC49
      created ....: 2018-11-17 22:51:18
Encryption key....: 1789 99D5 59DC 65B2 D81F  EEB1 BC80 7D20 08FE 8997
      created ....: 2018-11-17 22:44:20
Authentication key: 9B00 F5F6 0678 4C13 B8D3  C505 2833 72B3 7392 86FC
      created ....: 2018-11-17 22:51:50
General key info..: pub  4096R/1621AC49 2018-11-17 Django aka BOfH (Bastard Operator from Hell) <secmail@mailserver.guru>
sec#  4096R/05619F16  erzeugt: 2018-11-17  verfällt: niemals   
ssb>  4096R/08FE8997  erzeugt: 2018-11-17  verfällt: niemals   
                      Kartennummer:0005 00006FDA
ssb>  4096R/1621AC49  erzeugt: 2018-11-17  verfällt: niemals   
                      Kartennummer:0005 00006FDA
ssb>  4096R/739286FC  erzeugt: 2018-11-17  verfällt: niemals   
                      Kartennummer:0005 00006FDA

But if I try to sign a file this will fail unexpectedly.

$ gpg --sign -u 08FE8997 testdokument 
gpg: Prüfung der erstellten Signatur ist fehlgeschlagen: Falsche Unterschrift
gpg: Beglaubigung fehlgeschlagen: Falsche Unterschrift
gpg: signing failed: Falsche Unterschrift

I now assume that the communication between the firmware and the smartcard on the cryptostick works basically. Am I right in assuming that the communication fails somewhere between gnupg, the libccid and the firmware on the stick? Otherwise I can’t really explain it.

… any idea or hint?

Hey Django,

honestly, this looks really a bit odd to me.

As you did not used the key in productive yet, you may start with a clean factory reset first.

If it still behaves the same, please let us know.

Kind regards
Alex

Howdie Alex,

O.K. I don’t want anyone to have to say that I’m not trying. O.K. a little stupid perhaps, but certainly not lazy.

Here are some informations about my environment:
# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)

The following smartcard-relevant packages are installed:
# rpm -q pcsc-lite pcsc-lite-libs pcsc-tools opensc nitrokey-app
pcsc-lite-1.8.8-7.el7.x86_64
pcsc-lite-libs-1.8.8-7.el7.x86_64
pcsc-tools-1.4.25-1.el7.x86_64
opensc-0.16.0-8.20170227git777e2a3.el7.x86_64
nitrokey-app-1.2-1.el7.centos.x86_64

My user has the right access rights on the desired device file:
# lsusb
Bus 002 Device 021: ID 20a0:4108 Clay Logic

# ll /dev/bus/usb/002/021 
crw-rw-r--+ 1 django plugdev 189, 148 19. Nov 17:28 /dev/bus/usb/002/021

As you told me, I made an factory-reset on my Nitrokey Pro 2.
$ gpg-connect-agent < nitrokey-reset.txt
S SERIALNO D276000124010303000500006FDA0000 0
OK
D[0000] 69 82 i.
OK
D[0000] 69 82 i.
OK
D[0000] 69 82 i.
OK
D[0000] 69 83 i.
OK
D[0000] 69 82 i.
OK
D[0000] 69 82 i.
OK
D[0000] 69 82 i.
OK
D[0000] 69 83 i.
OK
D[0000] 90 00 …
OK
D[0000] 90 00 …
OK
card has been reset to factory defaults

So, now I’ve a “virgin” cryptostick:
$ gpg2 --card-status
Application ID …: D276000124010303000500006FDA0000
Version …: 3.3
Manufacturer …: ZeitControl
Serial number …: 00006FDA
Name of cardholder: [nicht gesetzt]
Language prefs …: de
Sex …: unbestimmt
URL of public key : [nicht gesetzt]
Login data …: [nicht gesetzt]
Signature PIN …: zwingend
Key attributes …: 2048R 2048R 2048R
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Signature key …: [none]
Encryption key…: [none]
Authentication key: [none]
General key info…: [none]

On a next step, I personalized my stick:
gpg/card> verify

Application ID ...: D276000124010303000500006FDA0000
Version ..........: 3.3
Manufacturer .....: ZeitControl
Serial number ....: 00006FDA
Name of cardholder: Michael Nausch
Language prefs ...: de
Sex ..............: männlich
URL of public key : [nicht gesetzt]
Login data .......: django
Signature PIN ....: zwingend
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

Last but not least I tried to generate a key on the stick using gpg2 --card-edit as user django:
gpg/card> generate
Sicherung des Verschlüsselungsschlüssel außerhalb der Karte erstellen? (J/n) n
Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (2048)
Welche Schlüssellänge wünschen Sie für den Verschlüsselungs-Schlüssel? (2048)
Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? (2048)
Bitte wählen Sie, wie lange der Schlüssel gültig bleiben soll.
0 = Schlüssel verfällt nie
= Schlüssel verfällt nach n Tagen
w = Schlüssel verfällt nach n Wochen
m = Schlüssel verfällt nach n Monaten
y = Schlüssel verfällt nach n Jahren
Wie lange bleibt der Schlüssel gültig? (0)
Schlüssel verfällt nie
Ist dies richtig? (j/N) j

GnuPG erstellt eine User-ID um Ihren Schlüssel identifizierbar zu machen.

Ihr Name ("Vorname Nachname"): Django aka BOfH
Email-Adresse: secmail@mailserver.guru
Kommentar: Bastard Operator from Hell
Sie haben diese User-ID gewählt:
    "Django aka BOfH (Bastard Operator from Hell) <secmail@mailserver.guru>"

Ändern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(A)bbrechen? F
gpg: key generation failed: Kartenfehler
Schlüsselerzeugung fehlgeschlagen: Kartenfehler
gpg: error setting forced signature PIN flag: Eingabe-/Ausgabefehler

I don’t want to say anything, but somehow it’s very weird. It’s not like I’m dealing with a crypto device for the first time. But the ideas go out slowly. Especially I don’t know what I should still try or which information I could get for debugging purposes.

Hey,

thanks for the information. Nobody thinks you are lazy or not experienced or anything else. I hope nothing I wrote let you think so!

For me it looks like somethings in the card is broken, being honest. @szszszsz What do you think? I’ve never seen this before. The card it responsive (so no blocking by another app), but it shows errors while generating keys.

Kind regards
Alex

HI Alex,

don’t panic! No one here has said that I were stupit or lazy - I was this by my own.

If it helps I can sent the stick to you or to your developers and you can test it by yourself on your system.

ttyl
Django

HI,

here I’m again.

I’ve got a Cryptostick V1.2 here since a few days. (https://dokuwiki.nausch.org/doku.php/centos:cryptos)

After a factory reset of that device I tried to generate on that stick a key:
$ gpg2 --card-edit

Application ID ...: D2760001240102000005000008D10000
Version ..........: 2.0
Manufacturer .....: ZeitControl
Serial number ....: 000008D1
Name of cardholder: [nicht gesetzt]
Language prefs ...: de
Sex ..............: unbestimmt
URL of public key : [nicht gesetzt]
Login data .......: [nicht gesetzt]
Signature PIN ....: zwingend
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

gpg/card> admin
Admin-Befehle sind erlaubt

gpg/card> generate
Sicherung des Verschlüsselungsschlüssel außerhalb der Karte erstellen? (J/n) n

Bitte beachten: Die Werkseinstellung der PINs sind
   PIN = `123456'     Admin-PIN = `12345678'
Sie sollten sie mittels des Befehls --change-pin ändern

Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (2048) 
Welche Schlüssellänge wünschen Sie für den Verschlüsselungs-Schlüssel? (2048) 
Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? (2048) 
Bitte wählen Sie, wie lange der Schlüssel gültig bleiben soll.
         0 = Schlüssel verfällt nie
      <n>  = Schlüssel verfällt nach n Tagen
      <n>w = Schlüssel verfällt nach n Wochen
      <n>m = Schlüssel verfällt nach n Monaten
      <n>y = Schlüssel verfällt nach n Jahren
Wie lange bleibt der Schlüssel gültig? (0) 
Schlüssel verfällt nie
Ist dies richtig? (j/N) j

GnuPG erstellt eine User-ID um Ihren Schlüssel identifizierbar zu machen.

Ihr Name ("Vorname Nachname"): Michael Nausch
Email-Adresse: michael@nausch.org
Kommentar: 
Sie haben diese User-ID gewählt:
    "Michael Nausch <michael@nausch.org>"

Ändern: (N)ame, (K)ommentar, (E)-Mail oder (F)ertig/(A)bbrechen? f
gpg: Schlüssel 6ADEB750 ist als uneingeschränkt vertrauenswürdig gekennzeichnet
Öffentlichen und geheimen Schlüssel erzeugt und signiert.

gpg: "Trust-DB" wird überprüft
gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell
gpg: Tiefe: 0  gültig:   4  signiert:   0  Vertrauen: 0-, 0q, 0n, 0m, 0f, 4u
gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2020-03-19
pub   2048R/6ADEB750 2018-11-19
  Schl.-Fingerabdruck = ADD0 3A37 F364 7CBF 5DBC  46AF 7B1D 9CC2 6ADE B750
uid                  Michael Nausch <michael@nausch.org>
sub   2048R/F8FE6C42 2018-11-19
sub   2048R/BCF9933A 2018-11-19


gpg/card> quit

Either the Nitrokey Pro 2 is broken or the firmeware won’t work with my software-environment on CentOS 7 or Fedora 29.

cul8r
Django

Hi!
There are still a couple of options left. The issue reminds me of the Windows problem in OpenSC, where the key generation was timed out after 60 seconds. But not signing… While at the topic, your OpenSC is v0.16, while the latest one is v0.19. Maybe this one is not handling the OpenPGP v3.3? But that would not explain issues on Fedora 29.
The second card you have inserted is OpenPGP v2.0, which is longer in the market.

1. What is your GnuPG version?
2. Please paste versions of the OpenSC and GnuPG installed on your Fedora 29.
3. Could you update the OpenSC?
4. Could you measure the time, after which generation operation fails? (e.g. with time command). Please do the same with signing.
5. Let’s gather some logs. Could you add to your ~/.gnupg/scdaemon.conf file (if not existing, please create) following lines:

debug-all
debug-ccid-driver
log-file /home/sz/.gnupg/scdaemon-pro-4096.log

Please change the path in log-file parameter to your choosing and restart the scdaemon:

sudo killall scdaemon

Then please reproduce the issue one more time and attach the log here (via any pastebin service). Please make sure you are not using any secrets, or any other smartcards, as whole host<->smartcard communication will be logged.

After that please disable the logging with removing or commenting the mentioned earlier lines in scdaemon.conf, and killing the scdaemon. It should load on next use without the logging feature. Please check then, will the log be updated to make sure logging is stopped.

I have Fedora 29 - will try to reproduce it tomorrow with my Pro 1 (edit: actually it is NK Pro v1 with OpenPGP v3.3). @nitroalex - could you do the same with Nitrokey Pro 2 on CentOS?

HI Szczepan,

first of all, thanx for your help! And I’m sorry to tell you I must be a real jerk. Because I must confess unfortunately!

Okay, what’s it about? I must have been too impatient under Fedora 29. The creation of the key material on the SmartCard of the NitroKey Pro 2 took 1:45 minutes with a 2048 PGP key. The key I created on my Fedora 29 laptop can be used with Fedore 29 without any problems. Also on my CentOS 7 laptop it works fine!
I apologize very much if I had caused any confusion. But under Fedora 29 it works as expected wonderfully!

O.K. If I try to generate a key on my CentOS 7 host it crashes after 5.68 seconds.

Now to your questions:

1. What is my GnuPG version on my CentOS 7? It is:
   $ gpg2 --version
   gpg (GnuPG) 2.0.22
   libgcrypt 1.5.3
   Copyright © 2013 Free Software Foundation, Inc.
   License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
   This is free software: you are free to change and redistribute it.
   There is NO WARRANTY, to the extent permitted by law.

   Home: ~/.gnupg
   Unterstützte Verfahren:
   Öff. Schlüssel: RSA, ?, ?, ELG, DSA
   Verschlü.: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
   CAMELLIA128, CAMELLIA192, CAMELLIA256
   Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
   Komprimierung: nicht komprimiert, ZIP, ZLIB, BZIP2

You’ll find in your nitrokey.com mailbox infos how to access the logfile!

Best regards
Django

Hi Django!
It is a pleasure working with you!

I think it might be worth to add a message to the GnuPG UI making user aware it will take a bit longer. With 4096 it is between 5 and 15 minutes AFAIR. I think there is some message right now, but it does not state the scale.
@nitroalex Could you file a ticket regarding this to GnuPG?

Great!

Thank you for the log! Indeed sending via email was a better solution. Here is the relevant (secret-free) part:

2018-11-19 21:53:47 scdaemon[22473] DBG: ccid-driver:   [0010]  00 E3 01 64 86
2018-11-19 21:53:52 scdaemon[22473] DBG: ccid-driver: usb_bulk_read error: Die Wartezeit für die Verbindung ist abgelaufen
2018-11-19 21:53:52 scdaemon[22473] ccid_transceive failed: (0x1000a)
2018-11-19 21:53:52 scdaemon[22473] apdu_send_simple(0) failed: card I/O error
2018-11-19 21:53:52 scdaemon[22473] Schlüsselerzeugung fehlgeschlagen
2018-11-19 21:53:52 scdaemon[22473] operation genkey result: Kartenfehler
scdaemon[22473]: chan_7 -> ERR 100663404 Kartenfehler <SCD>
2018-11-19 21:53:57 scdaemon[22473] DBG: ccid-driver: usb_bulk_write failed: -110
2018-11-19 21:54:02 scdaemon[22473] DBG: ccid-driver: usb_bulk_write failed: -110
(...)
2018-11-19 21:54:24 scdaemon[22473] DBG: ccid-driver: usb_bulk_write failed: -110

Indeed, the error is reported 5 seconds after the request is sent. Thing is the card I/O error is a general communication error, and the timeout seem to be too short. Scdaemon tried to contact the smart card a couple more times each 5 seconds.

I would blame the OpenSC, since the support for OpenPGPv3 was added in v0.18 as far as I remember. I know we had trouble using it under v0.16 (which is the default in Ubuntu 16.04).
Under CentOS it should be possible to use newer packages, if I am not wrong. I do not know much more about this distribution though.
@nitroalex Do you know any RPM/Centos packages with OpenSC?

Edit: Your GnuPG (2.0.22; current: 2.2.11) is unsupported as well, and could be the reason too. I believe though the scdaemon is communicating via the OpenSC, and upgrading the latter should solve the problem.

The package gnupg2-smime-2.0.22-5.el7_5.x86_64 is the most recent and last version available at CentOS 7 directly from the official repository. I don’t know of any confidential third party sources that provide more recent versions.

The only current chance I see is the change from the remote laptop of CentOS 7 to Fedora 29 and that’s where my problem lies.

Changing to Fedora might be the easiest solution right now, if no other things are in the way.

If one would insist, perhaps it would be possible to use the latest environment (GnuPG/OpenSC) within a Ubuntu Docker instance, similarly to presented here: Nitrokey/gpg-docker. This one is only a test one though, which would require extending for every-day use.

Another option is just a plain compilation and installation using check-install for easy reversibility. For reference - the GnuPG compilation is done in the mentioned Docker image (via .mk file).

Well, if it doesn’t work any other way, that would be my plan “b.” But first I want to try the manual way of importing from the keychain in the user directory.

I will contact you accordingly and hopefully be able to send a success message.

O.K. here I’m again.

I’ve been working on the Nitrokey Pro under CentOS for a while. Since there are unfortunately no more recent packages of gnupg2-smime for CentOS 7, there are the following possible solution scenarios for me:

1. even create a current RPM package for gnupg2-smime, or
2. change from CentOS 7 to Fedora 29, or
3. create PGP keys manually and then move them to the card.

I chose option three and documented my results here: https://wiki.mailserver.guru/doku.php/centos:nitrokey:pro
If something should be unkar, or someone has improvement wishes, then simply give it to me!

Wow, this is an extensive guide Thanks!
I couldn’t keep track of the messages easily: is the situations solved for you? I wanted to recommend to use some Fedora sources but it seems that you already did that anyway…

In general I only worked with CentOS and Fedora for Nitrokey so I wouldn’t call myself experienced here.

Since I am slowly getting old and it is no longer so easy for me to remember, I write down what I have learned for myself.

…and Dick Brandon describes it so aptly: „Documentation is like sex; when it’s good, it’s very, very good, and when it’s bad, it’s better than nothing.“

…or as the Dalai Lama put it so well: „Share your knowledge and you will attain immortality!"

If my blog is also helpful for others, then that’s all the better.

O.K. back to the topic!

Yes I solved my problem on CentOS7, not really nice but it works! And I know that sooner or later Fedore 29 will be used on desktops and remote laptops. What does experience mean? I know a little about it and can help myself well.

You like extensive guides? Here’s the next one for Nitrokey Start:
Nitrokey Start in der Praxis unter CentOS 7.x [Linux - Wissensdatenbank]