Cannot use the same key to sign & decrypt on librem key

yw662 · August 7, 2019, 6:31am

If the key stored in signature key and encryption key is the same key, when trying to decrypt, gpg will complain “decryption failed: No secret key”. It still works for signing.

(the quote below is directly copy&pasted. Sorry if you cannot read Chinese).

> echo "asdf" |gpg --encrypt -r yw662| gpg --decrypt
gpg: 由 2048 位的 RSA 密钥加密，标识为 A17FA48AEF60D79C，生成于 2019-07-23
      “yw662 <yw662@njit.edu>”
gpg: 公钥解密失败：无效的 ID
gpg: 解密失败：没有秘匙

> gpg --expert --edit-key yw662
(a new encryption subkey created)
gpg> key 3
gpg> keytocard
2
gpg> q
>echo "asdf" |gpg --encrypt -r yw662 | gpg --decrypt
gpg: 由 2048 位的 RSA 密钥加密，标识为 77774FF6E8453F24，生成于 2019-08-07
      “yw662 <yw662@njit.edu>”
asdf

Is it a bug or feature ?

merupp · August 7, 2019, 6:39pm

I’m not much more than a successful user of OpenPGP keys and LetsEncrypt, so take what I say with skepticism. I do my OpenPGP key-making with the Seahorse program instead of command line work.

I think you made that statement wrong or you are doing encryption wrong. The key for signing should be the same as the key for decryption. The encryption key is something only others use, never you.

It works off of modulus arithmetic. You have a public key pair of numbers, which relative to you is called the encryption key for others to use to write you messages. One of the encryption numbers is the product of two giant primes selected by you and those primes are kept secret. That product is the modulus base and is known to the world as much as you can find ways for the world to know it, but you use that modulus base in decryption too.

The other part of the process is a matched set. In the set is a random number you pick that is relatively prime to a slightly modified product of your secret primes ((p1 - 1)*(p2 - 1)). That is your decryption secret key. The other part of the set is the multiplicative inverse relative to the modulus base of your secret decryption key. They have a mathematical symmetry such that if you encrypt with the decryption key, the public encryption key will decrypt the message. That encryption with the decryption key is signing a message.

Your plain text message sent to somebody who doesn’t have their own encryption set up can be signed, and they know its correct and from you because your public key deciphers the encrypted version into the plain text version.

yw662 · August 7, 2019, 7:12pm

When I say “encryption key”, I actually mean “decryption key”. However gpg calls it “encryption key”, (as well as the E flag), that is why I call it this way.

GPG always encrypts with public key and decrypt with private key. So I think there is no misunderstanding here.

merupp · August 8, 2019, 9:31pm

Sorry I was not much help with the last post. I just saw this, and don’t know if it’s related to your problem.
https://nerdpol.ch/u/57b731e9