For testing smartcard encryption and authentication I got myself a smartcard reader with built-in pinpad. It is a Chipdrive Pinpad or SPR-532. My OpenPGP smartcard V2 is already working in the smartcard reader in my notebook and in the Gemalto USB Shell Token V2. After fiddling around with different agents and disabling the Gnome stuff the reader was basically working. ssh-add -l
showed my authentication key. But a login with that 4096Bit RSA key did not work. Also gnupg2
failed to move my 4096Bit RSA private key to the card. It seems that the reader does not work with 4096Bit keys with the firmware version 4.51.
After installing the Windows software and firmware stuff it moaned that the reader would need a firmware update. In my case Windows was running in a VirtualBox machine. The reader was connected to the computer via the USB cable and the device was attached to the virtual machine. But the firmware update always failed with an error message that did not allow any concluion to what the error was.
The solution in my case was to connect the smartcard reader to the computer via the RS-232 cable (and PS/2 connector for +5V power) and looping that port through to the virtual machine. After installing the necessary driver the software performed the firmware update succesfully. So if you fail to update the firmware give the RS-232 connection a try.
Now with the latest firmware 4096Bit RSA keys are working on the OpenPGP smartcard V2 using the Chiprive pinpad SPR 532. Happy encrypting…