OpenPGP card and 4096 bit keys
Klaus Flittner
klaus at flittner.org
Mon Oct 19 19:55:13 CEST 2009
Hi,
i have a openpgp card that supports 4096 keys (even the one from
kernelconcepts seems to support them). But the usage with gpg is
restricted to 3072 bit due to limits from the communication protocol
between gpg, gpg-agent and scdaemon.
As far as i've looked into the code the only two commands that cause a
problem are:
- genkey: Public Key is returned via status lines
- decrypt: encrypted message is passed as an extra command
In my opinion there are two possible ways to fix this limitation:
1. Increase the assuan line length limit (>1037 instead of 1000 bytes)
2. Change the protocol used for genkey and decrypt
- genkey would then return the publich key like readkey as s-expression
- decrypt would inquire the encrypted message instead of a setdata
before the call of decrypt
Has any of these two options a chance to be included in gnupg?
Regards
Klaus Flittner
More information about the Gnupg-devel
mailing list