OpenPGP card and 4096 bit keys
Werner Koch
wk at gnupg.org
Tue Oct 20 09:36:25 CEST 2009
On Mon, 19 Oct 2009 19:55, klaus at flittner.org said:
> i have a openpgp card that supports 4096 keys (even the one from
> kernelconcepts seems to support them). But the usage with gpg is
Note that cards up to a s/n of 0x15a (346) from Zeitcontrol ahve a bug
in that decryption does not work with keys larger than 2048 bit.
> As far as i've looked into the code the only two commands that cause a
> problem are:
> - genkey: Public Key is returned via status lines
> - decrypt: encrypted message is passed as an extra command
Right.
> In my opinion there are two possible ways to fix this limitation:
> 1. Increase the assuan line length limit (>1037 instead of 1000 bytes)
No.
> 2. Change the protocol used for genkey and decrypt
> - genkey would then return the publich key like readkey as s-expression
> - decrypt would inquire the encrypted message instead of a setdata
> before the call of decrypt
Right. However, the change will be easier: We send the key using
several status lines.
This will go into GnuPG 2.1 as time permits.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-devel
mailing list