Problems with 4096 keys on 2.1 card

NIIBE Yutaka gniibe at fsij.org
Mon Jan 25 13:07:31 CET 2016


On 01/25/2016 06:46 PM, Jorgen Ottosson wrote:
> I noticed some discussions in Sept-15 about this and got the impression
> that it should work.
> 
> Can someone just make a short comment on this, should a 2.0.22 be able to
> generate 4096 keys and/or import 4096 subkeys from keyring?
> 
> The card and reader work ok and imports of shorter keys (like 3072) work
> without issues. This particular system is an Ubuntu 14.04 and the card is
> an OpenPGP Smartcard V2.1.

I think that GnuPG 2.0.22 itself should work well.

However, please note that many card readers have problems with larger
APDU.  Generating keys on card should be ok, but importing keys would
be failed with bad reader.  Signing should be ok, but decryption would
be failed with bad reader.  That's because of length of APDU.
-- 



More information about the Gnupg-users mailing list