Enable KDF-DO on a populated GNUK
Szczepan Zalega | Nitrokey
szczepan at nitrokey.com
Tue Jan 26 14:32:33 CET 2021
Hello,
>From my tests it turned out that currently with the recent GNUK 1.2.15
and GnuPG 2.2.25 it is not possible to set up a KDF-DO on a populated /
personalized device (with keys). As a user I would like to have such
option, so I would not be forced through factory reset.
On requesting KDF setting in such case GNUK replies with:
```
2021-01-26 12:35:05 scdaemon[22] DBG: response: sw=6F00 datalen=0
2021-01-26 12:35:05 scdaemon[22] failed to set 'KDF': Card error
```
Is having this GnuPG [1] patch sufficient to make that work, or are
there any changes needed in the GNUK itself?
Best regards,
Szczepan
[1] https://dev.gnupg.org/T3891
--
Szczepan Zalega
Senior Software Developer
Nitrokey GmbH
https://www.nitrokey.com
Email: szczepan at nitrokey.com
Nickname: szszszsz
Rheinstr. 10 C, 14513 Teltow, Germany
CEO / Geschäftsführer: Jan Suhr
Register: AG Potsdam, HRB 32882 P
VAT ID / USt-IdNr.: DE300136599
More information about the Gnuk-users
mailing list