Openpgp card handling depending on manufacturer?
NIIBE Yutaka
gniibe at fsij.org
Mon Nov 5 03:17:48 CET 2012
On 2012-11-04 at 22:46 +0100, Klaus Flittner wrote:
> Is there some code in gnupg that depends on the manufacturer of the card?
All that I can find is the following.
Start from line 3809 of gnupg/scd/app-openpgp.c:
---------
/* Some of the first cards accidently don't set the
CHANGE_FORCE_CHV bit but allow it anyway. */
if (app->card_version <= 0x0100 && manufacturer == 1)
app->app_local->extcap.change_force_chv = 1;
---------
It would be good to your check smartcard reader and ATR string of the
card.
Even when key generation at the card takes more time, there is a
protocol which extends timeout by the smartcard reader (the time
extension request). GnuPG USB communication doesn't timeout when the
smartcard reader uses this protocol.
If it means the whole process, 10 seconds timeout for key generation
operation of RSA 4096-bit key sounds short for me. It is no surprise
for me that it takes, say, 30 seconds.
--
More information about the Gnupg-devel
mailing list