scd bug: specifying 'e length' for RSA key-attr unsupported

NIIBE Yutaka gniibe at
Wed Jul 4 04:39:10 CEST 2018

Trevor Bentley via Gnupg-devel <gnupg-devel at> wrote:
> Specifically, the KEY-ATTR command does not accept 'e bit length' as an 
> argument.  scdaemon simply re-uses whichever value the card defaults to 
> if you change the RSA  key length... but the real bug here is that when 
> switching back to RSA from an EC algorithm, scdaemon hardcodes the 'e 
> bit length' to 32.

In my opinion, the key attributes are not well defined in the spec and
host software needs guessing about behavior of card implementation.

This hard-coding in scdaemon was done for existing OpenPGPcard
implementations; Achim's OpenPGPcard and Gnuk.

> Note that this is a likely case: the OpenPGP on Smart Card spec (v3.3.1) 
> specifies 65537 (bit length 17) as the only value required to be 
> supported, and as the default to use if none is specified.  The protocol 
> does not support specifying 'none', so GPG does have to specify 
> something when changing the algorithm.

According to the spec, there is no information which key attribute
(value and format) is supported by a specific card.  Here, host software
needs guessing.

In the spec, IIRC, it suggests the value "32" for e's length in the key
attributes, as well as the value 65537.  Well, 65537 can be represented
by 32-bit.  IIRC, there is no place in the spec suggesting 17.  I know
that with the background of OpenPGP format itself, 17 makes sense.

> I believe this needs to be fixed in one of two ways:
> 1) add an 'e length' argument to KEY-ATTR (and possibly a matching UI)
> 2) use '17' instead of '32' as the hard-coded length, since all cards 
> are required to support it

Or, you can ask change of OpenPGP card implementation, following other
OpenPGP card implementations.  And make things explicit in the spec.

> --
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 1 1 rsa2048" /bye
> OK
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 1 19 nistp256" /bye
> OK
> $ gpg-connect-agent "SCD SETATTR KEY-ATTR --force 1 1 rsa2048" /bye

Here, it returns "OK" for Achim's OpenPGPcard (I have the test version
of 3.3) and Gnuk 1.2.

More information about the Gnupg-devel mailing list