Key usage of ECC keys on PKCS#15 smartcards doesn't allow decryption?

Werner Koch wk at
Sun Feb 18 17:46:11 CET 2024

On Fri, 16 Feb 2024 15:12, Mario Haustein said:

> Is it likely that the `derive` check was just forgotten at this place? I
> cannot judge the consequences of this change, which is the reason for asking

Well, not forgotten but I have never seen that used by cards.  I'll
check tomorrow whether I can see any problems with your suggestion.

FWIW, in gpgsm we had a somewhat related problem with RSA cards:

/* Telesec RSA cards produced for NRW in 2022 came with only the
 * keyAgreement bit set.  This flag allows their use for encryption
 * anyway.  Example cert:
 *    Issuer: /CN=DOI CA 10a/OU=DOI/O=PKI-1-Verwaltung/C=DE
 * key usage: digitalSignature nonRepudiation keyAgreement
 *  policies:

However, this was clearly wrong.  Thanks for testing with the D-TRUST
cards. I have had always problems working with the Bundesdruckerei ;-)



The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <>

More information about the Gnupg-devel mailing list