Generating RSA-4096 on Nitrokey Pro

NIIBE Yutaka gniibe at
Mon Mar 27 04:40:30 CEST 2017

NIIBE Yutaka <gniibe at> wrote:
> I think that the CCID driver has a bug for TPDU handling for time
> extension from the card.

I confirmed that the problem can be reproducible with Gemelto card
reader (TPDU exchange).

The problem is that OpenPGP card (2.0 or 2.1) needs time out detection
of 43 seconds or so, and its BWI request value is 100 (which is quite

The internal CCID driver doesn't handle block waiting time (BWT)
correctly according to the card protocol, but uses fixed timeout value
of 13-second.

I put a kludge to handle this special case in the internal CCID driver.

Fixed in 0848cfcce738150b53bfb65b78efc1e6dc9f3d26.

More information about the Gnupg-users mailing list