Available Key Attributes Options

Werner Koch wk at gnupg.org
Mon Oct 9 16:57:35 CEST 2017

On Mon,  9 Oct 2017 15:04, alex at nitrokey.com said:

> I can manipulate the key attributes. But I am wondering where I can find
> out what options I have for the last to paramters.

Use the source, Luke.

> So when do I have to use the '22' and in which case a '18'? Does it say

That is the OpenPGP algorithm number: 22 = EdDSA, 18 = ECDH.

> there for ECC-keys? Is there an extensive list? How is for example
> brainpool called and which number do I have to use?

In gnupg/scd/app-openpgp.c:do_setattr you will find the mapping from the
name to the actual DO as specified in the OpenPGP card specs [1].  Some
mappings can't be done directly and it will instead be done by calling a
function, for example

     In (VALUE,VALUELEN), it expects following string:
          RSA: "--force <key> <algo> rsa<nbits>"
          ECC: "--force <key> <algo> <curvename>"
  static gpg_error_t
  change_keyattr_from_string (app_t app,

With the exception of the new ECC features the source of GPA, and in
particular gpa/src/cm-openpgp.c, is a good example on how to control
scdaemon from another application.



[1] https://gnupg.org/ftp/specs/

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20171009/e79fc796/attachment.sig>

More information about the Gnupg-users mailing list