OpenPGP Card V3.3 keytocard error invalid value

Antony Vennard antony at
Wed Nov 7 18:47:11 CET 2018

Dear gnupg-users,

I've recently purchased some v3.3 OpenPGP cards from the floss shop in
Germany. I generated keys on my host for testing using nistp521 for the
primary key and two sub keys marked for authentication and encryption

I was previously able to move all three keys to a card. I'm now
repeating the exercise on a fresh card.

I'm unable to do proceed without getting an error "invalid value" from
keytocard. The key type is set correctly on the card in card status (for
the key that was selected), but the key is not moved. Sometimes I can
move one of my three keys and the others stubbornly refuse to move. I am
not bothered about running a factory reset, so I do this between tests
(the key material is backed up so it can be reimported into the keyring
no problem).

My question is, is this a bug? It certainly looks like it; according to
the sales page and zeitcontrol the cards support up to p521. See . Key storage should not be a problem as three
p521 keys are significantly smaller than three rsa 4096 bit keys even
without point compression, which (rsa4096) work successfully.

Are there any log snippets or other information you need to understand
what is going wrong? How do I get this to work successfully?

linux 4.18 x86_64
gpg (GnuPG) 2.2.8
libgcrypt 1.8.3

I've found similar issues reported against other targets (yubikeys,
nitrokeys etc) but not for the OpenPGP card itself.
Kind Regards / Meilleures Salutations / Mit Freundlichen Grüssen


More information about the Gnupg-users mailing list