setup of OpenPGP card not asking for keysize

Matthias Apitz guru at unixarea.de
Sat May 11 18:11:19 CEST 2024


Hello,

I'm setting up a new OpenPGP card I've got from Purism for my second
mobile L5. During the key generation it is not asking for the length of
the key 2024 or 4096 bits. The status is:

purism at pureos:~$ gpg --card-status
Reader ...........: L5 built-in SmartCard Reader 00 00
Application ID ...: D27600012401030400050000CF410000
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: ZeitControl
Serial number ....: 0000CF41
Name of cardholder: [not set]
Language prefs ...: de
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 4
KDF setting ......: off
Signature key ....: 0880 352D F31B 5AED 8E90  FC5B 0650 0BB7 D65F 4BE3
      created ....: 2024-05-11 15:18:52
Encryption key....: 3E6E 4F1D 541F 9BD8 CEF7  C01C EE22 0666 1921 411A
      created ....: 2024-05-11 15:18:52
Authentication key: 1274 5D73 CDA7 69B5 979D  2FE9 5E3B 2EB2 1466 6396
      created ....: 2024-05-11 15:18:52
General key info..: pub  rsa2048/06500BB7D65F4BE3 2024-05-11 Matthias Apitz (OpenPGP card) <guru at unixarea.de>
sec>  rsa2048/06500BB7D65F4BE3  created: 2024-05-11  expires: never
                                card-no: 0005 0000CF41
ssb>  rsa2048/5E3B2EB214666396  created: 2024-05-11  expires: never
                                card-no: 0005 0000CF41
ssb>  rsa2048/EE2206661921411A  created: 2024-05-11  expires: never
                                card-no: 0005 0000CF41

I can do 'generate' again because the keys are still no in use.

Older cards in the dialog were asking (as my write-ups show):

...
What keysize do you want for the Signature key? (2048) 4096
The card will now be re-configured to generate a key of 4096 bits
...

How can i force keysize 4094?
Thanks

	matthias



-- 
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

I am not at war with Russia.
Я не воюю с Россией.
Ich bin nicht im Krieg mit Russland.



More information about the Gnupg-users mailing list