On Mon, Jan 2, 2012 at 2:01 AM, Martin Gollowitzer <go...@fsfe.org> wrote: > * Paul Hartman <paul.hart...@gmail.com> [120102 08:52, > mID <caeh5t2o4hfyoftki8bm16gxwczhbptmvqz7nqiqbw3ykmh5...@mail.gmail.com>]: > >> Hi, >> >> I got a GPF CryptoStick 1.2 yesterday and have successfully added my >> new signing and encrypting subkeys to the card using GPG 2.0.18 and >> using it without trouble so far for those purposes. However, when I >> tried to create an authentication key it gives this error twice: >> gpg: key generation failed: Card error >> gpg: Key generation failed: Card error >> >> To get there, I ran "gpg --edit-key <my keynum>", then "addcardkey" >> command, chose Authentication key, 4096 keysize, enter the requested >> PINs and passphrase, but it results in the error above. >> >> It is likely I'm doing something wrong, but am not sure what... if >> someone has any clues, it is appreciated if you can point me in the >> right direction. > > Even v2 cards can't carry 4096 Bit keys. The maximum size is 3072 Bits > IIRC.
Hi Martin, Crypto-Stick website states that it supported 4096-bit keys when using gnupg 2.0.18, and my signing and encryption subkeys on the card are in fact already 4096 bits, but they were created with gnupg on my PC and then transferred to the card, whereas the auth key creation is happening on the card itself, so maybe it has different limitations in this scenario (card-generated vs PC-generated). As far as I can tell, creation of the auth key outside of the smartcard is not supported. I just tried 3072 bits and it worked. Thanks! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
