On Sat, Dec 30, 2023 at 11:30 PM Felix E. Klee <felix.k...@inka.de> wrote: > Example output with line numbers: > > 01 Reader ...........: Yubico YubiKey CCID 00 00 > 02 Application ID ...: D2760001240103040006186980150000 > 03 Application type .: OpenPGP > 04 Version ..........: 3.4 > 05 Manufacturer .....: Yubico > 06 Serial number ....: 18698015 > 07 Name of cardholder: [not set] > 08 Language prefs ...: [not set] > 09 Salutation .......: > 10 URL of public key : [not set] > 11 Login data .......: [not set] > 12 Signature PIN ....: not forced > 13 Key attributes ...: rsa4096 rsa4096 rsa4096 > 14 Max. PIN lengths .: 127 127 127 > 15 PIN retry counter : 3 0 3 > 16 Signature counter : 0 > 17 KDF setting ......: off > 18 Signature key ....: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > 19 created ....: 2023-06-29 03:50:43 > 20 Encryption key....: DBBD 3239 D0F1 4326 808D FC8F 7CC0 2D68 D2E3 > 1736 > 21 created ....: 2023-06-29 03:50:43 > 22 Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > 23 created ....: 2023-06-29 03:50:43 > 24 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29 > Felix E. Klee (YubiKey) <yubi...@f76.eu> > 25 sec> rsa4096/1BE349D11B6ED589 created: 2023-06-29 expires: > never > 26 card-no: 0006 18698015 > 27 ssb> rsa4096/7CC02D68D2E31736 created: 2023-06-29 expires: > never > 28 card-no: 0006 18698015 > 29 ssb# rsa4096/32B106F6877CC64B created: 2023-11-22 expires: > never
Thanks for all the input! My current state of knowledge is: * Lines 18, 20, 22: Fingerprints identifying the secret keys stored on the card. A fingerprint is an SHA-1 hash of: corresponding public key + some meta data The fingerprints displayed on these lines are stored on the card. * Lines 25, 27, 29: Information about availability of secret keys on the card. The numbers are long key IDs. A long key ID is the last 16 characters of a fingerprint. The fingerprints displayed on these lines are generated from the public keys stored on disk. Here: - sec: Secret primary key - ssb: Secret sub key - >: Secret key is available on the card - #: Secret key is missing from the card For a summary concerning how the fingerprints are calculated, I found: https://blog.djoproject.net/2020/05/03/main-differences-between-a-gnupg-fingerprint-a-ssh-fingerprint-and-a-keygrip/ Please correct me where I’m wrong! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users