https://bugs.kde.org/show_bug.cgi?id=411849
Bug ID: 411849
Summary: RSA4096 option disabled in Kleopatra on newer
smartcards
Product: kleopatra
Version: unspecified
Platform: Other
OS: All
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected]
Target Milestone: ---
SUMMARY
I used Kleopatra 3.1.10 installed as part of the Gpg4Win package on Windows 10.
When generating a new key on a smartcard, Kleopatra presents a drop-down box of
available RSA key sizes. The "4096" option is gated behind an incorrect
version check, checking that the OpenPGP smartcard's version is exactly "2.1":
```
mIs21 = version == QLatin1String("2.1");
```
```
sizes.push_back(1024);
sizes.push_back(2048);
sizes.push_back(3072);
// There is probably a better way to check for capabilities
if (mIs21) {
sizes.push_back(4096);
}
```
This means the option doesn't show up on smartcards implementing later versions
of the OpenPGP on ISO Smart Card spec, which is up to version 3.4. This
affects the latest YubiKey 5, which reports version 3.4.
STEPS TO REPRODUCE
1. Open Kleopatra
2. Insert YubiKey 5
3. Select 'Manage Smartcards' from menu
4. Click "Generate new Keys" button
OBSERVED RESULT
"4096" not listed as an option
EXPECTED RESULT
"4096" should be listed as an option
SOFTWARE/OS VERSIONS
Windows: Windows 10
macOS: untested
Linux/KDE Plasma: untested
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are on the CC list for the bug.
