turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update documentation for opgpcard info.

Browse source
This commit is contained in:
Heiko Schaefer 2022-04-15 18:03:50 +02:00
parent af3fd437ed
commit 33c0c5a3df
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 38 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
tools/README.md
View file

@ -125,10 +125,9 @@ Password validation retry count:
### Get OpenPGP public key ### Get OpenPGP public key
It is possible to get an OpenPGP public key representation of the keys on a card in many (but not all) circumstances. This command returns an OpenPGP public key representation of the keys on a card.
This command will always return an OpenPGP public key representation, however, eliptic curve-based decryption To bind the decryption and authentication subkeys (if any) to the signing key, the user pin needs to be provided.
(sub-)keys may be wrong (see https://gitlab.com/hkos/openpgp-card/-/issues/2).
``` ```
$ opgpcard pubkey $ opgpcard pubkey
@ -205,38 +204,45 @@ Most of the output is probably not of interest to regular users.
``` ```
$ opgpcard info $ opgpcard info
OpenPGP card FF06:00002001 (card version 2.0) OpenPGP card FFFE:12345678 (card version 2.0)
CardCapabilities { Application Identifier: D276000124 01 01 0200 FFFE 12345678 0000
command_chaining: true, Manufacturer [FFFE]: Range reserved for randomly assigned serial numbers.
extended_lc_le: false,
extended_length_information: false,
}
ExtendedCapabilities { Card Capabilities:
secure_messaging: true, - command chaining
get_challenge: true,
key_import: true,
pw_status_change: true,
private_use_dos: true,
algo_attrs_changeable: false,
aes: false,
kdf_do: false,
sm_algo: 0,
max_len_challenge: 255,
max_len_cardholder_cert: 1216,
max_cmd_len: Some(
255,
),
max_resp_len: Some(
255,
),
max_len_special_do: None,
pin_block_2_format_support: None,
mse_command_support: None,
}
Firmware Version: 1.0.18 Card service data:
- Application Selection by full DF name
- EF.DIR and EF.ATR/INFO access services by the GET DATA command (BER-TLV): 010
Extended Capabilities:
- get challenge
- key import
- PW Status changeable
- algorithm attributes changeable
- KDF-DO
- maximum length of challenge: 32
- maximum length cardholder certificates: 2048
- maximum command length: 255
- maximum response length: 256
Supported algorithms:
SIG: RSA 2048 [e 32]
SIG: RSA 4096 [e 32]
SIG: Secp256k1 (ECDSA)
SIG: Ed25519 (EdDSA)
SIG: Ed448 (EdDSA)
DEC: RSA 2048 [e 32]
DEC: RSA 4096 [e 32]
DEC: Secp256k1 (ECDSA)
DEC: Cv25519 (ECDH)
DEC: X448 (ECDH)
AUT: RSA 2048 [e 32]
AUT: RSA 4096 [e 32]
AUT: Secp256k1 (ECDSA)
AUT: Ed25519 (EdDSA)
AUT: Ed448 (EdDSA)
``` ```
Or to query a specific card: Or to query a specific card: