Page MenuHome GnuPG
Create Task
Maniphest T5837

gpg-card: Authenticate to PIV applet with non-3DES card management key
Open, NormalPublic
Actions

Description

gpg-card currently supports authenticating to PIV applets with 3DES and performing various useful operations on the card. Modern cards are supplied with AES management keys and there is no way to authenticate to these cards.

piv-tool in OpenSC supposedly can do this but I could not find any useful documentation to allow me to do so.

Yubikey documentation lists their supported algorithms: "9B: Triple-DES key (algorithm 03) for PIV management. YubiKeys with firmware 5.4 and up also support AES-128 (algorithm 08), AES-192 (algorithm 0A) and AES-256 (algorithm 0C) keys for PIV management."

The card I'm using is a Gemalto IDPrime PIV 2.1 and is supplied with an AES-128 card management key.

I'm not sure if it's possible, but a workaround that allows swapping the AES-128 key for a 3DES key using another tool, then allowing management with gpg-card, would be a good bridging solution.

Event Timeline

irl created this task.Feb 17 2022, 10:10 AM
werner added a subscriber: werner.Feb 17 2022, 10:48 AM

Setting the management key has been implemented only for Yubikeys. So for Gemalto this won't work.

For using the management key we could distinguish the algorithm simply bu the provided key length:
24 bytes = 3DES
16 bytes = AES128
32 bytes = AES256
I see no easy way to support AES192, though.

Implementing the above suggestion should not be too hard, I just need to read the docs again

werner claimed this task.Feb 17 2022, 10:49 AM
werner triaged this task as Normal priority.
werner added projects: gnupg (gpg23), scd.
irl added a comment.Feb 17 2022, 11:20 AM
In T5837#155062, @werner wrote:

Setting the management key has been implemented only for Yubikeys. So for Gemalto this won't work.

I'm happy to use OpenSC's tools to set the management key initially, but was not able to get that to work yet.

For using the management key we could distinguish the algorithm simply bu the provided key length:

Distinguishing by key length sounds very reasonable. I'm yet to come across a card actually using AES-192 even if it is technically supported by the standard.

OpenSC allows specification of the algorithm by code, i.e. AES-128 is 08. I've only found those documented on Yubikey's documentation and not in the piv-tool documentation, so if you were to name the algorithms then a mapping from the string "aes-128" to 08 internally would make it friendlier.

werner added a project: gnupg24.Dec 13 2022, 11:21 AM
werner removed a project: gnupg (gpg23).Jan 19 2023, 4:47 PM