Page MenuHome GnuPG

Keys of OpenPGP card not listed for key generation
Closed, InvalidPublic

Description

I generated a key in slot OPENPGP.3 of a blank OpenPGP Card v3.3.

$ gpg-card
Reader ...........: Alcor Micro AU9540 00 00
Card type ........: zeitcontrol
Serial number ....: D2760001240103030005000090760000
Application type .: OpenPGP
Version ..........: 3.3
Displayed s/n ....: 0005 00009076
Manufacturer .....: ZeitControl (5)
Name of cardholder: [nicht gesetzt]
Language prefs ...: de
Salutation .......: 
URL of public key : [nicht gesetzt]
Login data .......: [nicht gesetzt]
Signature PIN ....: zwingend
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Capabilities .....: key-import algo-change priv-data
KDF setting ......: on
Signature key ....: [none]
      keyref .....: OPENPGP.1
      algorithm ..: rsa2048
Encryption key....: [none]
      keyref .....: OPENPGP.2
      algorithm ..: rsa2048
Authentication key: [none]
      keyref .....: OPENPGP.3
      algorithm ..: rsa2048

gpg/card> generate OPENPGP.3
OpenPGP Karte Nr. 0005 00009076 erkannt
gpg/card> list
Reader ...........: Alcor Micro AU9540 00 00
Card type ........: zeitcontrol
Serial number ....: D2760001240103030005000090760000
Application type .: OpenPGP
Version ..........: 3.3
Displayed s/n ....: 0005 00009076
Manufacturer .....: ZeitControl (5)
Name of cardholder: [nicht gesetzt]
Language prefs ...: de
Salutation .......: 
URL of public key : [nicht gesetzt]
Login data .......: [nicht gesetzt]
Signature PIN ....: zwingend
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 0
Capabilities .....: key-import algo-change priv-data
KDF setting ......: on
Signature key ....: [none]
      keyref .....: OPENPGP.1
      algorithm ..: rsa2048
Encryption key....: [none]
      keyref .....: OPENPGP.2
      algorithm ..: rsa2048
Authentication key: 99731C3E7D860AA06FF9AD9C217FA9CC4CF273FF
      keyref .....: OPENPGP.3  (sign,auth)
      algorithm ..: rsa2048
      stored fpr .: 8859FB24E06BBA56D87E9DBCB86495032ECC9541
      created ....: 2025-03-13 17:48:34

When trying to create an UID for this key, the key is not listed in the key generation menu for GnuPG 2.4.7

$ LANG=C gpg --expert --full-generate-key
gpg (GnuPG) 2.4.7; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (13) Existing key
  (14) Existing key from card
Your selection? 14
Serial number of the card: D2760001240103030005000090760000
Available keys:
Your selection? 
gpg: signal Interrupt caught ... exiting

I expected the key to be listed for selection.

Using version 2.4.6 the key is listed as expected.

$ LANG=C gpg --expert --full-generate-key
gpg (GnuPG) 2.4.6; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
   (9) ECC (sign and encrypt) *default*
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (13) Existing key
  (14) Existing key from card
Your selection? 14
Serial number of the card: D2760001240103030005000090760000
Available keys:
   (1) 99731C3E7D860AA06FF9AD9C217FA9CC4CF273FF OPENPGP.3 rsa2048 (sign,auth*)
Your selection? 
gpg: signal Interrupt caught ... exiting

Details

Version
2.4.7