[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: gpg --card-status
From: "Felix E. Klee" <felix.klee () inka ! de>
Date: 2024-01-02 22:06:59
Message-ID: CA+m_8J3QdOhMvAgVRiOt_A+VL4Y1FxTSrwE09m-0MJ5oqwY7cQ () mail ! gmail ! com
[Download RAW message or body]
On Sat, Dec 30, 2023 at 11:30 PM Felix E. Klee <felix.klee@inka.de> wrote:
> Example output with line numbers:
>
> 01 Reader ...........: Yubico YubiKey CCID 00 00
> 02 Application ID ...: D2760001240103040006186980150000
> 03 Application type .: OpenPGP
> 04 Version ..........: 3.4
> 05 Manufacturer .....: Yubico
> 06 Serial number ....: 18698015
> 07 Name of cardholder: [not set]
> 08 Language prefs ...: [not set]
> 09 Salutation .......:
> 10 URL of public key : [not set]
> 11 Login data .......: [not set]
> 12 Signature PIN ....: not forced
> 13 Key attributes ...: rsa4096 rsa4096 rsa4096
> 14 Max. PIN lengths .: 127 127 127
> 15 PIN retry counter : 3 0 3
> 16 Signature counter : 0
> 17 KDF setting ......: off
> 18 Signature key ....: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
> D589
> 19 created ....: 2023-06-29 03:50:43
> 20 Encryption key....: DBBD 3239 D0F1 4326 808D FC8F 7CC0 2D68 D2E3
> 1736
> 21 created ....: 2023-06-29 03:50:43
> 22 Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E
> D589
> 23 created ....: 2023-06-29 03:50:43
> 24 General key info..: pub rsa4096/1BE349D11B6ED589 2023-06-29
> Felix E. Klee (YubiKey) <yubikey@f76.eu>
> 25 sec> rsa4096/1BE349D11B6ED589 created: 2023-06-29 expires:
> never
> 26 card-no: 0006 18698015
> 27 ssb> rsa4096/7CC02D68D2E31736 created: 2023-06-29 expires:
> never
> 28 card-no: 0006 18698015
> 29 ssb# rsa4096/32B106F6877CC64B created: 2023-11-22 expires:
> never
Thanks for all the input! My current state of knowledge is:
* Lines 18, 20, 22: Fingerprints identifying the secret keys stored on
the card.
A fingerprint is an SHA-1 hash of: corresponding public key + some
meta data
The fingerprints displayed on these lines are stored on the card.
* Lines 25, 27, 29: Information about availability of secret keys on
the card.
The numbers are long key IDs. A long key ID is the last 16
characters of a fingerprint.
The fingerprints displayed on these lines are generated from the
public keys stored on disk.
Here:
- sec: Secret primary key
- ssb: Secret sub key
- >: Secret key is available on the card
- #: Secret key is missing from the card
For a summary concerning how the fingerprints are calculated, I found:
https://blog.djoproject.net/2020/05/03/main-differences-between-a-gnupg-fingerprint-a-ssh-fingerprint-and-a-keygrip/
Please correct me where I'm wrong!
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic