https://bugs.kde.org/show_bug.cgi?id=411849
Bug ID: 411849 Summary: RSA4096 option disabled in Kleopatra on newer smartcards Product: kleopatra Version: unspecified Platform: Other OS: All Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: aheine...@gnupg.org Reporter: tre...@yubico.com CC: kdepim-b...@kde.org, m...@kde.org Target Milestone: --- SUMMARY I used Kleopatra 3.1.10 installed as part of the Gpg4Win package on Windows 10. When generating a new key on a smartcard, Kleopatra presents a drop-down box of available RSA key sizes. The "4096" option is gated behind an incorrect version check, checking that the OpenPGP smartcard's version is exactly "2.1": ``` mIs21 = version == QLatin1String("2.1"); ``` ``` sizes.push_back(1024); sizes.push_back(2048); sizes.push_back(3072); // There is probably a better way to check for capabilities if (mIs21) { sizes.push_back(4096); } ``` This means the option doesn't show up on smartcards implementing later versions of the OpenPGP on ISO Smart Card spec, which is up to version 3.4. This affects the latest YubiKey 5, which reports version 3.4. STEPS TO REPRODUCE 1. Open Kleopatra 2. Insert YubiKey 5 3. Select 'Manage Smartcards' from menu 4. Click "Generate new Keys" button OBSERVED RESULT "4096" not listed as an option EXPECTED RESULT "4096" should be listed as an option SOFTWARE/OS VERSIONS Windows: Windows 10 macOS: untested Linux/KDE Plasma: untested ADDITIONAL INFORMATION -- You are receiving this mail because: You are watching all bug changes.