From 64e7c237db1eb5f463f4b810b09eda232da83676 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 8 Nov 2012 15:59:47 +0100 Subject: Create off-line card encryption key with the right size. * g10/keygen.c (gen_card_key_with_backup): Get the size of the key from the card. -- Formerly the off-line encryption key was created with a fixed length of 1024 bit. With this change the key is created as expected. GnuPG-bug-id: 1230 --- g10/keygen.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/g10/keygen.c b/g10/keygen.c index 7c473cbaf..30ec370c6 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -3711,10 +3711,25 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary, PKT_public_key *pk; size_t n; int i; + unsigned int nbits; sk_unprotected = NULL; sk_protected = NULL; - rc = generate_raw_key (algo, 1024, timestamp, + + /* Get the size of the key directly from the card. */ + { + struct agent_card_info_s info; + + memset (&info, 0, sizeof info); + if (!agent_scd_getattr ("KEY-ATTR", &info) + && info.key_attr[1].algo) + nbits = info.key_attr[1].nbits; + else + nbits = 1024; /* All pre-v2.0 cards. */ + agent_release_card_info (&info); + } + + rc = generate_raw_key (algo, nbits, timestamp, &sk_unprotected, &sk_protected); if (rc) return rc; -- cgit v1.2.3