OpenPGP smartcard specs and features

I’m about to order a smart card as a phone accessory but I wonder what’s in the box? I mean - ciphers, functions, hashes, whatever. Or is it really a simple noname javacard which just implements OpenPGP protocol and nothing else?

Not that it will impact my willingness to buy it - just nice to know and have proper expectations.


I am not certain but since @amosbatto tells me that @nicole.faerber is involved with, which is probably the best OpenPGP card shop available, I would imagine the card being offered by Purism will be quite feature-complete. @Kyle_Rankin also remarked in the Matrix chatroom that the card will support 3 RSA-4096 keys and essentially be a Librem Key but in SIM card format.


Since I have been mentioned here :slight_smile: Yes, Floss-Shop is a small side business of Petra and me in Germany. We are doing this since 1999 and have good relationships with many free software projects and help them with our shop, like selling merchandise and giving back a contribution. That’s why we came to sell the OpenPGP cards, I know Werner Koch for many years and help decoupling the card sales from the free software project GNUPG.

That being said, in general yes, the OpenPGP card, regardles where purchased, will work with the Librem5, BUT … you need it as micro-SIM format, which FLOSS-Shop can not offer (only ID-000). So I would recommend, if you want to use an OpenPGP card in the Librem5, to order it from Purism with the phone - it is the same card as the one from FLOSS-Shop just in the right form factor (and a nice Purism logo on it :wink:

The OpenPGP card supports three RSA keys up to 4k, right. Usually two are used for typical PGP use, one encryption and one signature key. The card also allows to store an X.509 certificate. Starting with V3 of the cards these also support elliptic curve cryptography (ECC), up to V3.3 only the NIST and Brainpool curves are supported. As far as I know starting from V3.4 also Curve 25519 is supported, which is supposedly more secure than the NIST or Brainpool curves, but I have to double this with Werner and also when we can start getting the V3.4 cards. ECC is interesting because it is much faster than RSA. Signing with a 4k RSA key can take a really long time on the small smartcard processor.

For full OpenPGP card specs please see:



I’m confused by this. The Purism product page for the Librem 5 says “2FF” and Wikipedia says “2FF” is “mini-SIM”, which is ID-000.

1FF is the full-sized version (~electronic banking card size - 85.60 mm × 53.98 mm × 0.76 mm) and the higher you go in number the more the original size gets divided by that number so the SMALLER the card gets.

is there anything smaller than 4FF for this particular context ? other than eSIM i mean …

Birch had a 2FF (mini-SIM sized, ID-000) smartcard slot, but Dogwood and Evergreen have a 3FF (micro-SIM sized) smartcard slot. (I’m not sure what was the size in Chestnut.)

I assume that you can cut down a 2FF card to fit in a 3FF slot, but it is easier to buy a card that is the right size.


So ideally the Purism product page for the Librem 5 would be updated? @joao.azevedo ?


Good morning all.

Yes, it does, on it.


Oh, shoot, you got us, sorry! Right, we need to update this urgently.
Yes, we originally had 2FF or ID-000, but had to change this due to space constraints and mechanical design. Now it is “micro SIM” form factor for devices since Dogwood, where the smartcard slot was also moved inside the battery compartment. I will followup with the folks maintaining the web site.
Sorry for the confusion!



It seems that only the Shop page was updated and 2FF is still written on the Product Page.

I suggest to add on L5 pages also the dimensions and the weight of the phone.


Thanks for the reminder to check back.

The page I was looking at was and it is still out of date, as you say.

What’s the practical use of this? If someone takes my phone, then they also get my keys… :worried:

But they can’t copy them out of the card, and have only a limited amount of tries to guess the card’s PIN, before the card gets locked.

If that happens the only thing you can do is reset the card.


I wonder if the smart card will be better protected from the rain and splashes, being under the back cover vs having a tray that can be accessed from the edge of the case. I guess it depends whether there was a rubber gasket around the opening of the tray.

Forcing the user to take out the battery to change the smart card will make the programming easier since the Librem 5 will only have to check if an OpenPGP card exists on bootup and won’t have to continually poll whether a card has been inserted or removed.

It is also much safer, since users are less likely to take out the card, which can cause all sorts of problems if the encryption keys on the card are used for vital things like disk encryption. Although users can still take out the smart card when the phone is running, since the Librem 5 can operate without a battery if it is plugged into a USB charging source.

I don’t know how many times I have forgotten passwords/PINs and it took me many tries to get it right. Hopefully, the retry limit isn’t too low, because it could be really bad if this is a permanent locking and the encryption keys are used to access user data.

I’m using an OpenPGP card in an USB dongle with my FreeBSD laptop. One has 3 tries with your PIN and after this again 3 tries with an additional master PIN. After this the card is just unusable piece of junk.

Well nothing isn’t really “unusable”, at the end of the day it can serve is a bad example.

1 Like

As guru mentions, 3 tries for your pin (6 to 64 characters long) and 3 tries for the master pin an the card is locked.
The best practice is to generate the keys on an air-gapped machine and keep the master key securely backed up offline. You then transfer sub-keys only to the card. If the smart card is physically lost or stolen you can revoke the keys, if you only lock yourself out due to excessive pin attempts you can make new subkeys and move them onto the card.
There’s a good set of instructions somewhere from when the FSF issued a “fellowship card” or these ones (also linked at


I would not want those defaults. It often takes me more than 3 tries to correctly enter a password, especially when I’m distracted and not focusing. Plus, someone (like your kid) could pick up the phone to play with it and lock you out of the OpenPGP card. If you need the keys on the OpenPGP to access your data, this could be catastrophic. Someone malicious could also deliberately make 6 bad attempts to lock the OpenPGP card, knowing how much trouble it would cause you.

I would prefer a temporary lockout, not a permanent lockout. I guess some people need permanent lockouts to stop brute force attempts to crack the PIN, but a temporary lockout would be much better for me. My guess is that it is hard to implement temporary lockouts, because that involves storing timestamps of failed login attempts and you don’t want to allow any write access to the smart card to store those timestamps. Also you have the question of how to get reliable datetime, because a hacker could just change the datetime of the system to get around the temporary lockout.

All of this makes me question whether I will use the smart card at all. I’m likely to get into trouble with it.


Its not for everyone, like anything else. Depends on your threat model, etc etc. If you have an alternative you like then nothing wrong with using that. But its cool that the smart card is an option for those who do wish to use it.

1 Like

This is why it’s important to have backups of your keys on physical media in a secure location. At that point, getting locked out of your smart card is at worst a headache involving scanning and OCR’ing a printed copy of your key, and at best a matter of copying the files from a CD to your smartcard after resetting it.

1 Like

I wonder if the smartcard chip itself contains a clock and a battery and how long it would last. Also there already is a side effect alias state change in the smartcard when it memorize7s somehow the number of failed access attempts. Maybe a time based lock where the intervall until the next login attempt would be something for a next generation smart card. All that said I am all but an smart card expert.

In don’t want to judge your PIN habits. Just want to say that sometime we just should focus on one thing at a time.

Depending on the use case of the smart card it may be possible to use it for authentication against an password manager so that you don’t have to memorize so many credentials any longer, but a few that you must use with care.

Or the other way around, a password manager could keep the PIN stored and could auto type it into the smart card dialog. Again it depends on the use case if this is possible.

It general auto type can take care of correct input of credentials.

Just some ideas. Not wisdom.