Hi,
For OpenPGP at least, the Nitrokey Start supports RSA keys of 4096 bits, although it is reportedly slow. For my university S/MIME certificate, this is something I’m willing to live with.
After first using this to workaround an OpenSSL issue, I have found that I get the following output:
Using reader with a card: Nitrokey Nitrokey Start (FSIJ-1.2.15-34353135) 00 00
User PIN required.
Please enter User PIN [Admin PIN]:
NOTE: couldn't find privkey 03 to delete
NOTE: couldn't find pubkey 03 to delete
Deleted 0 objects
Importing 1 certificates:
0: /postalCode=47405/O=Indiana University-Bloomington/street=107 South Indiana Ave/ST=Indiana/C=US/CN=John Scott/emailAddress=jolescot@iu.edu
Failed to store private key: Key length/algorithm not supported by card
My suspicion is that it doesn’t like the key size. Is there a way to force it to accept the key?