I've injected the same RSA keys to two different smartcard using the
pkcs11-tool, but when I import them in the gpg I got different keyids. With
this behavior a critical problem arises in the below scenario:
Consider I've generated an RSA key pair to sign and verify patches of a
product, and I backed up them in a safe environment and injected them in a
smartcard#1. Then I imported the smart-card resident keys to gpg. In the
product, I use the corresponding public key to verify the product patches.
If something goes wrong with smartcard#1, I expect to inject the backed-up
keys to smartcard#2 and use it to sign patches of the product. However, if
I import smartcard#2 keys in the gpg it leads to different key ids in
comparison to smartcard#1 and as the result, the product couldn't verify
the patch because the keyids are different.
Is there any workaround for this problem?
pkcs11-tool, but when I import them in the gpg I got different keyids. With
this behavior a critical problem arises in the below scenario:
Consider I've generated an RSA key pair to sign and verify patches of a
product, and I backed up them in a safe environment and injected them in a
smartcard#1. Then I imported the smart-card resident keys to gpg. In the
product, I use the corresponding public key to verify the product patches.
If something goes wrong with smartcard#1, I expect to inject the backed-up
keys to smartcard#2 and use it to sign patches of the product. However, if
I import smartcard#2 keys in the gpg it leads to different key ids in
comparison to smartcard#1 and as the result, the product couldn't verify
the patch because the keyids are different.
Is there any workaround for this problem?
