Using two OpenPGP cards
Jacob Bachmeyer
jcb62281 at gmail.com
Sat Oct 30 03:35:43 CEST 2021
Matthias Apitz wrote:
> The question here is: Can I somehow transfer the keys from the used
> OpenPGP card to this new card (and copy over the tree of encrypted
> passwords to the phone) or do I have to move the passwords in clear and
> crypt them again with the new card?
If I understand correctly that your tool uses public keys, you will need to:
1. Generate keys on your new device.
2. Export the public key for your new smartcard.
3. Arrange for your password store to be encrypted for *both* public keys.
4. Copy the appropriately encrypted password store to the new device.
5. Use the new card's secret key to access the encrypted password store.
If your tool is using a symmetric key embedded in the smartcard, you
will need to transfer the passwords "in the clear" but you could use a
keypair to wrap the bundle during transit. The entire purpose of a
smartcard here is that the secret keys cannot be extracted from it.
-- Jacob
More information about the Gnupg-users
mailing list