[Gnuk-users] Multiple retired encryption keys

NdK ndk.clanbo at gmail.com
Sat Sep 23 20:28:47 UTC 2017

Il 23/09/2017 00:21, Gary ha scritto:

> If not, what level of work would be involved to get gnupg+gnuk to
> support the addition of multiple expired/old encryption keys? Is this
> something that's likely to happen?
That's something I started doing some years ago (2013, when studying
smartcard programming), but then left incomplete.

The smartcards I was using supported many RSA keys and some even NFC, so
I thought to use slots for:
- 1 key for signature
- N keys for decryption (selectable by sending a special command)
- 2 keys for auth (different for contact and contactless operation)
That would have been completely transparent for GPG.

Moreover I wanted to support secure key export.

Probably a task too big for a newbie, even with the help of Petr Svenda.
You can still find the code on github:

Probably the same technique could be used for the FST-01, to make good
use of the external memory :)


More information about the gnuk-users mailing list