Open vigno88 opened 1 week ago
I honestly do not, you can pick the same RSA key, but not sure how to create the exact public attributes.
What does it even mean to pick the same RSA key? If two keys are generated from the same RSA key, then a blob is signed with each key. Both blob signatures cannot be verified with both public key even tough they are generated from the same RSA key.. (at least, that's what is happening to me when i'm trying)
In a "non-hsm" environment, I could derive the same GPG from a unique RSA key by doing:
This will always result in the same key in gpg.
Is it possible to replicate this using a key stored in an HSM? Whenever I try to
--full-generate-key
(while passing--faked-system-time
to gpg) I get a different command.Thanks,
Nathan AV