rsa это механизм создания пару ключей pub/private
Но формат данных это не механизм.
на рутокен rsa в своем формате
на openpgp
rsa pgppublickey/pgpsecretkey
Даже если сгенерировать rsa на токене, то данная пара является не извлекаемой.
https://craftware.xyz/securitybricks/20 … h-pgp.html
Но как здесь происходит магия не понятно. etoken тоже не входит в список поддерживаемых устройств openpgp
сам утилита opensc-tool может работать с этими ключами.
$ gnupg-pkcs11-scd --daemon
$ gpg-agent --daemon
$ gpg-agent --server
gpg --card-edit не видит ее.
gpg --card-edit
gpg: WARNING: server 'scdaemon' is older than us (0.9.2 < 2.2.12)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
Reader ...........: [none]
Application ID ...: D27600012401115031310E1ECC471111
Version ..........: 11.50
Manufacturer .....: unknown
Serial number ....: 0E1ECC47
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa48 rsa48 rsa48
Max. PIN lengths .: 0 0 0
PIN retry counter : 0 0 0
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]
opensc-tool --list-drivers
Configured card drivers:
cardos Siemens CardOS
flex Schlumberger Multiflex/Cryptoflex
cyberflex Schlumberger Cyberflex
gpk Gemplus GPK
gemsafeV1 Gemalto GemSafe V1 applet
asepcos Athena ASEPCOS
starcos STARCOS
tcos TCOS 3.0
oberthur Oberthur AuthentIC.v2/CosmopolIC.v4
authentic Oberthur AuthentIC v3.1
iasecc IAS-ECC
belpic Belpic cards
incrypto34 Incard Incripto34
acos5 ACS ACOS5 card
akis TUBITAK UEKAE AKIS
entersafe entersafe
epass2003 epass2003
rutoken Rutoken driver
rutoken_ecp Rutoken ECP driver
myeid MyEID cards with PKCS#15 applet
dnie DNIe: Spanish eID card
MaskTech MaskTech Smart Card
atrust-acos A-Trust ACOS cards
westcos WESTCOS compatible cards
muscle MuscleApplet
sc-hsm SmartCard-HSM
mcrd MICARDO 2.1 / EstEID 1.0 - 3.5
setcos Setec cards
PIV-II Personal Identity Verification Card
cac Common Access Card (CAC)
itacns Italian CNS
isoApplet Javacard with IsoApplet
gids GIDS Smart Card
openpgp OpenPGP card
jpki JPKI(Japanese Individual Number Cards)
coolkey COOLKEY
npa German ID card (neuer Personalausweis, nPA)
default Default driver for unknown cards