security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/common
History
James Bottomley 62a7854816
tpm2d: Add tpm2daemon code 
* tpm2d: New directory.
* Makefile.am (SUBDIRS): Add directory.
* configure.ac: Detect libtss and decide whether to build tpm2d.
* am/cmacros.am: Add a define.
* util.h (GNUPG_MODULE_NAME_TPM2DAEMON): New.
* common/homedir.c (gnupg_module_name): Add tpm2d.
* common/mapstrings.c (macros): Add "TPM2DAEMON".
* tools/gpgconf.h (GC_COMPONENT_TPM2DAEMON): New.
* tools/gpgconf-comp.c (known_options_tpm2daemon): New.
(gc_component): Add TPM2.
(tpm2daemon_runtime_change): New.
* tpm2d/Makefile.am: New.
* tpm2d/command.c: New.
* tpm2d/ibm-tss.h: New.
* tpm2d/tpm2.c: New.
* tpm2d/tpm2.h: New.
* tpm2d/tpm2daemon.c: New.
* tpm2d/tpm2daemon.h: New.

---
This commit adds and plumbs in a tpm2daemon to the build to mirror the
operation of scdaemon.  The architecture of the code is that
tpm2daemon.c itself is pretty much a clone of scd/scdaemon.c just with
updated function prefixes (this argues there could be some further
consolidation of the daemon handling code).  Note that although this
commit causes the daemon to be built and installed, nothing actually
starts it or uses it yet.

Command handling
----------------

command.c is copied from the command handler in scd.c except that the
command implementation is now done in terms of tpm2 commands and the
wire protocol is far simpler.  The tpm2daemon only responds to 4
commands

IMPORT:    import a standard s-expression private key and export it to
           TPM2 format.  This conversion cannot be undone and the
           private key now can *only* be used by the TPM2.  To anyone
           who gets hold of the private key now, it's just an
           encrypted binary blob.

PKSIGN:    create a signature from the tpm2 key.  The TPM2 form private
           key is retrieved by KEYDATA and the hash to be signed by
           EXTRA.  Note there is no hash specifier because the tpm2
           tss deduces the hash type from the length of the EXTRA
           data.  This is actually a limitation of the tpm2 command
           API and it will be interesting to see how this fares if the
           tpm2 ever supports say sha3-256 hashes.

PKDECRYPT: decrypt (RSA case) or derive (ECC case) a symmetric key.
	   The tpm2 for private key is retrieved by KEYDATA and the
	   information used to create the symmetric key by EXTRA.

KILLTPM2D: stop the daemon

All the tpm2 primitives used by command.c are in tpm2.h and all the
tpm2 specific gunk is confined to tpm2.c, which is the only piece of
this that actually does calls into the tss library.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Changes from James' patch:

- gpgconf: The displayed name is "TPM" and not "TPM2".  That
  string is used by GUIs and should be something the user
  understands.  For example we also use "network" instead
  of "Dirmngr".
- Removed some commented includes.
- Use 16 as emulation of GPG_ERR_SOURCE_TPM2.
- Silenced a C90 compiler warning and flags unused parameters.
- Removed "if HAVE_LIBS" from tpm2/Makefile.am and add missing
  files so that make distcheck works.

Signed-off-by: Werner Koch <wk@gnupg.org>
 		2021-03-10 12:33:08 +01:00
..
ChangeLog-2011 Fix typos 2015-10-28 10:20:17 +01:00
ChangeLog-2011.include Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
ChangeLog.jnlib common: Remove JNLIB from boiler plate (jnlib merge). 2015-04-24 16:42:28 +02:00
Makefile.am common: Rename w32-misc.c to w32-cmdline.c 2021-03-04 17:14:02 +01:00
README common: Update README. 2016-03-02 14:27:30 +01:00
agent-opt.c agent: New OPTION pretend-request-origin 2018-03-23 08:37:14 +01:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
asshelp.c keyboxd: Integrate into gpgconf. 2020-09-24 10:37:41 +02:00
asshelp.h Use only one copy of the warn_server_mismatch function. 2020-09-01 20:43:57 +02:00
asshelp2.c Use only one copy of the warn_server_mismatch function. 2020-09-01 20:43:57 +02:00
audit.c sm: Consider certificates w/o CRL DP as valid. 2020-03-27 21:16:07 +01:00
audit.h headers: fix spelling 2018-10-25 16:53:05 -04:00
b64dec.c g10, sm, dirmngr, common: Add comment for fall through. 2017-05-10 11:13:12 +09:00
b64enc.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
call-gpg.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
call-gpg.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
ccparray.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
ccparray.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
common-defs.h Support a history file in gpg-card and gpg-connect-agent. 2020-07-02 15:48:55 +02:00
compliance.c Include the library version in the compliance checks. 2021-01-28 15:48:08 +01:00
compliance.h Include the library version in the compliance checks. 2021-01-28 15:48:08 +01:00
convert.c scd: Use a scdaemon internal key to protect the PIN cache IPC. 2020-01-09 12:00:50 +01:00
dotlock.c gpg,w32: Fix gnupg_remove. 2021-01-11 14:19:06 +01:00
dotlock.h Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
dynload.h Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
exaudit.awk Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
exechelp-posix.c Replace all calls to access by gnupg_access 2020-10-20 12:15:55 +02:00
exechelp-w32.c w32: Change spawn functions to use Unicode version of CreateProcess. 2021-03-08 21:53:28 +01:00
exechelp-w32ce.c doc: Update copyright notices for common/exechelp*. 2017-11-29 11:32:42 +01:00
exechelp.h common: New helper function gnupg_close_pipe. 2020-09-02 14:49:24 +02:00
exectool.c w32: Fix cast from intptr_t of _get_osfhandle. 2020-08-03 13:34:26 +09:00
exectool.h Spelling cleanup. 2020-02-18 18:07:46 -05:00
exstatus.awk Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
fwddecl.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gc-opt-flags.h gpgconf: Further simplify the gpgconf option processing. 2020-03-14 19:12:41 +01:00
get-passphrase.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
get-passphrase.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gettime.c w32: Fix strftime problem on Windows. 2020-11-03 19:32:11 +01:00
gettime.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gnupg.ico w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
gpgrlhelp.c Support a history file in gpg-card and gpg-connect-agent. 2020-07-02 15:48:55 +02:00
helpfile.c Replace most of the remaining stdio calls by estream calls. 2020-10-20 12:15:56 +02:00
homedir.c tpm2d: Add tpm2daemon code 2021-03-10 12:33:08 +01:00
host2net.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
i18n.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
i18n.h Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
init.c w32: Always use Unicode for console input and output. 2021-03-05 15:33:40 +01:00
init.h Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
iobuf.c Replace most calls to open by a new wrapper. 2020-10-20 14:08:35 +02:00
iobuf.h build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
isascii.c common: Change license of isascii.c to all-premissive, 2015-12-14 16:21:19 +01:00
keyserver.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
ksba-io-support.c sm: Remove left over debug output. 2020-02-17 11:36:43 +01:00
ksba-io-support.h common: Rename remaining symbols in ksba-io-support. 2017-02-16 17:21:05 +01:00
localename.c common: Fix warning for portability. 2017-03-07 10:42:46 +09:00
logging.h Require libgpg-error 1.29 and remove internal logging functions. 2018-06-12 13:46:00 +02:00
mapstrings.c tpm2d: Add tpm2daemon code 2021-03-10 12:33:08 +01:00
mbox-util.c common: Prepare for parsing mail sub-addresses. 2018-11-12 07:44:33 +01:00
mbox-util.h common: Prepare for parsing mail sub-addresses. 2018-11-12 07:44:33 +01:00
membuf.c Clean up word replication. 2017-02-21 13:11:46 -05:00
membuf.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
miscellaneous.c common: Add xreallocarray function. 2020-03-04 13:55:53 +01:00
mischelp.c common/mischelp: use platform memory zeroing function for wipememory 2018-12-01 13:43:09 +02:00
mischelp.h common/mischelp: use platform memory zeroing function for wipememory 2018-12-01 13:43:09 +02:00
mkdir_p.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
mkdir_p.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
mkerrors all: fix more spelling errors 2018-10-25 16:53:05 -04:00
mkerrtok all: fix more spelling errors 2018-10-25 16:53:05 -04:00
mkstrtable.awk common: Fix AWK portability. 2019-04-16 13:24:10 +09:00
name-value.c common: Fix line break handling, finding a space. 2019-08-06 13:14:58 +09:00
name-value.h common: New functions nvc_delete_named and nvc_get_string. 2019-05-07 11:09:09 +02:00
openpgp-oid.c Silence compiler warnings. 2020-08-19 13:21:32 +09:00
openpgp-s2k.c Fix a reference in comment. 2019-07-12 12:11:26 +09:00
openpgpdefs.h gpg: New option --include-key-block. 2020-03-13 13:34:49 +01:00
percent.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
pkscreening.c gpg,sm: New option --with-key-screening. 2017-10-17 21:10:19 +02:00
pkscreening.h gpg,sm: New option --with-key-screening. 2017-10-17 21:10:19 +02:00
recsel.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
recsel.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
server-help.c common: New functions get_option_value and ascii_strupr. 2019-02-08 11:13:33 +01:00
server-help.h common: New functions get_option_value and ascii_strupr. 2019-02-08 11:13:33 +01:00
session-env.c agent: Support ssh-agent extensions for environment variables. 2021-01-25 10:35:06 +01:00
session-env.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
sexp-parse.h headers: fix spelling 2018-10-25 16:53:05 -04:00
sexputil.c Require Libgcrypt 1.9 2021-01-19 10:33:03 +01:00
shareddefs.h agent: New OPTION pretend-request-origin 2018-03-23 08:37:14 +01:00
signal.c build: Update to newer autoconf constructs. 2020-11-18 14:12:51 +09:00
simple-pwquery.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
simple-pwquery.h Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
ssh-utils.c Fix use of strncpy, which is actually good to use memcpy. 2018-09-06 11:41:13 +09:00
ssh-utils.h common: Support different digest algorithms for ssh fingerprints. 2017-05-24 17:01:48 +02:00
status.c Use only one copy of the warn_server_mismatch function. 2020-09-01 20:43:57 +02:00
status.h gpg: Add canceled status message. 2020-11-05 11:19:15 -08:00
stringhelp.c common,agent,dirmngr,g10,tools: Fix split_fields API. 2020-09-18 10:20:23 +09:00
stringhelp.h common,agent,dirmngr,g10,tools: Fix split_fields API. 2020-09-18 10:20:23 +09:00
strlist.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
strlist.h Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
sysutils.c Require GpgRT version 1.41. 2021-02-10 08:32:57 +01:00
sysutils.h gpg,w32: Fix gnupg_remove. 2021-01-11 14:19:06 +01:00
t-b64.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-ccparray.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-convert.c common: New function hex2fixedbuf. 2019-10-01 10:32:31 +02:00
t-dotlock.c w32: Allow Unicode filenames for dotlock 2020-10-20 13:38:11 +02:00
t-exechelp.c all: fix spelling and typos 2018-10-24 15:56:18 -04:00
t-exectool.c Replace all calls to access by gnupg_access 2020-10-20 12:15:55 +02:00
t-gettime.c tests: Fix t-gettime for a time_t of 64 and a long of 32 bit. 2017-01-12 10:39:19 +01:00
t-helpfile.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-iobuf.c Replace use of variable-length-arrays. 2017-01-02 13:29:18 +01:00
t-mapstrings.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-mbox-util.c tests: Add two user-id parsing test cases. 2019-09-17 16:19:28 +02:00
t-name-value.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
t-openpgp-oid.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
t-percent.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
t-recsel.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-session-env.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
t-sexputil.c common: New function cmp_canon_sexp. 2020-09-11 15:23:22 +02:00
t-ssh-utils.c common: Correctly render SHA256-based ssh fingerprints. 2017-05-24 17:07:13 +02:00
t-stringhelp.c common,agent,dirmngr,g10,tools: Fix split_fields API. 2020-09-18 10:20:23 +09:00
t-strlist.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
t-support.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
t-support.h Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
t-sysutils.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-timestuff.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
t-w32-cmdline.c common,w32: Implement globing of command line args. 2021-03-04 16:59:21 +01:00
t-w32-reg.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
t-zb32.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
tlv-builder.c common: Add an easy to use DER builder. 2020-04-24 15:37:48 +02:00
tlv.c common: New function cmp_canon_sexp. 2020-09-11 15:23:22 +02:00
tlv.h common: Add an easy to use DER builder. 2020-04-24 15:37:48 +02:00
ttyio.c w32: Free memory allocated by new function w32_write_console. 2021-03-05 10:53:55 +01:00
ttyio.h Support a history file in gpg-card and gpg-connect-agent. 2020-07-02 15:48:55 +02:00
types.h build: Use modern Autoconf check for types. 2020-11-18 13:36:30 +09:00
userids.c kbx: Change X.509 S/N search definition. 2020-09-09 20:34:59 +02:00
userids.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
utf8conv.c common: Fix fallback handling to utf-8. 2020-08-28 15:18:00 +09:00
utf8conv.h Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
util.h tpm2d: Add tpm2daemon code 2021-03-10 12:33:08 +01:00
utilproto.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
w32-cmdline.c common: Rename w32-misc.c to w32-cmdline.c 2021-03-04 17:14:02 +01:00
w32-reg.c Clarify text of LGPLv2+/GPLv2+ licensed files. 2017-02-24 13:48:28 +01:00
w32help.h common: Rename w32-misc.c to w32-cmdline.c 2021-03-04 17:14:02 +01:00
w32info-rc.h.in tools,w32: Add resource and manifest files to all binaries. 2021-02-21 12:38:55 +01:00
xasprintf.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
xreadline.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
yesno.c Clean up word replication. 2017-02-21 13:11:46 -05:00
zb32.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
zb32.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00

README 

Common functionality used by all modules of GnuPG.