security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/g10
History
James Bottomley 92b601fcee
gpg: Add new command keytotpm to convert a private key to TPM format 
* agent/command.c (cmd_keytotpm): New.
(agent/command.c): Register new command KEYTOTPM.
* g10/call-agent.c (agent_keytotpm): New.
* g10/keyedit.c (cmdKEYTOTPM): New command "keytotpm".
(keyedit_menu): Implement.

--

The plumbing is done in two parts: the agent is modified to understand
a KEYTOTPM assuan command taking the key grip as an argument.  This
simply obtains the key s expression and calls the existing writeky
diversion to the tpm2daemon.  The daemon reponds with the TPM
conversion of the key and that key is then stored in the keyfile as a
shadowed-private-key with "tpm2-v1" type.

To effect the conversion, all the user does from gpg --edit-key is
select which private key they wish to move (or move the primary if no
key is selected) and type keytotpm.  The conversion to TPM form is
instantaneous and once converted, the actual key cannot be recovered,
meaning that if you want your gpg key to move to a new laptop you must
keep an unconverted backup copy in a safe location.

When you do a list command, all TPM keys show up as

     card-no: TPM-Protected

The key is stored encrypted to the TPM2 storage seed and since each
TPM has a unique seed, only the single TPM contained in your laptop
can now read the key.  This means you cannot simply copy the shadowed
key file over to a new laptop, you must copy over the backup copy and
then convert it to TPM form on the new laptop.

To decomission your laptop, execute a tssclear command which
regenerates the storage seed and effectively shreds all keys.  Note
when you have done this *every* TPM2 shadowed private key becomes
unreadable by any TPM and all are effectively destroyed.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Very minor cosmetic changes.

Signed-off-by: Werner Koch <wk@gnupg.org>
 		2021-03-10 13:34:18 +01:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am gpg: Remove more or less useless tool gpgcompose. 2021-02-02 13:06:33 +01:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:20:07 +09:00
build-packet.c gpg,ecc: Handle external representation as SOS with opaque MPI. 2020-06-09 10:32:47 +09:00
call-agent.c gpg: Add new command keytotpm to convert a private key to TPM format 2021-03-10 13:34:18 +01:00
call-agent.h gpg: Add new command keytotpm to convert a private key to TPM format 2021-03-10 13:34:18 +01:00
call-dirmngr.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
call-dirmngr.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
call-keyboxd.c gpg: New experimental import option "bulk-import" 2020-09-24 16:47:10 +02:00
card-util.c gpg: Change API of agent_scd_serialno. 2020-11-20 17:19:45 +09:00
cipher-aead.c g10: Fix log_debug formatting. 2018-11-08 12:14:23 +09:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c Use only one copy of the warn_server_mismatch function. 2020-09-01 20:43:57 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Make AEAD modes subject to compliance checks. 2020-04-16 08:52:29 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:40:24 +02:00
dek.h gpg: More check for symmetric key encryption. 2019-07-18 11:02:34 +09:00
delkey.c gpg: Fix the previous commit. 2020-11-11 09:13:13 +09:00
distsigkey.gpg Add a new dist signing key 2020-08-24 19:47:26 +02:00
ecdh.c ecc: Use "cv448" to specify key using X448. 2020-06-23 10:10:29 +09:00
encrypt.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
exec.c w32: Change spawn functions to use Unicode version of CreateProcess. 2021-03-08 21:53:28 +01:00
exec.h gpg: photoid: Move functions from exec.c. 2019-07-25 11:21:58 +09:00
expand-group.c gpg: Fix expand GPG groups when resolving a key 2019-09-30 14:08:13 +02:00
export.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
filter.h g10/armor: use libgcrypt's CRC24 implementation 2018-11-08 21:31:12 +02:00
free-packet.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
getkey.c gpg: Fix selection of key. 2021-02-05 13:49:10 +09:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c w32: Always use Unicode for console input and output. 2021-03-05 15:33:40 +01:00
gpg.h gpg: Change the way v5 fingerprints are printed. 2019-11-28 12:05:32 +01:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Remove experimental feature to export w/o user-ids. 2021-02-02 12:57:00 +01:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-15 20:41:38 +01:00
key-check.c gpg: Fix debug output for key_check_all_keysigs with opaque MPI. 2020-11-02 11:32:27 +09:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Sort the signatures in standard key listings. 2020-10-27 17:21:19 +01:00
key-clean.h headers: fix spelling 2018-10-25 16:53:05 -04:00
keydb-private.h gpg: Set the found-by flags in the keyblock in keyboxd mode. 2020-09-22 16:20:41 +02:00
keydb.c w32: Replace some fopen by es_fopen. 2020-11-11 15:23:22 +01:00
keydb.h gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:34:21 +01:00
keyedit.c gpg: Add new command keytotpm to convert a private key to TPM format 2021-03-10 13:34:18 +01:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
keygen.c gpg: Make quick-gen-key with algo "card" work for keys without keytime 2020-12-07 15:15:10 +01:00
keyid.c gpg: Fix trustdb for v5key. 2020-08-07 13:02:47 +09:00
keylist.c gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
keyserver.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
main.h gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 13:45:19 +01:00
mainproc.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-20 12:15:56 +02:00
misc.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
objcache.c Spelling cleanup. 2020-02-18 18:07:46 -05:00
objcache.h gpg: Fix getting User ID. 2019-07-11 12:32:44 +09:00
openfile.c common: Fix duplicate implementation of try_make_homedir. 2020-11-04 16:13:04 +01:00
options.h gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
packet.h gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
parse-packet.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
passphrase.c gpg: Add canceled status message. 2020-11-05 11:19:15 -08:00
photoid.c gpg: Keep temp files when opening images via xdg-open 2021-03-01 09:43:26 +01:00
photoid.h gpg: A little clean up. 2019-07-23 12:04:21 +09:00
pkclist.c gpg: Do not allow old cipher algorithms for encryption. 2021-02-10 14:40:02 +01:00
pkglue.c gpg: Fix first zero-byte case for SOS handling. 2020-10-30 15:21:20 +09:00
pkglue.h gpg: Use bytes for ECDH. 2020-06-09 15:45:51 +09:00
plaintext.c w32: Replace some fopen by es_fopen. 2020-11-11 15:23:22 +01:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Reword warning about decryption w/o using a non-encrypt key. 2020-07-14 11:01:45 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 17:06:27 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c gpg,ecc: Handle external representation as SOS with opaque MPI. 2020-06-09 10:32:47 +09:00
sig-check.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 13:45:19 +01:00
sign.c gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. 2020-11-13 16:34:21 +01:00
skclist.c gpg: Change API of agent_scd_serialno. 2020-11-20 17:19:45 +09:00
t-keydb-get-keyblock.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c gpg: New option --use-keyboxd. 2019-09-09 15:01:47 +02:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Remove support for PKA. 2021-02-02 19:53:21 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:50:47 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:32:47 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-20 16:38:06 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c gpg: Sort the signatures in standard key listings. 2020-10-27 17:21:19 +01:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:32:55 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00