aboutsummaryrefslogtreecommitdiffstats
path: root/agent/tpm2.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-03-09tpm2: add handling for elliptic curve keysJames Bottomley1-16/+235
* agent/divert-tpm2.c: Support ECC. -- This adds handling for the way gnupg does elliptic keys, namely ECDSA for signatures and using ECDH with an ephemeral key to generate an encrypted message. The main problem is that the TPM2 usually has a very small list of built in curves and it won't handle any others. Thanks to TCG mandates, all TPM2 systems in the USA should come with NIST P-256, but do not come with the Bernstien curve 25519, so the only way to use the TPM2 to protect an elliptic curve key is first to create it with a compatible algorithm. Signed-off-by: James Bottomley <[email protected]>
2018-03-09agent: add tpm specific functionsJames Bottomley1-0/+784
* agent/tpm2.c: New. * agent/Makefile.am (gpg_agent_SOURCES): Add new file. (gpg_agent_LDFLAGS): Add DL_LIBS. * agent/tpm2.h: New. -- This commit adds code to handle the three specific functions needed to make the agent TPM aware, namely the ability to load a key from shadow information, the ability to sign a digest with that key, the ability to decrypt with the key and the ability to import a key to the TPM. The TPM2 is a bit of an esoteric beast, so all TPM specific callouts are confined inside this code. Additionaly, it requires the tss2 library to function, so the code is designed such that if the library isn't present then all TPM functions simply fail. This allows the code to be compiled with TPM support, but not require that the support library be present on the system. Signed-off-by: James Bottomley <[email protected]> - Added ChangeLog entries. - Added DL_LIBS. - Removed one -Wdeclaration-after-statement case. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 22:34:51 +0000