diff options
| author | James Bottomley <[email protected]> | 2021-03-09 21:50:29 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2021-03-10 12:23:05 +0000 |
| commit | 1f995b9ba42b76c1d83b484e5362548a54a70dab (patch) | |
| tree | 7d0c02dfd604251dc98b8276a9f267df839055a8 /agent/protect.c | |
| parent | tpm2d: Add tpm2daemon code (diff) | |
| download | gnupg-1f995b9ba42b76c1d83b484e5362548a54a70dab.tar.gz gnupg-1f995b9ba42b76c1d83b484e5362548a54a70dab.zip | |
agent: Add new shadow key type and functions to call tpm2daemon
* agent/call-tpm2d.c: New.
* divert-tpm2.c: New.
* agent/Makefile.am: Add new files.
* agent/agent.h (DAEMON_TPM2D): New. Add stub fucntions.
* agent/call-daemon.c (GNUPG_MODULE_NAME_TPM2DAEMON): New.
* agent/command.c (do_one_keyinfo): Handle tpmv2.
* agent/gpg-agent.c (oTpm2daemonProgram): New.
(opts): New option --tpm2daemon-program.
(parse_rereadable_options): Handle option.
* agent/pkdecrypt.c (agent_pkdecrypt): Divert to tpm2d.
(agent_pksign_do): Ditto.
---
A new shadow key type: "tpm2-v1" is introduced signalling that the
shadowed key is handled by the tpm2daemon. A function to identify
this type is introduced and diversions to the tpm2daemon functions are
conditioned on this function for pkign and pkdecrypt where the same
diversions to scd are currently done. The (info) field of the
shadowed key stores the actual TPM key. The TPM key is encrypted so
only the physical TPM it was created on can read it (so no special
protection is required for the info filed), but if the (info) field
becomes corrupt or damaged, the key will be lost (unlike the token
case, where the key is actually moved inside the token).
Note, this commit adds handling for existing TPM format shadow keys,
but there is still no way to create them.
Signed-off-by: James Bottomley <[email protected]>
Additional changes:
* Add ChangeLog entries.
* Some minor indentation fixes.
* agent/Makefile.am (gpg_agent_SOURCES): Change to make distcheck
work.
* agent/agent.h [!HAVE_LIBTSS]: Do not return -EINVAL but an
gpg_error_t. Mark args as unused.
* agent/protect.c (agent_is_tpm2_key): Free BUF.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'agent/protect.c')
| -rw-r--r-- | agent/protect.c | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/agent/protect.c b/agent/protect.c index 54666e717..76ead444b 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -1679,41 +1679,46 @@ agent_get_shadow_info_type (const unsigned char *shadowkey, return 0; } + gpg_error_t -agent_get_shadow_info(const unsigned char *shadowkey, - unsigned char const **shadow_info) +agent_get_shadow_info (const unsigned char *shadowkey, + unsigned char const **shadow_info) { - return agent_get_shadow_info_type(shadowkey, shadow_info, NULL); + return agent_get_shadow_info_type (shadowkey, shadow_info, NULL); } + int -agent_is_tpm2_key(gcry_sexp_t s_skey) +agent_is_tpm2_key (gcry_sexp_t s_skey) { unsigned char *buf; unsigned char *type; size_t len; gpg_error_t err; - err = make_canon_sexp(s_skey, &buf, &len); + err = make_canon_sexp (s_skey, &buf, &len); if (err) return 0; - err = agent_get_shadow_info_type(buf, NULL, &type); + err = agent_get_shadow_info_type (buf, NULL, &type); if (err) return 0; + xfree (buf); - err = strcmp(type, "tpm2-v1") == 0; - xfree(type); + err = strcmp (type, "tpm2-v1") == 0; + xfree (type); return err; } + gpg_error_t -agent_get_shadow_type(const unsigned char *shadowkey, - unsigned char **shadow_type) +agent_get_shadow_type (const unsigned char *shadowkey, + unsigned char **shadow_type) { - return agent_get_shadow_info_type(shadowkey, NULL, shadow_type); + return agent_get_shadow_info_type (shadowkey, NULL, shadow_type); } + /* Parse the canonical encoded SHADOW_INFO S-expression. On success the hex encoded serial number is returned as a malloced strings at R_HEXSN and the Id string as a malloced string at R_IDSTR. On |