Storing key on multiple smartcards
gniibe at fsij.org
Mon Apr 22 06:43:10 CEST 2019
Frederick Zhang <frederick888 at tsundere.moe> wrote:
> That sounds great! I was thinking that working around the current shadow
> key logic might require fewer changes but removing serial numbers from
> shadow keys is indeed better.
Let me share some technical detail of GnuPG internal.
My plan (in master, towards 2.3) is:
(1) gpg-agent shadow key protocol fix/modification
Now, gpg-agent assumes one private key material resides in a single
smartcard. This restriction should be relaxed.
While current flow from gpg-agent to scdaemon is:
keygrip -> private key file -> shadow-info -> serial number + id_string
It should be possible, directly using keygrip to scdaemon:
Then, we don't need the serial number as shadow-info in private key file.
I think that this direct use of keygrip will simplify things in GnuPG.
Besides, current protocol in use is named "t1-v1", which is typo.
(2) scdaemon modification
Now, the way to specify a key is:
serial number + id_string
serial number + "/" + fingerprint
where id_string is "OpenPGP.1", "OpenPGP.2", and "OpenPGP.3".
I'd like to extend it using a keygrip to specify a key.
Once, those modifications will be done, it's more straightforward to
support different use cases with smartcard. (Or, those modifications
themselves will solve some existing issues automatically.)
Some use cases will still remain. Some day, I'd like to support a use
case where signing+encryption is done naturally. That is, signing with
a signing key on inserted smartcard and encryption for a encryption key
on that card.
More information about the Gnupg-devel