[PATCH v2 0/3] Add TPM2 support to gnupg 2.3
James Bottomley
James.Bottomley at HansenPartnership.com
Thu Jun 25 20:46:31 CEST 2020
This patch series is based on the master branch with the two patches
Werner upported applied. I'm not as familiar with this branch, so the
patch set is lightly tested, but I have got it to do key conversion,
signing and encryption successfully. I may have missed some
subtleties of the new daemon structure, but the tpm2daemon is very
simple, so hopefully it doesn't matter.
This branch also contains the code to derive an EC primary each time,
so it will work out of the box on any TPM2 system without the need to
create a persistent RSA storage key at 81000001.
For those who want to try it out, I've created a git tree with these
patches in at
https://git.kernel.org/pub/scm/linux/kernel/git/jejb/gnupg.git
The master-tpm-daemon branch is based on 2.3 and the
stable-2-2-tpm-daemon branch is currently based on 2.2.20
James
---
James Bottomley (3):
tpm2d: Add tpm2daemon code
agent: Add new shadow key type and functions to call tpm2daemon
g10: add new command keytotpm to convert a private key to TPM format
Makefile.am | 7 +-
agent/Makefile.am | 5 +
agent/agent.h | 50 ++
agent/call-daemon.c | 3 +-
agent/call-tpm2d.c | 248 ++++++++
agent/command.c | 57 ++
agent/divert-tpm2.c | 144 +++++
agent/gpg-agent.c | 4 +
agent/keyformat.txt | 12 +-
agent/pkdecrypt.c | 8 +-
agent/pksign.c | 16 +-
am/cmacros.am | 3 +
common/homedir.c | 7 +
common/mapstrings.c | 1 +
common/util.h | 1 +
configure.ac | 39 ++
g10/call-agent.c | 22 +
g10/call-agent.h | 3 +
g10/keyedit.c | 45 +-
tools/gpgconf-comp.c | 62 +-
tools/gpgconf.h | 3 +
tpm2d/Makefile.am | 18 +
tpm2d/command.c | 508 +++++++++++++++++
tpm2d/tpm2.c | 1048 ++++++++++++++++++++++++++++++++++
tpm2d/tpm2.h | 36 ++
tpm2d/tpm2daemon.c | 1289 ++++++++++++++++++++++++++++++++++++++++++
tpm2d/tpm2daemon.h | 105 ++++
27 files changed, 3731 insertions(+), 13 deletions(-)
create mode 100644 agent/call-tpm2d.c
create mode 100644 agent/divert-tpm2.c
create mode 100644 tpm2d/Makefile.am
create mode 100644 tpm2d/command.c
create mode 100644 tpm2d/tpm2.c
create mode 100644 tpm2d/tpm2.h
create mode 100644 tpm2d/tpm2daemon.c
create mode 100644 tpm2d/tpm2daemon.h
--
2.26.2
More information about the Gnupg-devel
mailing list