Smartcard interaction improvement (was: Shadowed private key design (for smartcard))
Testing, HighPublic

Description

Shadowed key includes serial number of the smartcard, so that GnuPG can ask a
user about the specific card when signature/decryption will be asked (but not
yet the card is ready).

This is better to improve. (1) some people have a practice to put same private
key on multiple smartcards (say, for backup). (2) a user wants to migrate to
new card/token. (3) Most users don't care/know about serial number of smartcard
which is recorded in the shadowed key.

gniibe added a subscriber: gniibe.
werner added a subscriber: werner.Mar 23 2016, 5:53 PM

I have two ideas on how to imrpove this:

  1. If an appropriate card is plugged in we could try to use it. This is similar to what we do in command-ssh.c
  1. Rework the private key file format to allow adding several serial numbers for one card. This rework needs to be done anyway for another features (OpenSSH certifcactes)
werner removed a project: Bug Report.

Yes, there are two things to implement; How gpg frontend use gpg-agent (1 in Werner's comment), and new shadowed key format support (2 in Werner's comment).

Considering again, I think that (2) is not that important. So, I am changing the title of this ticket. For this, it can be also done not using new private key format, but just only extend the shadowed information format. Now, it's "t1-v1". We can also support another format, say, "t1-v2".

The real part is (1), which requires changes in gpg. I think that this is somehow also needed in case of better support of encrypted data to anonymous.

In case of SSH, SSH asks gpg-agent for available card(s), and then, asks signing with a specific key on the card.

On the other hand, currently, gpg asks gpg-agent for signing/encryption with no information if the corresponding card is available now or not. It is gpg-agent which asks a user to insert matching card if not available.

This interaction should be changed; gpg should know current cards available, by asking gpg-agent, beforehand. And then, gpg should ask signing/decryption using the card. (It is still gpg-agent which asks a user to authenticate the card.)

It will be gpg for inserting card.

That's my thought, now. How about implementing this in GnupG 2.1?

gniibe renamed this task from Shadowed private key design (for smartcard) to Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).Apr 14 2017, 3:54 AM
gniibe updated the task description. (Show Details)

litmus test will be :

  1. if "openpgp applet" were able to encrypt/sign using main token first then do the same with backup token containing same subkeys.
  2. on a new computer how to teach gpg that all these tokens with different serial numbers are the same? do we need to teach first before we use a backup key? or gpg will learn this on first encountering of backup key?
gniibe added a comment.EditedApr 27 2017, 5:58 AM

While T1983: gpg2 prefers missing secret key to available key on card for singing is in progress, change of T3119: gpg: Improve public key decryption is needed for decryption.

gniibe updated the task description. (Show Details)Sep 21 2017, 2:03 AM
nh2 added a subscriber: nh2.Oct 17 2017, 8:03 PM
bren added a subscriber: bren.Nov 15 2017, 4:39 AM
Esai awarded a token.Apr 25 2018, 1:10 PM
Esai added a subscriber: Esai.
gniibe changed the status of subtask T3119: gpg: Improve public key decryption from Open to Testing.Aug 27 2018, 9:32 AM
georg added a subscriber: georg.Nov 11 2018, 1:23 PM
mjb added a subscriber: mjb.Feb 12 2019, 10:44 AM
blades added a subscriber: blades.May 10 2019, 11:44 PM
drzraf added a subscriber: drzraf.Jun 8 2019, 10:37 PM
lopter added a subscriber: lopter.Oct 13 2019, 4:50 PM
werner added a parent task: Restricted Maniphest Task.Dec 23 2019, 11:03 AM
jheeb awarded a token.Dec 27 2019, 5:54 PM
jheeb added a subscriber: jheeb.
jxpx777 added a subscriber: jxpx777.Jan 7 2020, 4:22 PM
gniibe changed the task status from Open to Testing.Jan 16 2020, 5:29 AM

In master, it has been implemented.

BTW, I just pushed some new features to maste for the gpg-card tool. You can now do

learn --cards --apps

and you get a list or S/Ns along with their active applications. The first application is the curently active one. To select another application you can for example do this on a Yubikey

learn - piv

and it switches to the PIV application and list info about it. The '-' can be replaced by the card number (first column in the list you get with the --cards) and you can immediately switch to an application on another card. I tried this with tqo Yubikeys and a Gnuk token; seems to work well.

Is there a blogpost or similar where the use of several smartcards following this improvement is explained to n00bs like me? :) For now all I find is this thread and some SE answers saying it does not work yet (https://security.stackexchange.com/questions/154702/gpg-encryption-subkey-on-multiple-smart-cards-issue) . If somebody could post a new answer on SE / write a small blog post or similar that would be great. Useful would be to have 1) from which versions and over is that available 2) how this works / how to use.

ptx added a subscriber: ptx.Thu, Jun 4, 6:00 PM