Page MenuHome GnuPG
Create Task
Maniphest T2291

Smartcard interaction improvement (was: Shadowed private key design (for smartcard))
Closed, ResolvedPublic
Actions

Assigned To
gniibe
Authored By
gniibe
Mar 23 2016, 2:12 AM
Tags
Subscribers
blades
bren
cscutcher
davidtwco
decomposite
demonbane
dkg
View All 32 Subscribers
Tokens
"Love" token, awarded by GPF."100" token, awarded by lopter."Love" token, awarded by jheeb."Love" token, awarded by Esai.

Description

Shadowed key includes serial number of the smartcard, so that GnuPG can ask a
user about the specific card when signature/decryption will be asked (but not
yet the card is ready).

This is better to improve. (1) some people have a practice to put same private
key on multiple smartcards (say, for backup). (2) a user wants to migrate to
new card/token. (3) Most users don't care/know about serial number of smartcard
which is recorded in the shadowed key.

Revisions and Commits

rG GnuPG
rG1091f22511e1 agent: Support scdaemon operation using KEYGRIP.

Related Objects
Search...

Event Timeline

gniibe added projects: gnupg, Bug Report.Mar 23 2016, 2:12 AM
gniibe added a subscriber: gniibe.
werner added a subscriber: werner.Mar 23 2016, 5:53 PM

I have two ideas on how to imrpove this:

  1. If an appropriate card is plugged in we could try to use it. This is similar to what we do in command-ssh.c
  1. Rework the private key file format to allow adding several serial numbers for one card. This rework needs to be done anyway for another features (OpenSSH certifcactes)
werner added a project: Feature Request.Mar 23 2016, 5:54 PM
werner removed a project: Bug Report.
gniibe mentioned this in T1798: request: smartcard stub keys with multiple serial numbers.Apr 14 2017, 2:49 AM
gniibe merged a task: T1798: request: smartcard stub keys with multiple serial numbers.
gniibe added subscribers: phry, uncaught.
gniibe added a comment.Apr 14 2017, 3:53 AM

Yes, there are two things to implement; How gpg frontend use gpg-agent (1 in Werner's comment), and new shadowed key format support (2 in Werner's comment).

Considering again, I think that (2) is not that important. So, I am changing the title of this ticket. For this, it can be also done not using new private key format, but just only extend the shadowed information format. Now, it's "t1-v1". We can also support another format, say, "t1-v2".

The real part is (1), which requires changes in gpg. I think that this is somehow also needed in case of better support of encrypted data to anonymous.

In case of SSH, SSH asks gpg-agent for available card(s), and then, asks signing with a specific key on the card.

On the other hand, currently, gpg asks gpg-agent for signing/encryption with no information if the corresponding card is available now or not. It is gpg-agent which asks a user to insert matching card if not available.

This interaction should be changed; gpg should know current cards available, by asking gpg-agent, beforehand. And then, gpg should ask signing/decryption using the card. (It is still gpg-agent which asks a user to authenticate the card.)

It will be gpg for inserting card.

That's my thought, now. How about implementing this in GnupG 2.1?

gniibe renamed this task from Shadowed private key design (for smartcard) to Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).Apr 14 2017, 3:54 AM
gniibe updated the task description. (Show Details)
gniibe raised the priority of this task from Normal to High.Apr 20 2017, 7:47 AM
gniibe merged a task: T1983: gpg2 prefers missing secret key to available key on card.
gniibe mentioned this in T1983: gpg2 prefers missing secret key to available key on card.
gniibe added subscribers: jwilson, decomposite, dkg.
gniibe added a subtask: T1983: gpg2 prefers missing secret key to available key on card.Apr 20 2017, 8:06 AM
gniibe added a subtask: T2898: Option to ignore card serial number (to be able to use backup tokens containing same subkeys).
vsrinu26f added a subscriber: vsrinu26f.Apr 22 2017, 3:15 PM

litmus test will be :

  1. if "openpgp applet" were able to encrypt/sign using main token first then do the same with backup token containing same subkeys.
  2. on a new computer how to teach gpg that all these tokens with different serial numbers are the same? do we need to teach first before we use a backup key? or gpg will learn this on first encountering of backup key?
gniibe added a comment.EditedApr 27 2017, 5:58 AM

While T1983: gpg2 prefers missing secret key to available key on card for singing is in progress, change of T3119: gpg: Improve public key decryption is needed for decryption.

gniibe closed subtask T1983: gpg2 prefers missing secret key to available key on card as Resolved.May 16 2017, 1:22 AM
gniibe reopened subtask T1983: gpg2 prefers missing secret key to available key on card as Open.May 19 2017, 1:19 PM
gniibe added a subtask: T3119: gpg: Improve public key decryption.Aug 1 2017, 8:46 AM
nabbler added a subscriber: nabbler.Aug 29 2017, 4:29 PM
gniibe closed subtask T1983: gpg2 prefers missing secret key to available key on card as Resolved.Sep 20 2017, 7:49 AM
gniibe updated the task description. (Show Details)Sep 21 2017, 2:03 AM
gniibe created subtask T3416: gpg should select available signing key on card (even with -u option).Sep 21 2017, 2:07 AM
isometry added a subscriber: isometry.Sep 26 2017, 10:39 PM
nh2 added a subscriber: nh2.Oct 17 2017, 8:03 PM
dwilson added a subscriber: dwilson.Nov 14 2017, 5:29 AM
bren added a subscriber: bren.Nov 15 2017, 4:39 AM
Esai awarded a token.Apr 25 2018, 1:10 PM
Esai added a subscriber: Esai.
wiktor-k added a subscriber: wiktor-k.Jun 14 2018, 10:05 PM
kornrunner added a subscriber: kornrunner.Aug 17 2018, 1:25 PM
gniibe changed the status of subtask T3119: gpg: Improve public key decryption from Open to Testing.Aug 27 2018, 9:32 AM
georg added a subscriber: georg.Nov 11 2018, 1:23 PM
rcdailey added a subscriber: rcdailey.Dec 11 2018, 5:02 PM
gniibe added a subtask: T4273: agent: Request insertion of smartcard when no card present.Dec 20 2018, 12:59 AM
plaflamme added a subscriber: plaflamme.Jan 1 2019, 7:17 PM
mjb added a subscriber: mjb.Feb 12 2019, 10:44 AM
cscutcher added a subscriber: cscutcher.Mar 2 2019, 7:29 PM
demonbane added a subscriber: demonbane.Mar 7 2019, 9:26 AM
matheusmoreira added a subscriber: matheusmoreira.May 9 2019, 8:05 PM
blades added a subscriber: blades.May 10 2019, 11:44 PM
gniibe added a commit: rG1091f22511e1: agent: Support scdaemon operation using KEYGRIP..May 15 2019, 10:15 AM
gniibe changed the status of subtask T2898: Option to ignore card serial number (to be able to use backup tokens containing same subkeys) from Open to Testing.May 16 2019, 9:26 AM
werner closed subtask T4273: agent: Request insertion of smartcard when no card present as Resolved.May 21 2019, 9:13 AM
gniibe closed subtask T3119: gpg: Improve public key decryption as Resolved.Jun 4 2019, 2:34 AM
davidtwco added a subscriber: davidtwco.Jun 4 2019, 2:52 PM
drzraf added a subscriber: drzraf.Jun 8 2019, 10:37 PM
gniibe created subtask T4695: Remove SERIALNO as an identifier to select keys.Sep 5 2019, 8:04 AM
lopter added a subscriber: lopter.Oct 13 2019, 4:50 PM
werner added a parent task: Restricted Maniphest Task.Dec 23 2019, 11:03 AM
jheeb awarded a token.Dec 27 2019, 5:54 PM
jheeb added a subscriber: jheeb.
jxpx777 added a subscriber: jxpx777.Jan 7 2020, 4:22 PM
gniibe changed the status of subtask T4695: Remove SERIALNO as an identifier to select keys from Open to Testing.Jan 16 2020, 5:25 AM
gniibe changed the task status from Open to Testing.Jan 16 2020, 5:29 AM

In master, it has been implemented.

gniibe added a project: Restricted Project.Jan 16 2020, 5:29 AM
lopter awarded a token.Jan 16 2020, 6:48 PM
werner added a comment.Jan 16 2020, 9:37 PM

BTW, I just pushed some new features to maste for the gpg-card tool. You can now do

learn --cards --apps

and you get a list or S/Ns along with their active applications. The first application is the curently active one. To select another application you can for example do this on a Yubikey

learn - piv

and it switches to the PIV application and list info about it. The '-' can be replaced by the card number (first column in the list you get with the --cards) and you can immediately switch to an application on another card. I tried this with tqo Yubikeys and a Gnuk token; seems to work well.

gniibe changed the status of subtask T3416: gpg should select available signing key on card (even with -u option) from Open to Testing.Jan 17 2020, 8:12 AM
PWRzTOtacorTPq7KNW4oFec8F added a subscriber: PWRzTOtacorTPq7KNW4oFec8F.May 28 2020, 10:18 PM

Is there a blogpost or similar where the use of several smartcards following this improvement is explained to n00bs like me? :) For now all I find is this thread and some SE answers saying it does not work yet (https://security.stackexchange.com/questions/154702/gpg-encryption-subkey-on-multiple-smart-cards-issue) . If somebody could post a new answer on SE / write a small blog post or similar that would be great. Useful would be to have 1) from which versions and over is that available 2) how this works / how to use.

ptx added a subscriber: ptx.Jun 4 2020, 6:00 PM
GPF added a subscriber: GPF.Nov 30 2020, 11:16 AM
GPF awarded a token.Nov 30 2020, 11:30 AM
lopter added a comment.Dec 4 2020, 7:55 AM

Hello,

Thank you for all the work! Does it mean that, if I am running master, it is now possible to have a setup where the same encryption key is shared by and usable from multiple smart cards?

gniibe added a comment.Dec 4 2020, 8:30 AM
In T2291#139821, @lopter wrote:

if I am running master, it is now possible to have a setup where the same encryption key is shared by and usable from multiple smart cards?

I believe so (the actual work was done until last year, and I've been using, some details are out of my brain).
Please try if possible.

lopter added a comment.Dec 12 2020, 9:33 PM

Report on some testing using master:

  1. This feel unrelated to this issue but keytocard failed with You may only store a 1024 bit RSA key on the card for 4096 RSA keys to Yubikeys 4/5;
  2. I have been able to copy the same encryption/auth/signature private subkeys to multiple smartcards and swap freely between any of the smartcards to use those keys from the same GNUPGHOME where I imported the corresponding public keys.

Not sure about 1, but otherwise this issue is now solved as far as I am concerned!

This really simplifies key management for me, thank you very much for the work.

Note: xdotool(1) was a life saver to re-encrypt my pass repository and click through those prompts asking me for the correct smartcard.

gniibe added a comment.EditedDec 14 2020, 1:05 AM

Thank you for testing.
For the issue #1, I think it is the probelm of rG1cd615afe301: gpg,card: Allow no version information of Yubikey., which is fixed already. This was introduced by the support of PIV feature of Yubikey.

lopter added a comment.Dec 14 2020, 2:05 AM
In T2291#140172, @gniibe wrote:

Thank you for testing.
For the issue #1, I think it is the probelm of rG1cd615afe301: gpg,card: Allow no version information of Yubikey.. This was introduced by the support of PIV feature of Yubikey.

Ok, not sure what to do about that, but I am happy to help testing and I am curious about the process/conditions to merge the fixes related to this issue into the stable branch?

gniibe closed this task as Resolved.Apr 13 2021, 8:05 AM

Done in 2.3.

gniibe closed subtask T4695: Remove SERIALNO as an identifier to select keys as Resolved.Apr 13 2021, 8:05 AM
gniibe closed subtask T3416: gpg should select available signing key on card (even with -u option) as Resolved.
lindhe added a subscriber: lindhe.Aug 6 2022, 9:07 AM
lindhe removed a subscriber: lindhe.