Page MenuHome GnuPG
Create Task
Maniphest T6639

keytotpm doesn't appear to do anything
Closed, ResolvedPublic
Actions

Description

$ tpm2_testparms rsa2048
$ gpg --edit-key 6ED87427C830FB1D06AF5383700CBA7FFF688DBF
gpg (GnuPG) 2.4.3; Copyright (C) 2023 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   5  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 5u
gpg: next trustdb check due at 2026-08-06
sec  rsa2048/700CBA7FFF688DBF
     created: 2023-08-08  expires: 2026-08-07  usage: SC  
     trust: ultimate      validity: ultimate
[ultimate] (1). Test Test4 <test@test.com>

gpg> keytotpm
Really move the primary key? (y/N) y

sec  rsa2048/700CBA7FFF688DBF
     created: 2023-08-08  expires: 2026-08-07  usage: SC  
     trust: ultimate      validity: ultimate
[ultimate] (1). Test Test4 <test@test.com>

gpg> save
Key not changed so no update needed.

Was asked for the secret key passphrase and TPM authorization passphrase (twice).

No shadowed private key file is created and no error is reported. Tested with gpg 2.4.3 on Arch Linux and Fedora 39 on two machines.

Details

Version
2.4.3

Event Timeline

rabarber created this task.Aug 8 2023, 2:14 PM
werner closed this task as Resolved.Aug 8 2023, 3:36 PM
werner claimed this task.
werner edited projects, added Support; removed Bug Report.
werner added a subscriber: werner.

Please ask on the gnupg mailing list for support. In case that turns out to be a real bug, please re-open this bug.

rabarber updated the task description. (Show Details)Aug 9 2023, 9:16 PM