Page MenuHome GnuPG
Create Task
Maniphest T6956

GnuPG: Allow import of gpgsk files
Open, NormalPublic
Actions

Description

gpgsk files contain backups of secret keys. They are created by Kleopatra when creating a backup of a secret (sub)key after copying a (sub)key to a smart card.

To counter attacks with malicious gpgsk files (with the goal to overwrite a user's real secret keys or smart-card-backed shadow keys) gpg must check that the imported/restored gpgsk files are valid.

Related Objects
Search...

Event Timeline

ikloecker created this task.Jan 24 2024, 9:30 AM
werner triaged this task as Normal priority.Jan 24 2024, 3:00 PM
werner edited projects, added gnupg24, Feature Request; removed gnupg.
werner added a subscriber: werner.

These gpgsk files are standard private-keys-v1 files with an additional Backup-info line showing for example the keygrip.
There are no certificates in the file, thus we can either use gpg or gpgsm as driver.

aheinecke assigned this task to TobiasFella.Feb 8 2024, 10:31 AM
aheinecke added a subscriber: aheinecke.

I think the attack ingo talks about would mostly be covered by checking if the file already exists before moving it into the private directory.

But a good safeguard that I could think of would be:

  • Create a temporary directory.
  • Import the private key and the public key it belongs to (which we should know from a keylisting with keygrip)
  • Use the key in some manner, that depends a bit if it is a signing key then we should sign something if it is an encryption key we should decrypt a test message to that key. For Authentication I don't really know what a good test would be.
aheinecke merged a task: T6934: Kleopatra: Import of gpgsk files.Feb 8 2024, 10:33 AM
ikloecker added a comment.Feb 8 2024, 9:42 PM

Checking if the file already exists doesn't help. In fact, typically the file (containing the shadow key for the card key) will already exist. But one could check if there is already a private key with this keygrip. Then restoring could be refused, so that the worst that can happen is that the shadow key (which can be recovered from the smart card) is overwritten with a corrupt file.

This means we can use a simpler approach:

  • Move the existing file away (maybe changing the extension is already enough if gpg-agent only looks for .key files).
  • Copy the gpgsk file to private-keys-v1.
  • Check if we have a valid secret key as Andre suggested. This could be framed as check to make sure that the key was restored correctly.
ebo mentioned this in T6934: Kleopatra: Import of gpgsk files.Feb 15 2024, 9:01 AM
ebo reassigned this task from TobiasFella to werner.Feb 15 2024, 9:07 AM
ebo added a project: gnupg22.
ebo added a subscriber: TobiasFella.

Werner wants the import via gpg-agent

ebo removed a project: gnupg22.Feb 28 2024, 11:15 AM