Page MenuHome GnuPG
Create Task
Maniphest T7091

Kleopatra: Simple copy key to card
Testing, NormalPublic
Actions

Description

In the certificate view add an function to copy a chosen key to a smartcard, via context menu or "Certificates" menu.

Below is an example of a possible dialog screen for discussion. Text in {brackets} are comments.

# Simple transfer of an OpenPGP key to a smartcard

Only suitable for standard keys.

{The following information might be behind an info button or something}
Info on preconditions:
- The primary key is suitable for signatures and certifications.
- There is exactly one subkey for encryption.
- Optionally, there is exactly one additional subkey for authentication. This is also transferred to the card.
- An OpenPGP-compatible smartcard is connected and the corresponding slots are empty.
{information end}

Your chosen Key
Fingerprint:     XXXXXXX
Primary User-ID: Xxxxx <xxx@xxxx.xx>

{Error Block start, only shown in case of a problem}
The following condition(s) are not met: {Only the missing conditions are displayed, but all misses on the first three}.

- The primary key does not have the Sign and Certify properties.
- There is no subkey for encryption.
- There are too many other subkeys.

- No smartcard was recognized.
- The OpenPGP slots on the smartcard are not empty.

/\ An automatic transfer is not possible.                    {this /\ is an alert symbol}

[OK]
{error block end}
{alternative postive continuation}

All conditions are met.

To proceed choose one of the following options:
( ) Delete key from disk.
    ( ) Make a backup of the secret key to file.  
    ( ) Make a print backup. (Paperkey)
    ( ) I already have a backup of the secret key.
( ) Keep key on disk.

[Apply]    [Cancel]

By default there is no option preselected.
But there should be a configuration parameter in the config file or registry to preselect an option and make it unchangeable.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRAed9f4d5a7272 Make CertificateToCardCommand work with keys that have ADSKs
rKLEOPATRA816a267eb0a0 Make CertificateToCardCommand work with keys that have ADSKs
rKLEOPATRA22bf9ef6017d Add command for copying a key to a card
rKLEOPATRA5ca2c1209b1d Add command for copying a key to a card
rKLEOPATRAc29b80f9de42 Add command for copying a key to a card
rKLEOPATRAbdb82b094f3c Add command for copying a key to a card

Related Objects
Search...

Event Timeline

alexk triaged this task as Normal priority.Apr 17 2024, 11:41 AM
alexk created this task.
alexk added a parent task: T6785: Kleopatra: Improvements related to smart cards.
ebo added a subscriber: ebo.Apr 17 2024, 11:49 AM
ikloecker added a subscriber: ikloecker.Apr 17 2024, 10:43 PM

You forget that multiple OpenPGP smart cards might be plugged in. Although it's probably not likely that multiple empty cards are plugged in. (For comparison: The subkey action to move a key to a card allows the user to choose a suitable slot. I think it also offers non-empty slots, but I agree that for the "simple copy" it's better to offer only empty cards to prevent a disaster.)

ikloecker added a comment.Apr 17 2024, 10:49 PM

Regarding the requirements for a key: The action shouldn't be enabled for keys not meeting the requirements. (Just like most other actions are only enabled for a suitable selection of keys.) The info which keys are suitable belongs into the manual and not as wall of text into Kleopatra.

alexk added a comment.Apr 18 2024, 2:48 PM

The action shouldn't be enabled for keys not meeting the requirements.

This sounds good.
Will this checks be done on opening the context menu for a private key?

Regarding the smartcards: Should be checked if there is exactly one empty smartcard plugged and don't care about other non empty ones?

ikloecker added a comment.Apr 18 2024, 3:53 PM

The check happens whenever the user selects or deselects one (or more) certificates. All actions that require conditions not met by the selected certificates are disabled. Some conditions are too complex/slow/special to check, e.g. the check if an empty smart card is inserted should happen when the user triggered the action.

Regarding the smartcards: Should be checked if there is exactly one empty smartcard plugged and don't care about other non empty ones?

If multiple empty OpenPGP cards are plugged in then I would simply take the first that's found. Obviously, the dialog should tell the user which smart card will be written to.

The key should be displayed as in most dialogs with the summary. Nobody knows their key by the fingerprint and the user ID is often ambiguous if one has multiple keys.

alexk added a comment.Apr 18 2024, 5:39 PM
This comment was removed by alexk.
alexk added a comment.Apr 22 2024, 9:41 AM

With Ingo's suggestions it could look like this.

Smartcard error case:

== Simple transfer of an OpenPGP key to a smartcard ==

/\ An automatic transfer is not possible.                    {this /\ is an alert symbol}

- No smartcard was recognized.                               {Only one of these messages will apply.}
- No smartcard with empty OpenPGP slots was found.

[OK]

Normal case:

== Simple transfer of an OpenPGP key to a smartcard ==

Your selected Key:  {key summary}
Selected SmartCard: {smarcard summary}

To proceed choose one of the following options:
( ) Delete key from disk.
    ( ) Make a backup of the secret key to file.  
    ( ) Make a print backup. (Paperkey)
    ( ) I already have a backup of the secret key.
( ) Keep key on disk.

[Apply]    [Cancel]
alexk added a project: gpd.Apr 30 2024, 4:57 PM
TobiasFella claimed this task.May 2 2024, 11:29 AM
TobiasFella moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
ikloecker added a comment.May 3 2024, 9:43 AM

I think it needs to be made more clear that the proposed options refer to what to do after (!) copying the secret key to the smart card, e.g.

( ) Delete the secret key from disk after copying it to the smart card.
    ( ) Make a backup of the secret key to file before deleting it.  
    ( ) Make a print backup (Paperkey) before deleting the secret key.
    ( ) I already have a backup of the secret key.
( ) Keep the secret key on disk after copying it to the smart card.

I briefly considered something like

After copying the secret key to the smart card
( ) ...

but such a sentence puzzle makes correct translation much harder or even impossible.

TobiasFella added a commit: rKLEOPATRAbdb82b094f3c: Add command for copying a key to a card.May 3 2024, 11:05 AM
TobiasFella added a commit: rKLEOPATRAc29b80f9de42: Add command for copying a key to a card.May 10 2024, 1:57 PM
TobiasFella added a commit: rKLEOPATRA5ca2c1209b1d: Add command for copying a key to a card.May 13 2024, 11:51 AM
TobiasFella added a commit: rKLEOPATRA22bf9ef6017d: Add command for copying a key to a card.May 14 2024, 2:58 PM
TobiasFella changed the task status from Open to Testing.May 14 2024, 3:05 PM
TobiasFella added a commit: rKLEOPATRA816a267eb0a0: Make CertificateToCardCommand work with keys that have ADSKs.Aug 5 2024, 3:45 PM
TobiasFella added a comment.Aug 5 2024, 3:46 PM

A patch to make sure that certificates with ADSKs can be copied to cards: https://invent.kde.org/pim/kleopatra/-/merge_requests/265

TobiasFella added a commit: rKLEOPATRAed9f4d5a7272: Make CertificateToCardCommand work with keys that have ADSKs.Aug 6 2024, 11:07 AM
ebo edited projects, added gpd5x (gpd-5.0.0); removed gpd.Nov 13 2024, 2:45 PM
ebo edited projects, added gpd5x; removed gpd5x (gpd-5.0.0).
ebo moved this task from Backlog to WIP on the gpd5x board.
ebo removed a project: Restricted Project.
ebo added a comment.EditedMar 7 2025, 4:23 PM

Tested with version 4.0.0.250370 (Gpg4win-5.0.0-beta125)
and Yubikey:

Key not empty OR no smart card connected:

Key empty:

Tested ok with keep key on disk:

ebo added a comment.Mar 10 2025, 1:42 PM

I looked with alexk at the suggestion from ikloecker https://dev.gnupg.org/T7091#185587
We would modify it a bit to:

( ) Delete the secret key from disk after copying it to the smart card.
    ( ) Make a backup of the secret key to a file first.
    ( ) Make a printed backup (Paperkey) of the secret key first.  
    ( ) I already have a backup of the secret key.
( ) Keep the secret key on disk after copying it to the smart card.
ebo added a comment.Mar 10 2025, 3:30 PM

We have to talk about the workflows in the different variations. This needs to be simplified further.

For option one: 5 pinentry windows for passwords or PINs and another misleading "do you really want to delete" at the end although a backup was made. (In this case with 1x cancel and 1x wrong PIN in between 3 backup files in total.)

Option 2: 6 pinentry windows, also the misleading "do you really want to delete?" at the end although the backup was made. In this case with file dialog (other than in option 1)

Option 3: 5 pinentry windows. And in this case the "do you really want to delete?" question at the end makes more sense

So basically it works but we should talk at our next meeting about improvements.

ebo added a parent task: T6116: Draft: Kleopatra: Card personalization workflow.Mar 18 2025, 4:36 PM
ebo moved this task from WIP to QA on the gpd5x board.Jul 14 2025, 5:59 PM
ebo claimed this task.Mon, Oct 20, 11:33 AM
ebo added a subscriber: TobiasFella.