Home GnuPG
Diffusion GnuPG c4c7b7d7ba6b

g10: add ability to transfer a private key to the tpm
c4c7b7d7ba6bUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

g10: add ability to transfer a private key to the tpm

* g10/keyedit.c (cmdKEYTOTPM): New enum value.
(cmds): New command "keytotpm".
(keyedit_menu): Implement cmdKEYTOTPM.

Exactly like the gpg --edit-key command keytosc, keytotpm has been
added which immedately converts the private key file to TPM shadowed
form. Once this is done, the key cannot be recovered and may only be
used via the TPM of the computer system on which the conversion was
done. If that system is ever lost, or its TPM cleared, the shadowed
key becomes unusable.

  • Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Details

Provenance
James Bottomley <James.Bottomley@HansenPartnership.com>Authored on Mar 5 2018, 8:16 PM
wernerCommitted on Mar 9 2018, 10:06 AM
Parents
rG1a4a4a8f5fa5: agent: plumb in TPM handling
Branches
Unknown
Tags
Unknown

Event Timeline

werner committed rGc4c7b7d7ba6b: g10: add ability to transfer a private key to the tpm (authored by James Bottomley <James.Bottomley@HansenPartnership.com>).Mar 9 2018, 10:06 AM

Changes (3)

PathSize
g10/

rGc4c7b7d7ba6b

View Options

g10/call-agent.c

Loading...
View Options

g10/call-agent.h

Loading...
View Options

g10/keyedit.c

Loading...