From dashohoxha at gmail.com Mon Mar 1 03:11:31 2021 From: dashohoxha at gmail.com (Dashamir Hoxha) Date: Mon, 1 Mar 2021 03:11:31 +0100 Subject: WKS support on Thunderbird Message-ID: Hi, The latest version of Thunderbird comes with built-in support for OpenPGP and has dropped Enigmail: - https://blog.thunderbird.net/2020/09/openpgp-in-thunderbird-78/ - https://lwn.net/Articles/832183/ However it does not have WKS support. I updated my system and I was baffled to see that with the latest Thunderbird it is not possible to send a key to a WKS. I tried KMail, but I couldn't find how to do it with KMail either. If I have missed it, please point me to the docs that describe how to do it. So, I had to revert back to the previous version of Thunderbird, so that at least I can continue testing. However, if no client supports WKS this is a problem, because it makes useless installing a WKS server. Regards, Dashamir From bernhard at intevation.de Mon Mar 1 08:45:05 2021 From: bernhard at intevation.de (Bernhard Reiter) Date: Mon, 1 Mar 2021 08:45:05 +0100 Subject: Wiki as documentation (and registration problems) (was: Implementing a WKS solution) In-Reply-To: References: <202102260936.46466.bernhard@intevation.de> Message-ID: <202103010845.05557.bernhard@intevation.de> Jeff, Am Freitag 26 Februar 2021 10:05:11 schrieb Jeffrey Walton via Gnupg-devel: > Information management is hard. > > I find wikis are the best way to disseminate long term, less > frequently changing information. thanks for adding more general arguments in favour of using wiki.gnupg.org! Many good points! Two minor notes: a) I've seen wikis rot, so they are much harder to clean up then. -> They need to be maintained, if they go a certain critical mass, wikis are less useful then doc files done by the devs in SCM. b) I've seen the crowd being wrong (especially on design and science questions). Encryption potentially is such a topic. Still I think wiki.gnupg.org is a plus for GnuPG, OpenPGP and the Free Software end-to-end encryption community. It can use more help, naturally. Best Regards, Bernhard -- www.intevation.de/~bernhard ? +49 541 33 508 3-3 Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Mon Mar 1 09:30:07 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 01 Mar 2021 09:30:07 +0100 Subject: 2.3 keydb problems In-Reply-To: (Robert J. Hansen via Gnupg-devel's message of "Sat, 27 Feb 2021 12:20:17 -0500") References: <5c72bba1-399d-a322-f8f7-b8108f349301@sixdemonbag.org> <87o8g5a4vu.fsf@wheatstone.g10code.de> Message-ID: <87wnur8eeo.fsf@wheatstone.g10code.de> On Sat, 27 Feb 2021 12:20, Robert J. Hansen said: > 2021-02-27 12:17:28 keyboxd[65435] waiting for lock (held by 535569) ... > > There is no process with PID 535569. Can you please check the file ~/.gnupg/public-keys.d./pubring.db.lock It should have two lines: The first with the pid and the second giving the hostname. Can you delete that file? We use the same locking code all over gnupg, so it can't be a problem of keyboxd only. What you could also do is to "strace -p 65435" to see the system call errors. For reference here is the code pertaining to this (from common/dotlock.c): /* Check for stale lock files. */ if ( (pid = read_lockfile (h, &same_node)) == -1 ) { if ( errno != ENOENT ) { saveerrno = errno; my_info_0 ("cannot read lockfile\n"); my_set_errno (saveerrno); return -1; } my_info_0 ("lockfile disappeared\n"); goto again; } else if ( pid == getpid() && same_node ) { my_info_0 ("Oops: lock already held by us\n"); h->locked = 1; return 0; /* okay */ } else if ( same_node && kill (pid, 0) && errno == ESRCH ) // This should trigger the removal of a stale lock file. // To cope with remote file systems this requires that the the lock file // was created by this box (same_host). The question is why there is a // stale lock file at all. { /* Note: It is unlikely that we get a race here unless a pid is reused too fast or a new process with the same pid as the one of the stale file tries to lock right at the same time as we. */ my_info_1 (_("removing stale lockfile (created by %d)\n"), pid); unlink (h->lockname); goto again; } if (lastpid == -1) lastpid = pid; ownerchanged = (pid != lastpid); if (timeout) { struct timeval tv; /* Wait until lock has been released. We use increasing retry intervals of 50ms, 100ms, 200ms, 400ms, 800ms, 2s, 4s and 8s but reset it if the lock owner meanwhile changed. */ if (!wtime || ownerchanged) wtime = 50; else if (wtime < 800) wtime *= 2; else if (wtime == 800) wtime = 2000; else if (wtime < 8000) wtime *= 2; if (timeout > 0) { if (wtime > timeout) wtime = timeout; timeout -= wtime; } sumtime += wtime; if (sumtime >= 1500) { sumtime = 0; my_info_3 (_("waiting for lock (held by %d%s) %s...\n"), pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); } tv.tv_sec = wtime / 1000; tv.tv_usec = (wtime % 1000) * 1000; select (0, NULL, NULL, NULL, &tv); goto again; } -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wiktor at metacode.biz Mon Mar 1 09:36:17 2021 From: wiktor at metacode.biz (Wiktor Kwapisiewicz) Date: Mon, 1 Mar 2021 09:36:17 +0100 Subject: Question about EdDSA value s MPI in signatures Message-ID: <3ec854ea-620f-4182-65cc-1007bc46228e@metacode.biz> Hello, I've been recently analyzing EdDSA signatures and found one interesting case. Not sure if I did my analysis correctly or if that's a bug in the beta but I'd be really glad if someone helped me to understand what's happening. One signature piqued my interest. It's attached to this e-mail: https://lists.gnupg.org/pipermail/gnupg-devel/2021-February/034715.html The relevant portion of the signature that looks suspicious is the "EdDSA value s, in MPI" [0] at the end (00000055): 00000031 9b digest_prefix1 00000032 5b digest_prefix2 00000033 00 fe eddsa_sig_r_len 00000035 2b f9 10 a1 5d fb c6 69 33 60 1b eddsa_sig_r 00000040 d8 93 53 28 2e df 91 0a fb d1 59 5f fe 52 78 9f 00000050 46 cc c3 fe e6 00000055 01 00 00 6d b8 e1 70 78 1d ac c0 <--- here 00000060 41 07 57 b7 a2 e3 e7 93 3b 9b 41 1e 05 bb 0a 82 00000070 16 6a 9c 4e 88 80 06 MPI encoding is "two-octet scalar that is the length of the MPI in bits followed by a string of octets that contain the actual integer." [1] And since "The length field of an MPI describes the length starting from its most significant non-zero bit" the initial "00" byte seems redundant (and should not be included in the length value). The MPI section of 4880bis even has an example that shows that zeros should not be taken into account: "Thus, the MPI [00 02 01] is not formed correctly. It should be [00 01 01]." [1]. The rest has a length of 248 bits: 6d b8 e1 70 78 1d ac c0 41 07 57 b7 a2 e3 e7 93 3b 9b 41 1e 05 bb 0a 82 16 6a 9c 4e 88 80 06 (31 bytes * 8 = 248 bits) I'm also not sure how to could bits in the first byte. Since 6d is 0110 1101 in binary maybe it should count as 7 not 8 (since the most significant bit is cleared)? Is there an explanation to this behavior? I'm wondering why did GnuPG generate such a signature and whether or not this is conformant with the standard that is in development. Thank you for your time! Kind regards, Wiktor [0]: https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-10#section-5.2.3 [1]: https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-10#section-3.2 From wk at gnupg.org Mon Mar 1 09:38:12 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 01 Mar 2021 09:38:12 +0100 Subject: [PATCH GnuPG 2/2] Prefer opening images with xdg-open over display In-Reply-To: <20210228133411.127214-2-nicolas.fella@gmx.de> (Nicolas Fella via Gnupg-devel's message of "Sun, 28 Feb 2021 14:34:11 +0100") References: <20210228133411.127214-1-nicolas.fella@gmx.de> <20210228133411.127214-2-nicolas.fella@gmx.de> Message-ID: <87o8g38e17.fsf@wheatstone.g10code.de> On Sun, 28 Feb 2021 14:34, Nicolas Fella said: > xdg-open respects the user's configured image viewer > and is therefore preferred. This would be a regression. display and xloadimage both allow to pass the title. This seems not to be possible with xdg-open. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Mon Mar 1 09:36:37 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 01 Mar 2021 09:36:37 +0100 Subject: [PATCH GnuPG 2/2] Prefer opening images with xdg-open over display In-Reply-To: <2489301.z5ICp2W6VN@breq> ("Ingo \=\?utf-8\?Q\?Kl\=C3\=B6cker\=22's\?\= message of "Sun, 28 Feb 2021 17:40:57 +0100") References: <20210228133411.127214-1-nicolas.fella@gmx.de> <20210228133411.127214-2-nicolas.fella@gmx.de> <2489301.z5ICp2W6VN@breq> Message-ID: <87sg5f8e3u.fsf@wheatstone.g10code.de> On Sun, 28 Feb 2021 17:40, Ingo Kl?cker said: > any reason why xloadimage should still be preferred over xdg-open? Never change running code. xloadimage is a simpler than display and thus we should keep support for it. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Mon Mar 1 09:48:18 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 01 Mar 2021 09:48:18 +0100 Subject: [PATCH GnuPG 1/2] Keep temp files when opening images via xdg-open In-Reply-To: <20210228133411.127214-1-nicolas.fella@gmx.de> (Nicolas Fella via Gnupg-devel's message of "Sun, 28 Feb 2021 14:34:10 +0100") References: <20210228133411.127214-1-nicolas.fella@gmx.de> Message-ID: <87h7lv8dkd.fsf@wheatstone.g10code.de> On Sun, 28 Feb 2021 14:34, Nicolas Fella said: > xdg-open spawns the user's preferred image viewer and then exits. > Therefore we must not remove the temp file when it exits, > otherwise by the time the actual image viewer is started the file > doesn't exist any more. Thanks. Pushed to master and 2.2 Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From nicolas.fella at gmx.de Mon Mar 1 10:29:03 2021 From: nicolas.fella at gmx.de (Nicolas Fella) Date: Mon, 1 Mar 2021 10:29:03 +0100 Subject: [PATCH GnuPG 2/2] Prefer opening images with xdg-open over display In-Reply-To: <2489301.z5ICp2W6VN@breq> References: <20210228133411.127214-1-nicolas.fella@gmx.de> <20210228133411.127214-2-nicolas.fella@gmx.de> <2489301.z5ICp2W6VN@breq> Message-ID: Hi Ingo, no reason, IMHO xdg-open should be preferred over xloadimage too, but Werner seems to disagree on that, for valid reasons. Cheers Nico On 2/28/21 5:40 PM, Ingo Kl?cker wrote: > Hi Nicolas, > > any reason why xloadimage should still be preferred over xdg-open? > > Regards, > Ingo > > On Sonntag, 28. Februar 2021 14:34:11 CET Nicolas Fella via Gnupg-devel wrote: >> xdg-open respects the user's configured image viewer >> and is therefore preferred. >> >> display is still available as a fallback when xdg-open >> isn't available. >> >> Signed-off-by: Nicolas Fella >> --- >> g10/photoid.c | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/g10/photoid.c b/g10/photoid.c >> index e6f0a41a6..1ba8190b9 100644 >> --- a/g10/photoid.c >> +++ b/g10/photoid.c >> @@ -284,11 +284,11 @@ get_default_photo_command(void) >> #else >> if (!path_access ("xloadimage", X_OK)) >> return "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"; >> - else if (!path_access ("display",X_OK)) >> - return "display -title 'KeyID 0x%k' %i"; >> else if (getuid () && !path_access ("xdg-open", X_OK)) >> /* xdg-open spawns the actual program and exits so we need to keep the >> temp file */ return "xdg-open %I"; >> + else if (!path_access ("display",X_OK)) >> + return "display -title 'KeyID 0x%k' %i"; >> else >> return "/bin/true"; >> #endif >> -- >> 2.30.1 >> >> >> _______________________________________________ >> Gnupg-devel mailing list >> Gnupg-devel at gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-devel From aheinecke at gnupg.org Mon Mar 1 11:30:53 2021 From: aheinecke at gnupg.org (Andre Heinecke) Date: Mon, 01 Mar 2021 11:30:53 +0100 Subject: WKS support on Thunderbird In-Reply-To: References: Message-ID: <3862458.LHYG0RYXS0@hopper> Hi, On Monday 1 March 2021 03:11:31 CET Dashamir Hoxha via Gnupg-devel wrote: > However it does not have WKS support. I updated my system and I was > baffled to see that with the latest Thunderbird it is not possible to > send a key to a WKS. Yeah, let us hope that they readd it again. > I tried KMail, but I couldn't find how to do it with KMail either. If > I have missed it, please point me to the docs that describe how to do > it. I think KMail triggers it when you set up an account with the accountwizard but I don't think it handles updating an already published key in WKS. > So, I had to revert back to the previous version of Thunderbird, so > that at least I can continue testing. However, if no client supports > WKS this is a problem, because it makes useless installing a WKS > server. I am hoping to have an action for that in Kleopatra that would open just the default Mail client with a WKS Mail when you trigger the action in Kleopatra. Our Outlook plugin GpgOL also handles WKS, if you send an encrypted mail with a WKS enabled account and it does not find your key in WKS it will ask you to publish it. But as mentioned the Kleopatra feature would be helpful for that. Best Regards, Andre -- GnuPG.com - a brand of g10 Code, the GnuPG experts. g10 Code GmbH, Erkrath/Germany, AG Wuppertal HRB14459 GF Werner Koch, USt-Id DE215605608, www.g10code.com. GnuPG e.V., Rochusstr. 44, D-40479 D?sseldorf. VR 11482 D?sseldorf Vorstand: W.Koch, B.Reiter, A.Heinecke Mail: board at gnupg.org Finanzamt D-Altstadt, St-Nr: 103/5923/1779. Tel: +49-211-28010702 From bernhard at intevation.de Tue Mar 2 15:49:51 2021 From: bernhard at intevation.de (Bernhard Reiter) Date: Tue, 02 Mar 2021 15:49:51 +0100 Subject: How to open images by default (Prefer opening images with xdg-open over display) In-Reply-To: <87o8g38e17.fsf@wheatstone.g10code.de> References: <20210228133411.127214-1-nicolas.fella@gmx.de> <20210228133411.127214-2-nicolas.fella@gmx.de> <87o8g38e17.fsf@wheatstone.g10code.de> Message-ID: <1993752.KlZ2vcFHjT@kymo.gruen> Am Montag, 1. M?rz 2021, 09:38:12 CET schrieb Werner Koch via Gnupg-devel: > This would be a regression. display and xloadimage both allow to pass > the title. This seems not to be possible with xdg-open. Would it make sense to file a wish for an additional optional parameter for xdg-open to https://gitlab.freedesktop.org/xdg/xdg-utils ? Bernhard -- www.intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: This is a digitally signed message part. URL: From kloecker at kde.org Tue Mar 2 20:26:50 2021 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Tue, 02 Mar 2021 20:26:50 +0100 Subject: How to open images by default (Prefer opening images with xdg-open over display) In-Reply-To: <1993752.KlZ2vcFHjT@kymo.gruen> References: <20210228133411.127214-1-nicolas.fella@gmx.de> <87o8g38e17.fsf@wheatstone.g10code.de> <1993752.KlZ2vcFHjT@kymo.gruen> Message-ID: <9465284.q3ZVgtyKPV@breq> On Dienstag, 2. M?rz 2021 15:49:51 CET Bernhard Reiter wrote: > Am Montag, 1. M?rz 2021, 09:38:12 CET schrieb Werner Koch via Gnupg-devel: > > This would be a regression. display and xloadimage both allow to pass > > the title. This seems not to be possible with xdg-open. > > Would it make sense to file a wish for an additional optional parameter > for xdg-open to > https://gitlab.freedesktop.org/xdg/xdg-utils > ? Probably not. I guess that most of the default image viewers by KDE, Gnome, etc., don't support a command line argument to set the window title because those viewers are full-fledged applications and not simple tools like display or xloadimage which simply show an image in an X window without any menu, buttons, etc. Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Sun Mar 7 10:20:30 2021 From: wk at gnupg.org (Werner Koch) Date: Sun, 07 Mar 2021 10:20:30 +0100 Subject: Sending envvars via ssh agent protocol In-Reply-To: <6000d1719ce693e515ef13a31dbee7532e8a357e.camel@16bits.net> (=?utf-8?Q?=22=C3=81ngel=22's?= message of "Fri, 29 Jan 2021 00:06:47 +0100") References: <87lfcdxye6.fsf@wheatstone.g10code.de> <6000d1719ce693e515ef13a31dbee7532e8a357e.camel@16bits.net> Message-ID: <8735x75nhd.fsf@wheatstone.g10code.de> On Fri, 29 Jan 2021 00:06, ?ngel said: > This seems backwards. I would expect command line to have hidher > priority than ssh_config, not ~/.ssh/config to be able to disable an I also wondered about this but it is clearly stated at the top of ssh_config(5) > Also, I would suggest using none instead of -, as that's what other ssh > options use. (This might cause issues if you wanted to pass an > environment variable named "none", but the same problem already exists > for "auto") I agree, lowercase envvars and in particular "none" and "auto" should be rearly be exportable. >> + error("%s line %d: Invalid environment name.", > Maybe nitpicking, but on this error (appears twice) I would say > "Invalid name of environment variable". The environment would be the Its longer but fir sure more correct. >> if (*arg == '-') { > >> if (*arg == '#') { > > You are comparing against the first character of the argument. > Per your description I would expect that you compared that the whole > was that, not just that it began with # or - You need to look at the previous condition: if ((*arg == '-' || *arg == '#') && arg[1]) { ERROR-RETURN > And particularly, I can easily see how one might want to prefix an > environment variable with a minus to *substract* it from the set of > accepted vars. You like in SendEnv. I decded against doing this because the number of envvars to send here should be pretty limited and does not need for more complex code. > + if (options->num_agent_env >= INT_MAX) { > > It is a bit strange to compare >= INT_MAX, since num_agent_env is an Copied from SendEnv > Bad indentation. send_env, num_setenv and setenv are indented with a > tab, no_more_agent_env with 8 spaces, num_agent_env with 3 spaces and > agent_env with a tab. I guess I did not read the hacking guide completely. Frankly I didn't expect that any software these days still uses tabs to compress the source. I consider invisible characters a no-go unless POSIX says to use them (Makefile ungliness). Thanks for the patch in your other mail. > The fixme comments of ssh-add.c and ssh-keygen.c also use 8 spaces > instead of a tab (but these should probably end up implemented). (See above.) Any other technical opinions? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From kloecker at kde.org Sun Mar 7 21:39:07 2021 From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=) Date: Sun, 07 Mar 2021 21:39:07 +0100 Subject: Sending envvars via ssh agent protocol In-Reply-To: <8735x75nhd.fsf@wheatstone.g10code.de> References: <87lfcdxye6.fsf@wheatstone.g10code.de> <6000d1719ce693e515ef13a31dbee7532e8a357e.camel@16bits.net> <8735x75nhd.fsf@wheatstone.g10code.de> Message-ID: <2734135.DYmLPa7cZt@breq> On Sonntag, 7. M?rz 2021 10:20:30 CET Werner Koch via Gnupg-devel wrote: > On Fri, 29 Jan 2021 00:06, ?ngel said: > > This seems backwards. I would expect command line to have hidher > > priority than ssh_config, not ~/.ssh/config to be able to disable an > > I also wondered about this but it is clearly stated at the top of > ssh_config(5) At least on my system, ssh_config(5) states that command-line options have the highest priority: ===== ssh(1) obtains configuration data from the following sources in the following order: 1. command-line options 2. user's configuration file (~/.ssh/config) 3. system-wide configuration file (/etc/ssh/ssh_config) For each parameter, the first obtained value will be used. ===== Regards, Ingo -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: This is a digitally signed message part. URL: From James.Bottomley at HansenPartnership.com Mon Mar 8 01:43:20 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Sun, 07 Mar 2021 16:43:20 -0800 Subject: gpg-2.3 rsa decryption has wrong size ciphertext Message-ID: I finally got around to implementing unit tests for the TPM code and I'm seeing periodic failures in the test that checks rsa encryption/decryption. What I'm seeing is that, occasionally (about once every 10 or so times), for an rsa2048 key (the only size most TPMs do) a ciphertext of length 257 is provided as input to pkdecrypt. This causes an immediate failure because the TPM is pre-programmed to accept only encrypted messages of size 256 for rsa2048 keys. When I look at the contents of the wrong length messages, they have a leading zero byte and simply stripping this off to reduce the length to 256 bytes causes the decryption to succeed. Is this expected behaviour from gcrypt? I can simply code the TPM routines to cope with the misbehaving length, but it looks like a symptom of a truncation problem elsewhere in the code. James From wk at gnupg.org Mon Mar 8 08:48:45 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 08 Mar 2021 08:48:45 +0100 Subject: gpg-2.3 rsa decryption has wrong size ciphertext In-Reply-To: (James Bottomley via Gnupg-devel's message of "Sun, 07 Mar 2021 16:43:20 -0800") References: Message-ID: <87wnui3x2a.fsf@wheatstone.g10code.de> On Sun, 7 Mar 2021 16:43, James Bottomley said: > When I look at the contents of the wrong length messages, they have a > leading zero byte and simply stripping this off to reduce the length to Yes, that is due to the way we hanlde bit integers (MPIs). To make sure they are considered positive, we need to prefix them with a zero. Gniibe proposed a new data format for OpenPGP names SOS which is a simple octet string with a 2 byte big endian prefix given the _bit_ count. The reason for the bit count is that this aligns nicely with the MPIs as defined by OpenPGP with the exception that any leading _zero_ bits are also counted. This octet string may and partly is already used by GnuPG using Libgcrypt's Opaque MPIs. We don't want to touch existsing code, thus standard Libgcrypt MPIs are still in use for RSA. > Is this expected behaviour from gcrypt? I can simply code the TPM > routines to cope with the misbehaving length, but it looks like a > symptom of a truncation problem elsewhere in the code. Yes, you should strip exceeding zeroes. We habe to do this in scdameon also. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Mon Mar 8 08:52:47 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 08 Mar 2021 08:52:47 +0100 Subject: Sending envvars via ssh agent protocol In-Reply-To: <2734135.DYmLPa7cZt@breq> ("Ingo \=\?utf-8\?Q\?Kl\=C3\=B6cker\=22's\?\= message of "Sun, 07 Mar 2021 21:39:07 +0100") References: <87lfcdxye6.fsf@wheatstone.g10code.de> <6000d1719ce693e515ef13a31dbee7532e8a357e.camel@16bits.net> <8735x75nhd.fsf@wheatstone.g10code.de> <2734135.DYmLPa7cZt@breq> Message-ID: <87pn0a3wvk.fsf@wheatstone.g10code.de> On Sun, 7 Mar 2021 21:39, Ingo Kl?cker said: > At least on my system, ssh_config(5) states that command-line options > have the highest priority: You are right. Sorry for the confusion. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From James.Bottomley at HansenPartnership.com Tue Mar 9 02:53:40 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Mon, 08 Mar 2021 17:53:40 -0800 Subject: gpg-2.3 rsa decryption has wrong size ciphertext In-Reply-To: <87wnui3x2a.fsf@wheatstone.g10code.de> References: <87wnui3x2a.fsf@wheatstone.g10code.de> Message-ID: On Mon, 2021-03-08 at 08:48 +0100, Werner Koch wrote: > On Sun, 7 Mar 2021 16:43, James Bottomley said: > > > When I look at the contents of the wrong length messages, they have > > a leading zero byte and simply stripping this off to reduce the > > length to > > Yes, that is due to the way we hanlde bit integers (MPIs). To make > sure they are considered positive, we need to prefix them with a > zero. OK, that's the way ASN.1 handles it too, just checking it was intentional. > Gniibe proposed a new data format for OpenPGP names SOS which is a > simple octet string with a 2 byte big endian prefix given the _bit_ > count. The reason for the bit count is that this aligns nicely with > the MPIs as defined by OpenPGP with the exception that any leading > _zero_ bits are also counted. > > This octet string may and partly is already used by GnuPG using > Libgcrypt's Opaque MPIs. We don't want to touch existsing code, thus > standard Libgcrypt MPIs are still in use for RSA. > > > Is this expected behaviour from gcrypt? I can simply code the TPM > > routines to cope with the misbehaving length, but it looks like a > > symptom of a truncation problem elsewhere in the code. > > Yes, you should strip exceeding zeroes. We habe to do this in > scdameon also. OK, I added this to the tpm2 code. Thanks, James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From James.Bottomley at HansenPartnership.com Tue Mar 9 22:50:27 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Tue, 9 Mar 2021 13:50:27 -0800 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 Message-ID: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> This is a set of patches adding TPM support to gnupg-2.3 The architecture of the patches is that they build if the TSS libraries are present, but all of the TPM specific code and libraries is sequestered in tpm2daemon. If this daemon isn't present, gpg will just run normally except it won't understand TPM keys and the 'keytotpm' command won't work. The reason for this design is so that distributions can package tpm2daemon separately for gnupg with TPM support. These patches also add a testing infrastructure which uses a software TPM to run the tpm2daemon through its usual operations. Changes from v2 are * add a check for a leading 0 in the rsa signature * refactor the tpm2 support to make for easy TSS porting. Initial code is for the IBM TSS * add tests * add experimental support for the Intel TSS. This is the last patch and can be dropped without affecting any functionality. For those who want to try it out, I've created a git tree with these patches in at https://git.kernel.org/pub/scm/linux/kernel/git/jejb/gnupg.git The master-tpm-daemon branch is current 2.3 with the TPM patches James --- James Bottomley (5): tpm2d: Add tpm2daemon code agent: Add new shadow key type and functions to call tpm2daemon g10: add new command keytotpm to convert a private key to TPM format tpm2d: add tests for the tpm2daemon Add Support for the Intel TSS Makefile.am | 7 +- agent/Makefile.am | 5 + agent/agent.h | 50 ++ agent/call-daemon.c | 3 +- agent/call-tpm2d.c | 248 ++++++ agent/command.c | 57 ++ agent/divert-tpm2.c | 144 +++ agent/gpg-agent.c | 4 + agent/keyformat.txt | 12 +- agent/pkdecrypt.c | 8 +- agent/pksign.c | 16 +- am/cmacros.am | 3 + common/homedir.c | 7 + common/mapstrings.c | 1 + common/util.h | 1 + configure.ac | 76 ++ g10/call-agent.c | 22 + g10/call-agent.h | 3 + g10/keyedit.c | 45 +- tests/Makefile.am | 3 + tests/tpm2dtests/Makefile.am | 79 ++ tests/tpm2dtests/all-tests.scm | 81 ++ tests/tpm2dtests/defs.scm | 473 ++++++++++ tests/tpm2dtests/ecc.scm | 23 + tests/tpm2dtests/longpassphrase.scm | 36 + tests/tpm2dtests/rsa.scm | 13 + tests/tpm2dtests/run-tests.scm | 43 + tests/tpm2dtests/setup.scm | 48 + tests/tpm2dtests/shell.scm | 51 ++ tests/tpm2dtests/unimportable.scm | 28 + tools/gpgconf-comp.c | 62 +- tools/gpgconf.h | 3 + tpm2d/Makefile.am | 18 + tpm2d/command.c | 508 +++++++++++ tpm2d/ibm-tss.h | 378 ++++++++ tpm2d/intel-tss.h | 667 ++++++++++++++ tpm2d/tpm2.c | 985 ++++++++++++++++++++ tpm2d/tpm2.h | 38 + tpm2d/tpm2daemon.c | 1289 +++++++++++++++++++++++++++ tpm2d/tpm2daemon.h | 104 +++ 40 files changed, 5629 insertions(+), 13 deletions(-) create mode 100644 agent/call-tpm2d.c create mode 100644 agent/divert-tpm2.c create mode 100644 tests/tpm2dtests/Makefile.am create mode 100644 tests/tpm2dtests/all-tests.scm create mode 100644 tests/tpm2dtests/defs.scm create mode 100644 tests/tpm2dtests/ecc.scm create mode 100644 tests/tpm2dtests/longpassphrase.scm create mode 100644 tests/tpm2dtests/rsa.scm create mode 100644 tests/tpm2dtests/run-tests.scm create mode 100644 tests/tpm2dtests/setup.scm create mode 100644 tests/tpm2dtests/shell.scm create mode 100644 tests/tpm2dtests/unimportable.scm create mode 100644 tpm2d/Makefile.am create mode 100644 tpm2d/command.c create mode 100644 tpm2d/ibm-tss.h create mode 100644 tpm2d/intel-tss.h create mode 100644 tpm2d/tpm2.c create mode 100644 tpm2d/tpm2.h create mode 100644 tpm2d/tpm2daemon.c create mode 100644 tpm2d/tpm2daemon.h -- 2.26.2 From James.Bottomley at HansenPartnership.com Tue Mar 9 22:50:29 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Tue, 9 Mar 2021 13:50:29 -0800 Subject: [PATCH v3 2/5] agent: Add new shadow key type and functions to call tpm2daemon In-Reply-To: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> Message-ID: <20210309215032.14530-3-James.Bottomley@HansenPartnership.com> A new shadow key type: "tpm2-v1" is introduced signalling that the shadowed key is handled by the tpm2daemon. A function to identify this type is introduced and diversions to the tpm2daemon functions are conditioned on this function for pkign and pkdecrypt where the same diversions to scd are currently done. The (info) field of the shadowed key stores the actual TPM key. The TPM key is encrypted so only the physical TPM it was created on can read it (so no special protection is required for the info filed), but if the (info) field becomes corrupt or damaged, the key will be lost (unlike the token case, where the key is actually moved inside the token). Note, this commit adds handling for existing TPM format shadow keys, but there is still no way to create them. Signed-off-by: James Bottomley --- agent/Makefile.am | 5 + agent/agent.h | 50 +++++++++ agent/call-daemon.c | 3 +- agent/call-tpm2d.c | 248 ++++++++++++++++++++++++++++++++++++++++++++ agent/command.c | 5 + agent/divert-tpm2.c | 144 +++++++++++++++++++++++++ agent/gpg-agent.c | 4 + agent/keyformat.txt | 12 ++- agent/pkdecrypt.c | 8 +- agent/pksign.c | 16 ++- 10 files changed, 485 insertions(+), 10 deletions(-) create mode 100644 agent/call-tpm2d.c create mode 100644 agent/divert-tpm2.c diff --git a/agent/Makefile.am b/agent/Makefile.am index 2688ba967..036cdc357 100644 --- a/agent/Makefile.am +++ b/agent/Makefile.am @@ -57,6 +57,11 @@ gpg_agent_SOURCES = \ call-daemon.c \ learncard.c +if HAVE_LIBTSS +gpg_agent_SOURCES += divert-tpm2.c \ + call-tpm2d.c +endif + common_libs = $(libcommon) commonpth_libs = $(libcommonpth) if HAVE_W32CE_SYSTEM diff --git a/agent/agent.h b/agent/agent.h index 4d29ce9c9..fcd74abaf 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -59,6 +59,7 @@ enum daemon_type { DAEMON_SCD, + DAEMON_TPM2D, DAEMON_MAX_TYPE }; @@ -459,6 +460,7 @@ gpg_error_t agent_public_key_from_file (ctrl_t ctrl, const unsigned char *grip, gcry_sexp_t *result); int agent_pk_get_algo (gcry_sexp_t s_key); +int agent_is_tpm2_key(gcry_sexp_t s_key); int agent_key_available (const unsigned char *grip); gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip, int *r_keytype, @@ -577,6 +579,44 @@ gpg_error_t agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag); void agent_reload_trustlist (void); +/*-- divert-tpm2.c --*/ +#ifdef HAVE_LIBTSS +int divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text, + const unsigned char *digest, size_t digestlen, int algo, + const unsigned char *shadow_info, unsigned char **r_sig, + size_t *r_siglen); +int divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text, + const unsigned char *cipher, + const unsigned char *shadow_info, + char **r_buf, size_t *r_len, int *r_padding); +int divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip, + gcry_sexp_t s_skey); +#else +static inline int divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text, + const unsigned char *digest, + size_t digestlen, int algo, + const unsigned char *shadow_info, + unsigned char **r_sig, + size_t *r_siglen) +{ + return -EINVAL; +} +static inline int divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text, + const unsigned char *cipher, + const unsigned char *shadow_info, + char **r_buf, size_t *r_len, + int *r_padding) +{ + return -EINVAL; +} +static inline int divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip, + gcry_sexp_t s_skey) +{ + return -EINVAL; +} +#endif + + /*-- divert-scd.c --*/ int divert_pksign (ctrl_t ctrl, const char *desc_text, @@ -606,6 +646,16 @@ void agent_daemon_check_aliveness (void); void agent_reset_daemon (ctrl_t ctrl); void agent_kill_daemon (enum daemon_type type); +/*-- call-tpm2d.c --*/ +int agent_tpm2d_writekey (ctrl_t ctrl, unsigned char **shadow_info, + gcry_sexp_t s_skey); +int agent_tpm2d_pksign (ctrl_t ctrl, const unsigned char *digest, + size_t digestlen, const unsigned char *shadow_info, + unsigned char **r_sig, size_t *r_siglen); +int agent_tpm2d_pkdecrypt (ctrl_t ctrl, const unsigned char *cipher, + size_t cipherlen, const unsigned char *shadow_info, + char **r_buf, size_t *r_len); + /*-- call-scd.c --*/ int agent_card_learn (ctrl_t ctrl, void (*kpinfo_cb)(void*, const char *), diff --git a/agent/call-daemon.c b/agent/call-daemon.c index 5147f1557..f0df67f1d 100644 --- a/agent/call-daemon.c +++ b/agent/call-daemon.c @@ -45,7 +45,8 @@ * same order as given by the daemon_type enum. */ static const int daemon_modules[DAEMON_MAX_TYPE] = { - GNUPG_MODULE_NAME_SCDAEMON + GNUPG_MODULE_NAME_SCDAEMON, + GNUPG_MODULE_NAME_TPM2DAEMON, }; /* Definition of module local data of the CTRL structure. */ diff --git a/agent/call-tpm2d.c b/agent/call-tpm2d.c new file mode 100644 index 000000000..6fae5d85a --- /dev/null +++ b/agent/call-tpm2d.c @@ -0,0 +1,248 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +#include "agent.h" +#include +#include "../common/strlist.h" +#include "../common/sexp-parse.h" +#include "../common/i18n.h" + +static int +start_tpm2d (ctrl_t ctrl) +{ + return daemon_start (DAEMON_TPM2D, ctrl); +} + +static int +unlock_tpm2d (ctrl_t ctrl, gpg_error_t err) +{ + return daemon_unlock (DAEMON_TPM2D, ctrl, err); +} + +static assuan_context_t +daemon_ctx (ctrl_t ctrl) +{ + return daemon_type_ctx (DAEMON_TPM2D, ctrl); +} + +struct inq_parm_s { + assuan_context_t ctx; + gpg_error_t (*getpin_cb)(ctrl_t, const char *, char **); + ctrl_t ctrl; + /* The next fields are used by inq_keydata. */ + const unsigned char *keydata; + size_t keydatalen; + /* following only used by inq_extra */ + const unsigned char *extra; + size_t extralen; + char *pin; +}; + +static gpg_error_t +inq_needpin (void *opaque, const char *line) +{ + struct inq_parm_s *parm = opaque; + char *pin = NULL; + gpg_error_t rc; + const char *s; + + if ((s = has_leading_keyword (line, "NEEDPIN"))) + { + rc = parm->getpin_cb (parm->ctrl, s, &pin); + if (!rc) + rc = assuan_send_data (parm->ctx, pin, strlen(pin)); + parm->pin = pin; + } + else + { + log_error ("unsupported inquiry '%s'\n", line); + rc = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE); + } + + return rc; +} + +static gpg_error_t +inq_keydata (void *opaque, const char *line) +{ + struct inq_parm_s *parm = opaque; + + if (has_leading_keyword (line, "KEYDATA")) + return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen); + else + return inq_needpin (opaque, line); +} + +static gpg_error_t +inq_extra (void *opaque, const char *line) +{ + struct inq_parm_s *parm = opaque; + + if (has_leading_keyword (line, "EXTRA")) + return assuan_send_data (parm->ctx, parm->extra, parm->extralen); + else + return inq_keydata (opaque, line); +} + +int +agent_tpm2d_writekey (ctrl_t ctrl, unsigned char **shadow_info, + gcry_sexp_t s_skey) +{ + int rc; + char line[ASSUAN_LINELENGTH]; + size_t n; + unsigned char *kbuf; + membuf_t data; + struct inq_parm_s inqparm; + size_t len; + + rc = start_tpm2d (ctrl); + if (rc) + return rc; + + /* note: returned data is TPM protected so no need for a sensitive context */ + init_membuf(&data, 4096); + + inqparm.ctx = daemon_ctx (ctrl); + inqparm.getpin_cb = agent_ask_new_passphrase; + inqparm.ctrl = ctrl; + inqparm.pin = NULL; + + n = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, NULL, 0); + kbuf = xtrymalloc (n); + gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_CANON, kbuf, n); + inqparm.keydata = kbuf; + inqparm.keydatalen = n; + snprintf(line, sizeof(line), "IMPORT"); + + rc = assuan_transact (daemon_ctx (ctrl), line, + put_membuf_cb, &data, + inq_keydata, &inqparm, + NULL, NULL); + xfree (kbuf); + xfree (inqparm.pin); + if (rc) + { + xfree (get_membuf (&data, &len)); + return unlock_tpm2d (ctrl, rc); + } + + *shadow_info = get_membuf (&data, &len); + + return unlock_tpm2d (ctrl, 0); +} + +static gpg_error_t +pin_cb (ctrl_t ctrl, const char *prompt, char **passphrase) +{ + *passphrase = agent_get_cache (ctrl, ctrl->keygrip, CACHE_MODE_USER); + if (*passphrase) + return 0; + return agent_get_passphrase(ctrl, passphrase, + _("Please enter your passphrase, so that the " + "secret key can be unlocked for this session"), + prompt, NULL, 0, + ctrl->keygrip, CACHE_MODE_USER, NULL); +} + +int +agent_tpm2d_pksign (ctrl_t ctrl, const unsigned char *digest, + size_t digestlen, const unsigned char *shadow_info, + unsigned char **r_sig, size_t *r_siglen) +{ + int rc; + char line[ASSUAN_LINELENGTH]; + membuf_t data; + struct inq_parm_s inqparm; + + rc = start_tpm2d (ctrl); + if (rc) + return rc; + + init_membuf (&data, 1024); + + inqparm.ctx = daemon_ctx (ctrl); + inqparm.getpin_cb = pin_cb; + inqparm.ctrl = ctrl; + inqparm.keydata = shadow_info; + inqparm.keydatalen = gcry_sexp_canon_len (shadow_info, 0, NULL, NULL); + inqparm.extra = digest; + inqparm.extralen = digestlen; + inqparm.pin = NULL; + + snprintf(line, sizeof(line), "PKSIGN"); + + rc = assuan_transact (daemon_ctx (ctrl), line, + put_membuf_cb, &data, + inq_extra, &inqparm, + NULL, NULL); + if (!rc) + agent_put_cache (ctrl, ctrl->keygrip, CACHE_MODE_USER, inqparm.pin, 0); + + xfree (inqparm.pin); + + if (rc) + { + size_t len; + xfree (get_membuf (&data, &len)); + return unlock_tpm2d (ctrl, rc); + } + + *r_sig = get_membuf (&data, r_siglen); + + return unlock_tpm2d (ctrl, 0); +} + +int +agent_tpm2d_pkdecrypt (ctrl_t ctrl, const unsigned char *cipher, + size_t cipherlen, const unsigned char *shadow_info, + char **r_buf, size_t *r_len) +{ + int rc; + char line[ASSUAN_LINELENGTH]; + membuf_t data; + struct inq_parm_s inqparm; + + rc = start_tpm2d (ctrl); + if (rc) + return rc; + + init_membuf (&data, 1024); + + inqparm.ctx = daemon_ctx (ctrl); + inqparm.getpin_cb = pin_cb; + inqparm.ctrl = ctrl; + inqparm.keydata = shadow_info; + inqparm.keydatalen = gcry_sexp_canon_len (shadow_info, 0, NULL, NULL); + inqparm.extra = cipher; + inqparm.extralen = cipherlen; + inqparm.pin = NULL; + + snprintf(line, sizeof(line), "PKDECRYPT"); + + rc = assuan_transact (daemon_ctx (ctrl), line, + put_membuf_cb, &data, + inq_extra, &inqparm, + NULL, NULL); + if (!rc) + agent_put_cache (ctrl, ctrl->keygrip, CACHE_MODE_USER, inqparm.pin, 0); + + xfree (inqparm.pin); + + if (rc) + { + size_t len; + xfree (get_membuf (&data, &len)); + return unlock_tpm2d (ctrl, rc); + } + + *r_buf = get_membuf (&data, r_len); + + return unlock_tpm2d (ctrl, 0); +} diff --git a/agent/command.c b/agent/command.c index 8384560cd..87446a233 100644 --- a/agent/command.c +++ b/agent/command.c @@ -1314,6 +1314,11 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx, if (err) goto leave; } + else if (strcmp (shadow_info_type, "tpm2-v1") == 0) + { + serialno = xstrdup("TPM-Protected"); + idstr = NULL; + } else { log_error ("unrecognised shadow key type %s\n", shadow_info_type); diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c new file mode 100644 index 000000000..c37cea2e0 --- /dev/null +++ b/agent/divert-tpm2.c @@ -0,0 +1,144 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "agent.h" +#include "../common/i18n.h" +#include "../common/sexp-parse.h" + +int +divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text, + const unsigned char *digest, size_t digestlen, int algo, + const unsigned char *shadow_info, unsigned char **r_sig, + size_t *r_siglen) +{ + return agent_tpm2d_pksign(ctrl, digest, digestlen, + shadow_info, r_sig, r_siglen); +} + + +static gpg_error_t +agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip, + unsigned char *shadow_info) +{ + gpg_error_t err; + unsigned char *shdkey; + unsigned char *pkbuf; + size_t len; + gcry_sexp_t s_pkey; + + err = agent_public_key_from_file (ctrl, grip, &s_pkey); + len = gcry_sexp_sprint(s_pkey, GCRYSEXP_FMT_CANON, NULL, 0); + pkbuf = xtrymalloc (len); + gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, pkbuf, len); + gcry_sexp_release (s_pkey); + + err = agent_shadow_key_type (pkbuf, shadow_info, "tpm2-v1", &shdkey); + xfree (pkbuf); + if (err) + { + log_error ("shadowing the key failed: %s\n", gpg_strerror (err)); + return err; + } + + len = gcry_sexp_canon_len (shdkey, 0, NULL, NULL); + err = agent_write_private_key (grip, shdkey, len, 1 /*force*/, NULL, NULL, NULL); + xfree (shdkey); + if (err) + log_error ("error writing key: %s\n", gpg_strerror (err)); + + return err; +} + +int +divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip, + gcry_sexp_t s_skey) +{ + int ret; + /* shadow_info is always shielded so no special handling required */ + unsigned char *shadow_info; + + ret = agent_tpm2d_writekey(ctrl, &shadow_info, s_skey); + if (!ret) { + ret = agent_write_tpm2_shadow_key (ctrl, grip, shadow_info); + xfree (shadow_info); + } + return ret; +} + +int +divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text, + const unsigned char *cipher, + const unsigned char *shadow_info, + char **r_buf, size_t *r_len, int *r_padding) +{ + const unsigned char *s; + size_t n; + + *r_padding = -1; + + (void)desc_text; + + s = cipher; + if (*s != '(') + return gpg_error (GPG_ERR_INV_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (!smatch (&s, n, "enc-val")) + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + if (*s != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (smatch (&s, n, "rsa")) + { + *r_padding = 0; + if (*s != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (!smatch (&s, n, "a")) + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + } + else if (smatch (&s, n, "ecdh")) + { + if (*s != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (smatch (&s, n, "s")) + { + n = snext (&s); + s += n; + if (*s++ != ')') + return gpg_error (GPG_ERR_INV_SEXP); + if (*s++ != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + } + if (!smatch (&s, n, "e")) + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + } + else + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); + + return agent_tpm2d_pkdecrypt (ctrl, s, n, shadow_info, r_buf, r_len); +} diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index b3a0c230c..5fdb94f17 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -102,6 +102,7 @@ enum cmd_and_opt_values oLCmessages, oXauthority, oScdaemonProgram, + oTpm2daemonProgram, oDefCacheTTL, oDefCacheTTLSSH, oMaxCacheTTL, @@ -199,6 +200,8 @@ static gpgrt_opt_t opts[] = { /* */ N_("do not use the SCdaemon") ), ARGPARSE_s_s (oScdaemonProgram, "scdaemon-program", /* */ N_("|PGM|use PGM as the SCdaemon program") ), + ARGPARSE_s_s (oTpm2daemonProgram, "tpm2daemon-program", + /* */ N_("|PGM|use PGM as the tpm2daemon program") ), ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"), ARGPARSE_s_s (oExtraSocket, "extra-socket", @@ -905,6 +908,7 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread) opt.pinentry_invisible_char = xtrystrdup (pargs->r.ret_str); break; break; case oPinentryTimeout: opt.pinentry_timeout = pargs->r.ret_ulong; break; + case oTpm2daemonProgram: opt.daemon_program[DAEMON_TPM2D] = pargs->r.ret_str; break; case oScdaemonProgram: opt.daemon_program[DAEMON_SCD] = pargs->r.ret_str; break; case oDisableScdaemon: opt.disable_daemon[DAEMON_SCD] = 1; break; case oDisableCheckOwnSocket: disable_check_own_socket = 1; break; diff --git a/agent/keyformat.txt b/agent/keyformat.txt index 88c3a2d36..3467f3bc5 100644 --- a/agent/keyformat.txt +++ b/agent/keyformat.txt @@ -312,8 +312,9 @@ to keys stored on a token: (comment whatever) ) -The currently used protocol is "t1-v1" (token info version 1). The -second list with the information has this layout: +The currently used protocols are "t1-v1" (token info version 1) and +"tpm2-v1" (TPM format key information). The second list with the +information has this layout for "t1-v1": (card_serial_number id_string_of_key fixed_pin_length) @@ -322,6 +323,13 @@ the PIN; a value of 0 indicates that this information is not available. The rationale for this field is that some pinpad equipped readers don't allow passing a variable length PIN. +This is the (info) layout for "tpm2-v1": + +(parent tpm_private_string tpm_public_string) + +Although this precise format is encapsulated inside the tpm2daemon +itself and nothing in gpg ever uses this. + More items may be added to the list. ** OpenPGP Private Key Transfer Format diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c index da370bb0a..0bd989d62 100644 --- a/agent/pkdecrypt.c +++ b/agent/pkdecrypt.c @@ -88,8 +88,12 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text, goto leave; } - err = divert_pkdecrypt (ctrl, desc_text, ctrl->keygrip, ciphertext, - shadow_info, &buf, &len, r_padding); + if (agent_is_tpm2_key (s_skey)) + err = divert_tpm2_pkdecrypt (ctrl, desc_text, ciphertext, shadow_info, + &buf, &len, r_padding); + else + err = divert_pkdecrypt (ctrl, desc_text, ctrl->keygrip, ciphertext, + shadow_info, &buf, &len, r_padding); if (err) { log_error ("smartcard decryption failed: %s\n", gpg_strerror (err)); diff --git a/agent/pksign.c b/agent/pksign.c index ca9a35292..00b31ee45 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -397,11 +397,17 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, if (desc_text) agent_modify_description (desc_text, NULL, s_pkey, &desc2); - err = divert_pksign (ctrl, desc2? desc2 : desc_text, - ctrl->keygrip, - data, datalen, - ctrl->digest.algo, - shadow_info, &buf, &len); + if (agent_is_tpm2_key (s_skey)) + err = divert_tpm2_pksign (ctrl, desc2? desc2 : desc_text, + data, datalen, + ctrl->digest.algo, + shadow_info, &buf, &len); + else + err = divert_pksign (ctrl, desc2? desc2 : desc_text, + ctrl->keygrip, + data, datalen, + ctrl->digest.algo, + shadow_info, &buf, &len); xfree (desc2); } if (err) -- 2.26.2 From James.Bottomley at HansenPartnership.com Tue Mar 9 22:50:30 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Tue, 9 Mar 2021 13:50:30 -0800 Subject: [PATCH v3 3/5] g10: add new command keytotpm to convert a private key to TPM format In-Reply-To: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> Message-ID: <20210309215032.14530-4-James.Bottomley@HansenPartnership.com> The plumbing is done in two parts: the agent is modified to understand a KEYTOTPM assuan command taking the key grip as an argument. This simply obtains the key s expression and calls the existing writeky diversion to the tpm2daemon. The daemon reponds with the TPM conversion of the key and that key is then stored in the keyfile as a shadowed-private-key with "tpm2-v1" type. To effect the conversion, all the user does from gpg --edit-key is select which private key they wish to move (or move the primary if no key is selected) and type keytotpm. The conversion to TPM form is instantaneous and once converted, the actual key cannot be recovered, meaning that if you want your gpg key to move to a new laptop you must keep an unconverted backup copy in a safe location. When you do a list command, all TPM keys show up as card-no: TPM-Protected The key is stored encrypted to the TPM2 storage seed and since each TPM has a unique seed, only the single TPM contained in your laptop can now read the key. This means you cannot simply copy the shadowed key file over to a new laptop, you must copy over the backup copy and then convert it to TPM form on the new laptop. To decomission your laptop, execute a tssclear command which regenerates the storage seed and effectively shreds all keys. Note when you have done this *every* TPM2 shadowed private key becomes unreadable by any TPM and all are effectively destroyed. Signed-off-by: James Bottomley --- agent/command.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++ g10/call-agent.c | 22 ++++++++++++++++++++ g10/call-agent.h | 3 +++ g10/keyedit.c | 45 ++++++++++++++++++++++++++++++++++++++++- 4 files changed, 121 insertions(+), 1 deletion(-) diff --git a/agent/command.c b/agent/command.c index 87446a233..095f38ba3 100644 --- a/agent/command.c +++ b/agent/command.c @@ -3113,6 +3113,57 @@ cmd_put_secret (assuan_context_t ctx, char *line) } + +static const char hlp_keytotpm[] = + "KEYTOTPM \n" + "\n"; +static gpg_error_t +cmd_keytotpm (assuan_context_t ctx, char *line) +{ + ctrl_t ctrl = assuan_get_pointer (ctx); + gpg_error_t err = 0; + unsigned char grip[20]; + gcry_sexp_t s_skey; + unsigned char *shadow_info = NULL; + + if (ctrl->restricted) + return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); + + err = parse_keygrip (ctx, line, grip); + if (err) + goto leave; + + if (agent_key_available (grip)) + { + err =gpg_error (GPG_ERR_NO_SECKEY); + goto leave; + } + + err = agent_key_from_file (ctrl, NULL, ctrl->server_local->keydesc, grip, + &shadow_info, CACHE_MODE_IGNORE, NULL, + &s_skey, NULL); + if (err) + { + xfree (shadow_info); + goto leave; + } + if (shadow_info) + { + /* Key is on a TPM or smartcard already. */ + xfree (shadow_info); + gcry_sexp_release (s_skey); + err = gpg_error (GPG_ERR_UNUSABLE_SECKEY); + goto leave; + } + + err = divert_tpm2_writekey (ctrl, grip, s_skey); + gcry_sexp_release (s_skey); + + leave: + return leave_cmd (ctx, err); +} + + static const char hlp_getval[] = "GETVAL \n" @@ -3812,6 +3863,7 @@ register_commands (assuan_context_t ctx) { "RELOADAGENT", cmd_reloadagent,hlp_reloadagent }, { "GETINFO", cmd_getinfo, hlp_getinfo }, { "KEYTOCARD", cmd_keytocard, hlp_keytocard }, + { "KEYTOTPM", cmd_keytotpm, hlp_keytotpm }, { NULL } }; int i, rc; diff --git a/g10/call-agent.c b/g10/call-agent.c index a553ef67a..fb80489b2 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1060,6 +1060,28 @@ agent_scd_apdu (const char *hexapdu, unsigned int *r_sw) return err; } +int +agent_keytotpm (ctrl_t ctrl, const char *hexgrip) +{ + int rc; + char line[ASSUAN_LINELENGTH]; + struct default_inq_parm_s parm; + + snprintf(line, DIM(line), "KEYTOTPM %s\n", hexgrip); + + rc = start_agent (ctrl, 0); + if (rc) + return rc; + parm.ctx = agent_ctx; + parm.ctrl = ctrl; + + rc = assuan_transact (agent_ctx, line, NULL, NULL, default_inq_cb, &parm, + NULL, NULL); + if (rc) + log_log (GPGRT_LOGLVL_ERROR, _("error from TPM: %s\n"), gpg_strerror (rc)); + return rc; +} + /* Used by: * card_store_subkey diff --git a/g10/call-agent.h b/g10/call-agent.h index 4a66af2aa..efea7ec4a 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -126,6 +126,9 @@ gpg_error_t agent_scd_getattr_one (const char *name, char **r_value); /* Update INFO with the attribute NAME. */ int agent_scd_getattr (const char *name, struct agent_card_info_s *info); +/* send the KEYTOTPM command */ +int agent_keytotpm (ctrl_t ctrl, const char *hexgrip); + /* Send the KEYTOCARD command. */ int agent_keytocard (const char *hexgrip, int keyno, int force, const char *serialno, const char *timestamp); diff --git a/g10/keyedit.c b/g10/keyedit.c index 596662dda..8740f5cf7 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1247,7 +1247,7 @@ enum cmdids #endif /*!NO_TRUST_MODELS*/ cmdSHOWPREF, cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST, - cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, + cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdKEYTOTPM, cmdBKUPTOCARD, cmdCLEAN, cmdMINIMIZE, cmdGRIP, cmdNOP }; @@ -1298,6 +1298,8 @@ static struct N_("add a key to a smartcard")}, { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, N_("move a key to a smartcard")}, + { "keytotpm", cmdKEYTOTPM, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, + N_("convert a key to TPM form using the local TPM")}, { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, N_("move a backup key to a smartcard")}, #endif /*ENABLE_CARD_SUPPORT */ @@ -1796,6 +1798,47 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, } break; + case cmdKEYTOTPM: + /* FIXME need to store the key and not commit until later */ + { + KBNODE node = NULL; + switch (count_selected_keys (keyblock)) + { + case 0: + if (cpr_get_answer_is_yes + ("keyedit.keytocard.use_primary", + /* TRANSLATORS: Please take care: This is about + moving the key and not about removing it. */ + _("Really move the primary key? (y/N) "))) + node = keyblock; + break; + case 1: + for (node = keyblock; node; node = node->next) + { + if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY + && node->flag & NODFLG_SELKEY) + break; + } + break; + default: + tty_printf (_("You must select exactly one key.\n")); + break; + } + if (node) + { + PKT_public_key *xxpk = node->pkt->pkt.public_key; + char *hexgrip; + + hexkeygrip_from_pk (xxpk, &hexgrip); + if (!agent_keytotpm (ctrl, hexgrip)) + { + redisplay = 1; + } + xfree (hexgrip); + } + } + break; + case cmdKEYTOCARD: { KBNODE node = NULL; -- 2.26.2 From James.Bottomley at HansenPartnership.com Tue Mar 9 22:50:31 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Tue, 9 Mar 2021 13:50:31 -0800 Subject: [PATCH v3 4/5] tpm2d: add tests for the tpm2daemon In-Reply-To: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> Message-ID: <20210309215032.14530-5-James.Bottomley@HansenPartnership.com> Add a set of tests that exercise tpm2daemon handling of keys and verify compatibility with non-tpm based keys. Running this test infrastructure requires a tpm emulator, which is tested for during configuration. If an emulator is not found, the tests won't be run since they require the presence of a TPM (although the TPM handling code will still be built). Signed-off-by: James Bottomley --- configure.ac | 13 + tests/Makefile.am | 3 + tests/tpm2dtests/Makefile.am | 79 +++++ tests/tpm2dtests/all-tests.scm | 81 +++++ tests/tpm2dtests/defs.scm | 473 ++++++++++++++++++++++++++++ tests/tpm2dtests/ecc.scm | 23 ++ tests/tpm2dtests/longpassphrase.scm | 36 +++ tests/tpm2dtests/rsa.scm | 13 + tests/tpm2dtests/run-tests.scm | 43 +++ tests/tpm2dtests/setup.scm | 48 +++ tests/tpm2dtests/shell.scm | 51 +++ tests/tpm2dtests/unimportable.scm | 28 ++ 12 files changed, 891 insertions(+) create mode 100644 tests/tpm2dtests/Makefile.am create mode 100644 tests/tpm2dtests/all-tests.scm create mode 100644 tests/tpm2dtests/defs.scm create mode 100644 tests/tpm2dtests/ecc.scm create mode 100644 tests/tpm2dtests/longpassphrase.scm create mode 100644 tests/tpm2dtests/rsa.scm create mode 100644 tests/tpm2dtests/run-tests.scm create mode 100644 tests/tpm2dtests/setup.scm create mode 100644 tests/tpm2dtests/shell.scm create mode 100644 tests/tpm2dtests/unimportable.scm diff --git a/configure.ac b/configure.ac index 841115af0..a7e891e5e 100644 --- a/configure.ac +++ b/configure.ac @@ -1609,12 +1609,17 @@ if test "$have_libtss" = yes; then LIBTSS_LIBS=$LIBS AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library]) AC_SUBST(TSS_INCLUDE) + # look for a TPM emulator for testing + AC_PATH_PROG(TPMSERVER, tpm_server,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) + AC_PATH_PROG(SWTPM, swtpm,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) + AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) fi LIBS="$_save_libs" CFLAGS="$_save_cflags" AC_SUBST(LIBTSS_LIBS) AC_SUBST(LIBTSS_CFLAGS) AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" = yes) +AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" -o -n "$SWTPM") AC_SUBST(HAVE_LIBTSS) # @@ -2091,6 +2096,7 @@ doc/Makefile tests/Makefile tests/gpgscm/Makefile tests/openpgp/Makefile +tests/tpm2dtests/Makefile tests/migrations/Makefile tests/gpgsm/Makefile tests/gpgme/Makefile @@ -2141,6 +2147,13 @@ echo " Tor support: $show_tor_support TPM support: $have_libtss " +if test "$have_libtss" != no -a -z "$TPMSERVER" -a -z "$SWTPM"; then +cat <. +# Process this file with automake to create Makefile.in + + +# Programs required before we can run these tests. +required_pgms = ../../g10/gpg$(EXEEXT) ../../agent/gpg-agent$(EXEEXT) \ + ../../tools/gpg-connect-agent$(EXEEXT) \ + ../gpgscm/gpgscm$(EXEEXT) ../openpgp/fake-pinentry$(EXEEXT) + +AM_CPPFLAGS = -I$(top_srcdir)/common +include $(top_srcdir)/am/cmacros.am + +AM_CFLAGS = + +TESTS_ENVIRONMENT = LC_ALL=C \ + EXEEXT=$(EXEEXT) \ + PATH="../gpgscm:$(PATH)" \ + abs_top_srcdir="$(abs_top_srcdir)" \ + objdir="$(abs_top_builddir)" \ + TPMSERVER="$(TPMSERVER)" \ + SWTPM="$(SWTPM)" \ + SWTPM_IOCTL="$(SWTPM_IOCTL)" \ + GPGSCM_PATH="$(abs_top_srcdir)/tests/gpgscm" + +XTESTS = \ + rsa.scm \ + ecc.scm \ + longpassphrase.scm \ + unimportable.scm + +# XXX: Currently, one cannot override automake's 'check' target. As a +# workaround, we avoid defining 'TESTS', thus automake will not emit +# the 'check' target. For extra robustness, we merely define a +# dependency on 'xcheck', so this hack should also work even if +# automake would emit the 'check' target, as adding dependencies to +# targets is okay. +check: xcheck + +.PHONY: xcheck +xcheck: tpm_server_found + $(TESTS_ENVIRONMENT) $(abs_top_builddir)/tests/gpgscm/gpgscm \ + $(abs_srcdir)/run-tests.scm $(TESTFLAGS) $(TESTS) + +tpm_server_found: + @if [ -z "$(TPMSERVER)" -a -z "$(SWTPM)" -a -z "$(FORCE)" ]; then echo "ERROR: No Software TPM has been found, cannot run TPM tests. Set FORCE=1 to force using the physical TPM"; exit 1; fi + +EXTRA_DIST = defs.scm shell.scm all-tests.scm + +CLEANFILES = gpg.conf gpg-agent.conf S.gpg-agent \ + pubring.gpg pubring.gpg~ pubring.kbx pubring.kbx~ \ + secring.gpg pubring.pkr secring.skr \ + gnupg-test.stop random_seed gpg-agent.log tofu.db \ + passphrases sshcontrol S.gpg-agent.ssh report.xml \ + msg.txt + +clean-local: + -rm -rf private-keys-v1.d openpgp-revocs.d + + +# We need to depend on a couple of programs so that the tests don't +# start before all programs are built. +all-local: $(required_pgms) diff --git a/tests/tpm2dtests/all-tests.scm b/tests/tpm2dtests/all-tests.scm new file mode 100644 index 000000000..bf7a981ca --- /dev/null +++ b/tests/tpm2dtests/all-tests.scm @@ -0,0 +1,81 @@ +;; Copyright (C) 2017 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(export all-tests + ;; Parse the Makefile.am to find all tests. + + (load (with-path "makefile.scm")) + + (define (expander filename port key) + (parse-makefile port key)) + + (define (parse filename key) + (parse-makefile-expand filename expander key)) + + (define setup + (make-environment-cache + (test::scm + #f + (path-join "tests" "openpgp" "setup.scm") + (in-srcdir "tests" "openpgp" "setup.scm")))) + + (define (qualify path variant) + (string-append "<" variant ">" path)) + + (define (setup* variant) + (make-environment-cache + (test::scm + #f + (qualify (path-join "tests" "openpgp" "setup.scm") variant) + (in-srcdir "tests" "openpgp" "setup.scm") + (string-append "--" variant)))) + + (define setup-use-keyring (setup* "use-keyring")) + (define setup-use-keyboxd (setup* "use-keyboxd")) + + (define all-tests + (parse-makefile-expand "Makefile" + (lambda (filename port key) (parse-makefile port key)) + "XTESTS")) + + (define tests + (map (lambda (name) + (test::scm setup + (qualify (path-join "tests" "tpm2dtests" name) "standard") + (in-srcdir "tests" "tpm2dtests" name))) all-tests)) + + (when *run-all-tests* + (set! tests + (append + tests + ;; The second pass uses the keyboxd + (map (lambda (name) + (test::scm setup-use-keyboxd + (qualify (path-join "tests" "tpm2dtests" name) + "keyboxd") + (in-srcdir "tests" "tpm2dtests" name) + "--use-keyboxd")) all-tests) + ;; The third pass uses the legact pubring.gpg + (map (lambda (name) + (test::scm setup-use-keyring + (qualify (path-join "tests" "tpm2dtests" name) + "keyring") + (in-srcdir "tests" "tpm2dtests" name) + "--use-keyring")) all-tests) + ))) + + tests) diff --git a/tests/tpm2dtests/defs.scm b/tests/tpm2dtests/defs.scm new file mode 100644 index 000000000..2a0910945 --- /dev/null +++ b/tests/tpm2dtests/defs.scm @@ -0,0 +1,473 @@ +;; Common definitions for the OpenPGP test scripts. +;; +;; Copyright (C) 2016, 2017 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(let ((verbose (string->number (getenv "verbose")))) + (if (number? verbose) + (*set-verbose!* verbose))) + +(define (qualify executable) + (string-append executable (getenv "EXEEXT"))) + +(define (getenv' key default) + (let ((value (getenv key))) + (if (string=? "" value) + default + value))) + +(define (percent-decode s) + (define (decode c) + (if (and (> (length c) 2) (char=? #\% (car c))) + (integer->char (string->number (string #\# #\x (cadr c) (caddr c)))) + #f)) + (let loop ((i 0) (c (string->list s)) (r (make-string (string-length s)))) + (if (null? c) + (substring r 0 i) + (let ((decoded (decode c))) + (string-set! r i (if decoded decoded (car c))) + (loop (+ 1 i) (if decoded (cdddr c) (cdr c)) r))))) +(assert (equal? (percent-decode "") "")) +(assert (equal? (percent-decode "%61") "a")) +(assert (equal? (percent-decode "foob%61r") "foobar")) + +(define (percent-encode s) + (define (encode c) + `(#\% ,@(string->list (number->string (char->integer c) 16)))) + (let loop ((acc '()) (cs (reverse (string->list s)))) + (if (null? cs) + (list->string acc) + (case (car cs) + ((#\: #\%) + (loop (append (encode (car cs)) acc) (cdr cs))) + (else + (loop (cons (car cs) acc) (cdr cs))))))) +(assert (equal? (percent-encode "") "")) +(assert (equal? (percent-encode "%61") "%2561")) +(assert (equal? (percent-encode "foob%61r") "foob%2561r")) + +(define tools + '((gpgv "GPGV" "g10/gpgv") + (gpg-connect-agent "GPG_CONNECT_AGENT" "tools/gpg-connect-agent") + (gpgconf "GPGCONF" "tools/gpgconf") + (gpg-preset-passphrase "GPG_PRESET_PASSPHRASE" + "agent/gpg-preset-passphrase") + (gpgtar "GPGTAR" "tools/gpgtar") + (gpg-zip "GPGZIP" "tools/gpg-zip") + (pinentry "PINENTRY" "tests/openpgp/fake-pinentry") + (tpm2daemon "TPM2DAEMON" "tpm2d/tpm2daemon"))) + +(define bin-prefix (getenv "BIN_PREFIX")) +(define installed? (not (string=? "" bin-prefix))) +(define with-valgrind? (not (string=? (getenv "with_valgrind") ""))) + +(define (tool-hardcoded which) + (let ((t (assoc which tools))) + (getenv' (cadr t) + (qualify (if installed? + (string-append bin-prefix "/" (basename (caddr t))) + (string-append (getenv "objdir") "/" (caddr t))))))) + +;; You can splice VALGRIND into your argument vector to run programs +;; under valgrind. For example, to run valgrind on gpg, you may want +;; to redefine gpg: +;; +;; (set! gpg `(, at valgrind , at gpg)) +;; +(define valgrind + '("/usr/bin/valgrind" -q --leak-check=no --track-origins=yes + --error-exitcode=154 --exit-on-first-error=yes)) + +(unless installed? + (setenv "GNUPG_BUILDDIR" (getenv "objdir") #t)) + +(define (gpg-conf . args) + (gpg-conf' "" args)) +(define (gpg-conf' input args) + (let ((s (call-popen `(,(tool-hardcoded 'gpgconf) + ,@(if installed? '() + (list '--build-prefix (getenv "objdir"))) + , at args) input))) + (map (lambda (line) (map percent-decode (string-split line #\:))) + (string-split-newlines s)))) +(define :gc:c:name car) +(define :gc:c:description cadr) +(define :gc:c:pgmname caddr) +(define (:gc:o:name x) (list-ref x 0)) +(define (:gc:o:flags x) (string->number (list-ref x 1))) +(define (:gc:o:level x) (string->number (list-ref x 2))) +(define (:gc:o:description x) (list-ref x 3)) +(define (:gc:o:type x) (string->number (list-ref x 4))) +(define (:gc:o:alternate-type x) (string->number (list-ref x 5))) +(define (:gc:o:argument-name x) (list-ref x 6)) +(define (:gc:o:default-value x) (list-ref x 7)) +(define (:gc:o:default-argument x) (list-ref x 8)) +(define (:gc:o:value x) (if (< (length x) 10) "" (list-ref x 9))) + +(define (gpg-config component key) + (package + (define (value) + (let* ((conf (assoc key (gpg-conf '--list-options component))) + (type (:gc:o:type conf)) + (value (:gc:o:value conf))) + (case type + ((0 2 3) (string->number value)) + ((1 32) (substring value 1 (string-length value)))))) + (define (update value) + (let ((value' (cond + ((string? value) (string-append "\"" value)) + ((number? value) (number->string value)) + (else (throw "Unsupported value" value))))) + (gpg-conf' (string-append key ":0:" (percent-encode value')) + `(--change-options ,component)))) + (define (clear) + (gpg-conf' (string-append key ":16:") + `(--change-options ,component))))) + +(define gpg-components (apply gpg-conf '(--list-components))) + +(define (tool which) + (case which + ((gpg gpg-agent scdaemon gpgsm dirmngr) + (:gc:c:pgmname (assoc (symbol->string which) gpg-components))) + (else + (tool-hardcoded which)))) + +(define (gpg-has-option? option) + (string-contains? (call-popen `(,(tool 'gpg) --dump-options) "") + option)) + +(define have-opt-always-trust + (catch #f + (with-ephemeral-home-directory (lambda ()) (lambda ()) + (call-check `(,(tool 'gpg) --gpgconf-test --always-trust))) + #t)) + +(define GPG `(,(tool 'gpg) --no-permission-warning + ,@(if have-opt-always-trust '(--always-trust) '()))) +(define GPGV `(,(tool 'gpgv))) +(define PINENTRY (tool 'pinentry)) +(define TPM2DAEMON (tool 'tpm2daemon)) + +(define (tr:gpg input args) + (tr:spawn input `(, at GPG --output **out** , at args **in**))) + +(define (pipe:gpg args) + (pipe:spawn `(, at GPG --output - , at args))) + +(define (gpg-with-colons args) + (let ((s (call-popen `(, at GPG --with-colons , at args) ""))) + (map (lambda (line) (string-split line #\:)) + (string-split-newlines s)))) + +(define (secinfo name) + (assoc "sec" (gpg-with-colons `(--list-secret-key ,name)))) +(define (ssbinfo name) + (assoc "ssb" (gpg-with-colons `(--list-secret-key ,name)))) +(define (fingerprint name) + (:fpr (assoc "fpr" (gpg-with-colons `(--list-secret-key ,name))))) +;; convenient accessors for sec +(define (:cardinfo x) (list-ref x 14)) +;; Convenient accessors for the colon output of pub. +(define (:type x) (string->symbol (list-ref x 0))) +(define (:length x) (string->number (list-ref x 2))) +(define (:alg x) (string->number (list-ref x 3))) +(define (:expire x) (list-ref x 6)) +(define (:fpr x) (list-ref x 9)) +(define (:cap x) (list-ref x 11)) + +(define (have-public-key? key) + (catch #f + (pair? (filter (lambda (l) (and (equal? 'fpr (:type l)) + (equal? key::fpr (:fpr l)))) + (gpg-with-colons `(--list-keys ,key::fpr)))))) + +(define (have-secret-key? key) + (catch #f + (pair? (filter (lambda (l) (and (equal? 'fpr (:type l)) + (equal? key::fpr (:fpr l)))) + (gpg-with-colons `(--list-secret-keys ,key::fpr)))))) + +(define (have-secret-key-file? key) + (file-exists? (path-join (getenv "GNUPGHOME") "private-keys-v1.d" + (string-append key::grip ".key")))) + +(define (get-config what) + (string-split (caddar (gpg-with-colons `(--list-config ,what))) #\;)) + +(define all-pubkey-algos (delay (get-config "pubkeyname"))) +(define all-hash-algos (delay (get-config "digestname"))) +(define all-cipher-algos (delay (get-config "ciphername"))) +(define all-compression-algos (delay (get-config "compressname"))) + +(define (have-pubkey-algo? x) + (not (not (member x (force all-pubkey-algos))))) +(define (have-hash-algo? x) + (not (not (member x (force all-hash-algos))))) +(define (have-cipher-algo? x) + (not (not (member x (force all-cipher-algos))))) +(define (have-compression-algo? x) + (not (not (member x (force all-compression-algos))))) + +(define (gpg-pipe args0 args1 errfd) + (lambda (source sink) + (let* ((p (pipe)) + (task0 (spawn-process-fd `(, at GPG , at args0) + source (:write-end p) errfd)) + (_ (close (:write-end p))) + (task1 (spawn-process-fd `(, at GPG , at args1) + (:read-end p) sink errfd))) + (close (:read-end p)) + (wait-processes (list GPG GPG) (list task0 task1) #t)))) + +;; +;; Do we have a software tpm +;; +(define have-swtpm? (not (and (string=? "" (getenv "TPMSERVER")) + (string=? "" (getenv "SWTPM"))))) +(setenv "GPG_AGENT_INFO" "" #t) +(setenv "GNUPGHOME" (getcwd) #t) +(if have-swtpm? + (setenv "TPM_INTERFACE_TYPE" "socsim" #t)) +(define GNUPGHOME (getcwd)) + +;; +;; GnuPG helper. +;; + +;; Call GPG to obtain the hash sums. Either specify an input file in +;; ARGS, or an string in INPUT. Returns a list of ( +;; "") lists. +(define (gpg-hash-string args input) + (map + (lambda (line) + (let ((p (string-split line #\:))) + (list (string->number (cadr p)) (caddr p)))) + (string-split-newlines + (call-popen `(, at GPG --with-colons , at args) input)))) + +;; Dearmor a file. +(define (dearmor source-name sink-name) + (pipe:do + (pipe:open source-name (logior O_RDONLY O_BINARY)) + (pipe:spawn `(, at GPG --dearmor)) + (pipe:write-to sink-name (logior O_WRONLY O_CREAT O_BINARY) #o600))) + +(define (gpg-dump-packets source-name sink-name) + (pipe:do + (pipe:open source-name (logior O_RDONLY O_BINARY)) + (pipe:spawn `(, at GPG --list-packets)) + (pipe:write-to sink-name (logior O_WRONLY O_CREAT O_BINARY) #o600))) + +;; +;; Support for test environment creation and teardown. +;; + +(define (make-test-data filename size) + (call-with-binary-output-file + filename + (lambda (port) + (display (make-random-string size) port)))) + +(define (create-file name . lines) + (catch #f (unlink name)) + (letfd ((fd (open name (logior O_WRONLY O_CREAT O_BINARY) #o600))) + (let ((port (fdopen fd "wb"))) + (for-each (lambda (line) (display line port) (newline port)) + lines)))) + +(define (create-gpghome) + (log "Creating test environment...") + + (srandom (getpid)) + (make-test-data "random_seed" 600) + + (log "Creating configuration files") + + (if (flag "--use-keyring" *args*) + (create-file "pubring.gpg")) + + (create-file "gpg.conf" + ;;"log-file socket:///tmp/S.wklog" + ;;"verbose" + "no-greeting" + "no-secmem-warning" + "no-permission-warning" + "batch" + "no-auto-key-retrieve" + "no-auto-key-locate" + "allow-weak-digest-algos" + "ignore-mdc-error" + (if have-opt-always-trust + "no-auto-check-trustdb" "#no-auto-check-trustdb") + (string-append "agent-program " + (tool 'gpg-agent) + "|--debug-quick-random\n") + (if (flag "--use-keyboxd" *args*) + "use-keyboxd" "#use-keyboxd") + ) + (create-file "gpg-agent.conf" + "allow-preset-passphrase" + "debug-all" + "log-file gpg-agent.log" + "no-grab" + "enable-ssh-support" + "s2k-count 65536" + (string-append "pinentry-program " (tool 'pinentry)) + (string-append "tpm2daemon-program " (tool 'tpm2daemon)) + "disable-scdaemon") + (create-file "msg.txt" + "This is a test of TPM signing and encryption" + "With two lines of text")) + +;; Initialize the test environment, install appropriate configuration +;; and start the agent, without any keys. +(define (setup-environment) + (create-gpghome) + (start-agent) + (start-tpm)) + +(define (setup-environment-no-atexit) + (create-gpghome) + (start-agent #t)) + +;; Initialize the test environment, install appropriate configuration +;; and start the agent, with the keys from the legacy test suite. +(define (setup-legacy-environment) + (create-gpghome) + (if (member "--unpack-tarball" *args*) + (begin + (call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*))) + (start-agent)) + (begin + (start-agent) + (create-legacy-gpghome))) + (preset-passphrases)) + +;; start the tpm server +(define (start-tpm) + (if have-swtpm? + (begin (define pid (call-check `(,(in-srcdir "tests" "tpm2dtests" "start_sw_tpm.sh")))) + (if (not (null? pid)) + (atexit (lambda () + (call-check `("/bin/kill" ,pid)))))))) + +;; Create the socket dir and start the agent. +(define (start-agent . args) + (log "Starting gpg-agent...") + (let ((gnupghome (getenv "GNUPGHOME"))) + (if (null? args) + (atexit (lambda () + (with-home-directory gnupghome (stop-agent)))))) + (catch (log "Warning: Creating socket directory failed:" (car *error*)) + (gpg-conf '--create-socketdir)) + (call-check `(,(tool 'gpg-connect-agent) --verbose + ,(string-append "--agent-program=" (tool 'gpg-agent) + "|--debug-quick-random") + /bye))) + +;; Stop the agent and other daemons and remove the socket dir. +(define (stop-agent) + (log "Stopping gpg-agent...") + (gpg-conf '--kill 'all) + (catch (log "Warning: Removing socket directory failed.") + (gpg-conf '--remove-socketdir))) + +;; Get the trust level for KEYID. Any remaining arguments are simply +;; passed to GPG. +;; +;; This function only supports keys with a single user id. +(define (gettrust keyid . args) + (let ((trust + (list-ref (assoc "pub" (gpg-with-colons + `(, at args + --list-keys ,keyid))) 1))) + (unless (and (= 1 (string-length trust)) + (member (string-ref trust 0) (string->list "oidreqnmfuws-"))) + (fail "Bad trust value:" trust)) + trust)) + +;; Check that KEYID's trust level matches EXPECTED-TRUST. Any +;; remaining arguments are simply passed to GPG. +;; +;; This function only supports keys with a single user id. +(define (checktrust keyid expected-trust . args) + (let ((trust (apply gettrust `(,keyid , at args)))) + (unless (string=? trust expected-trust) + (fail keyid ": Expected trust to be" expected-trust + "but got" trust)))) + +(define (keytotpm name select) + (let ((result (call-with-io `(, at GPG --command-fd=0 --edit-key ,name ,select keytotpm) "y\n"))) + (if (= 0 (:retcode result)) + (:stdout result) + (throw "keytotpm failed" + (:stderr result))))) + + +(define (quick-gen name algo) + (info "creating TPM " algo " key") + (call-check `(, at GPG --quick-generate-key ,name ,algo)) + (keytotpm name "key 0") + (unless (string=? (:cardinfo (secinfo name)) "TPM-Protected") + (throw "key is not in the TPM"))) + +(define (quick-add name algo) + (info "adding TPM encryption " algo " key") + (call-check `(, at GPG --quick-add-key ,(fingerprint name) ,algo "encr")) + (keytotpm name "key 1") + (unless (string=? (:cardinfo (ssbinfo name)) "TPM-Protected") + (throw "Added key is not in the TPM"))) + +(define (check-sig name) + (info "checking TPM signing") + (call-check `(, at GPG --default-key ,name --sign msg.txt)) + (call-check `(, at GPG --verify msg.txt.gpg)) + (unlink "msg.txt.gpg")) + +(define (check-encrypt name) + (info "Checking TPM decryption") + (call-check `(, at GPG --recipient ,name --encrypt msg.txt)) + (call-check `(, at GPG --output msg.out.txt --decrypt msg.txt.gpg)) + (unless (file=? "msg.txt" "msg.out.txt") + (throw "File did not decrypt to the same message")) + (unlink "msg.out.txt") + (unlink "msg.txt.gpg")) + +;; +;; Tests are very simple: create primary key in TPM add encryption key +;; in TPM (verifies TPM primary can certify secondary), sign a message +;; with primary key and check signature encrypt a message with +;; encryption key and check signature +;; +(define (test-tpm name algo) + (quick-gen name algo) + (quick-add name algo) + (check-sig name) + (check-encrypt name)) + +;; +;; Enable checking with valgrind if the envvar "with_valgrind" is set +;; +(when with-valgrind? + (set! gpg `(, at valgrind , at gpg))) + + +;;(set! *args* (append *args* (list "--use-keyboxd"))) + + +;; end diff --git a/tests/tpm2dtests/ecc.scm b/tests/tpm2dtests/ecc.scm new file mode 100644 index 000000000..8b28cad23 --- /dev/null +++ b/tests/tpm2dtests/ecc.scm @@ -0,0 +1,23 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2021 James.Bottomley at HansenPartnership.com +;; +;; SPDX-License-Identifier: GPL-3.0-or-later +;; +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(setup-environment) +(setenv "PINENTRY_USER_DATA" "ecckey" #t) + +;; +;; try checking signature and encryption on supported elliptic +;; curve keys. Note this list must be allowable by the swtpm +;; used for the test, which is why it's so small +;; +(define key-list '("nistp256" "nistp384")) + +(for-each + (lambda (algo) + (define name algo "<" algo "@example.com>") + (test-tpm name algo)) + key-list) diff --git a/tests/tpm2dtests/longpassphrase.scm b/tests/tpm2dtests/longpassphrase.scm new file mode 100644 index 000000000..6e72dc317 --- /dev/null +++ b/tests/tpm2dtests/longpassphrase.scm @@ -0,0 +1,36 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2021 James.Bottomley at HansenPartnership.com +;; +;; SPDX-License-Identifier: GPL-3.0-or-later +;; +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(setup-environment) + +;; +;; Check that a key with a long passphrase can be created and check +;; the passphrase can be truncated and still work +;; +(define name "ecc ") +(define name1 "ecc1 ") +(define algo "nistp256") + +(setenv "PINENTRY_USER_DATA" "this is a password longer than the TPM max of the name algorithm (i.e. 32)" #t) +(quick-gen name algo) + +(setenv "PINENTRY_USER_DATA" "this is a password longer than the TPM max of the name" #t) +(check-sig name) + +;; exactly the TPM limit (sha256 hash name algorithm: 32) +(setenv "PINENTRY_USER_DATA" "12345678901234567890123456789012" #t) +(quick-gen name1 algo) + +(info "checking TPM signing failure with truncated passphrase") +;; passphrase one character shorter, should fail with bad passphrase +(setenv "PINENTRY_USER_DATA" "1234567890123456789012345678901" #t) +(let ((result (call-with-io `(, at GPG --default-key ,name1 --sign msg.txt) ""))) + (if (= 0 (:retcode result)) + (throw "Signing Key succeeded with wrong passphrase") + (unless (string-contains? (:stderr result) "Bad passphrase") + (throw "Unexpected signing error:" (:stderr result))))) diff --git a/tests/tpm2dtests/rsa.scm b/tests/tpm2dtests/rsa.scm new file mode 100644 index 000000000..aaae35276 --- /dev/null +++ b/tests/tpm2dtests/rsa.scm @@ -0,0 +1,13 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2021 James.Bottomley at HansenPartnership.com +;; +;; SPDX-License-Identifier: GPL-3.0-or-later +;; +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(setup-environment) + +(setenv "PINENTRY_USER_DATA" "rsakey" #t) + +(test-tpm "rsa " "rsa2048") diff --git a/tests/tpm2dtests/run-tests.scm b/tests/tpm2dtests/run-tests.scm new file mode 100644 index 000000000..fdf1859a8 --- /dev/null +++ b/tests/tpm2dtests/run-tests.scm @@ -0,0 +1,43 @@ +;; Test-suite runner. +;; +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(if (string=? "" (getenv "abs_top_srcdir")) + (begin + (echo "Environment variable 'abs_top_srcdir' not set. Please point it to" + "tests/tpm2dtests.") + (exit 2))) + +;; Set objdir so that the tests can locate built programs. +(setenv "objdir" (getcwd) #f) + +(define setup + (make-environment-cache (test::scm + #f + (path-join "tests" "tpm2dtests" "setup.scm") + (in-srcdir "tests" "tpm2dtests" "setup.scm")))) + +(define tests (filter (lambda (arg) (not (string-prefix? arg "--"))) *args*)) + +(run-tests (if (null? tests) + (load-tests "tests" "tpm2dtests") + (map (lambda (name) + (test::scm setup + (path-join "tests" "tpm2dtests" name) + (in-srcdir "tests" "tpm2dtests" name) + "--use-keyring")) tests))) diff --git a/tests/tpm2dtests/setup.scm b/tests/tpm2dtests/setup.scm new file mode 100644 index 000000000..df917e2e4 --- /dev/null +++ b/tests/tpm2dtests/setup.scm @@ -0,0 +1,48 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(define cache (flag "--create-tarball" *args*)) +(unless (and cache (= 1 (length cache))) + (fail "Usage: setup.scm --create-tarball [--use-keyring]")) + +(when (> (*verbose*) 0) + (define (pad symbol length) + (let loop ((cs (string->list (symbol->string symbol))) + (result (make-string length #\space)) + (i 0)) + (if (null? cs) + result + (begin + (string-set! result i (car cs)) + (loop (cdr cs) result (+ 1 i)))))) + (log " I am going to use these tools:\n" + "==============================") + (for-each + (lambda (t) + (log (pad t 25) (tool t))) + '(gpgconf gpg gpg-agent scdaemon gpgsm dirmngr gpg-connect-agent + gpg-preset-passphrase gpgtar pinentry))) + +;;(setenv "GNUPGHOME" (getcwd) #t) +(create-gpghome) +(start-agent) +(stop-agent) +(call-check `(,(tool 'gpgtar) --create --output ,(car cache) ".")) diff --git a/tests/tpm2dtests/shell.scm b/tests/tpm2dtests/shell.scm new file mode 100644 index 000000000..a0d32ec68 --- /dev/null +++ b/tests/tpm2dtests/shell.scm @@ -0,0 +1,51 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +;; This is not a test, but can be used to inspect the test +;; environment. Simply execute +;; +;; make -Ctests/tpm2dtests check TESTS=shell.scm +;; +;; to run it. + +(setup-environment) + +(if (prompt-yes-no? "Drop 'batch' from gpg.conf" #t) + (apply create-file + (cons "gpg.conf" + (filter (lambda (line) (not (equal? "batch" line))) + (string-split-newlines + (call-with-input-file "gpg.conf" read-all))))) + (begin + (echo "Note that gpg.conf includes 'batch'. If you want to use gpg") + (echo "interactively you should drop that."))) + +;; Add paths to tools to PATH. +(setenv "PATH" (pathsep-join + (append (map (lambda (t) (dirname (tool t))) + '(gpg gpg-agent scdaemon gpgsm dirmngr gpgconf tpm2daemon)) + (pathsep-split (getenv "PATH")))) + #t) + +(echo "\nEnjoy your test environment. " + "Type 'exit' to exit it, it will be cleaned up after you.\n") + +(interactive-shell) diff --git a/tests/tpm2dtests/unimportable.scm b/tests/tpm2dtests/unimportable.scm new file mode 100644 index 000000000..be84c13c6 --- /dev/null +++ b/tests/tpm2dtests/unimportable.scm @@ -0,0 +1,28 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2021 James.Bottomley at HansenPartnership.com +;; +;; SPDX-License-Identifier: GPL-3.0-or-later +;; +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(setup-environment) +(setenv "PINENTRY_USER_DATA" "this is a password" #t) + +;; +;; Tries to import a selection of keys with no TPM representation +;; and verifies it fails. There are many unimportable keys, so +;; save time by only choosing one EC and one RSA one +;; +(define key-list '("ed25519" "rsa4096")) + +(for-each + (lambda(algo) + (info "Checking failure to import" algo) + (define name algo "") + (call-check `(, at GPG --quick-generate-key ,name ,algo)) + (let ((result (call-with-io `(, at GPG --command-fd=0 --edit-key ,name "key 0" keytotpm) "y\n"))) + (if (= 0 (:retcode result)) + (throw "Importing Key succeeded") + (:stderr result)))) + key-list) -- 2.26.2 From James.Bottomley at HansenPartnership.com Tue Mar 9 22:50:32 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Tue, 9 Mar 2021 13:50:32 -0800 Subject: [PATCH v3 5/5] Add Support for the Intel TSS In-Reply-To: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> Message-ID: <20210309215032.14530-6-James.Bottomley@HansenPartnership.com> The Intel TSS is somewhat of a moving target, so this wraps support for this TSS into tpm2daemon. Unfortunately this wrapper uses some APIs that are only present in a relatively recent Intel TSS, so it looks like it will only work with version 2.4.0 or higher. Signed-off-by: James Bottomley --- configure.ac | 29 +- tpm2d/intel-tss.h | 667 ++++++++++++++++++++++++++++++++++++++++++++++ tpm2d/tpm2.h | 4 + 3 files changed, 694 insertions(+), 6 deletions(-) create mode 100644 tpm2d/intel-tss.h diff --git a/configure.ac b/configure.ac index a7e891e5e..72abbc032 100644 --- a/configure.ac +++ b/configure.ac @@ -1596,8 +1596,9 @@ AC_SUBST(W32SOCKLIBS) _save_libs="$LIBS" _save_cflags="$CFLAGS" LIBS="" -AC_SEARCH_LIBS([TSS_Create], [tss ibmtss],have_libtss=yes,) -if test "$have_libtss" = yes; then +AC_SEARCH_LIBS([TSS_Create], [tss ibmtss],have_libtss=IBM, + AC_SEARCH_LIBS([Esys_Initialize], [tss2-esys],have_libtss=Intel)) +if test "$have_libtss" = IBM; then LIBTSS_CFLAGS="-DTPM_POSIX" CFLAGS="$CFLAGS ${LIBTSS_CFLAGS}" AC_CHECK_HEADER([tss2/tss.h],[AC_DEFINE(TSS_INCLUDE,tss2, [tss2 include location])], [ @@ -1607,18 +1608,34 @@ if test "$have_libtss" = yes; then ]) ]) LIBTSS_LIBS=$LIBS - AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library]) AC_SUBST(TSS_INCLUDE) +elif test "$have_libtss" = Intel; then + ## + # Intel TSS has an API issue: Esys_TR_GetTpmHandle wasn't introduced + # until version 2.4.0. + # + # Note: the missing API is fairly serious and is also easily backportable + # so keep the check below as is intead of going by library version number. + ## + AC_CHECK_LIB(tss2-esys, Esys_TR_GetTpmHandle, [], [ + AC_MSG_WARN([Need Esys_TR_GetTpmHandle API (usually requires Intel TSS 2.4.0 or later, disabling TPM support)]) + have_libtss=no + ]) + LIBTSS_LIBS="$LIBS -ltss2-mu -ltss2-rc -ltss2-tctildr" + AC_DEFINE(HAVE_INTEL_TSS, 1, [Defined if we have the Intel TSS]) +fi +LIBS="$_save_libs" +CFLAGS="$_save_cflags" +if test "$have_libtss" != no; then + AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library]) # look for a TPM emulator for testing AC_PATH_PROG(TPMSERVER, tpm_server,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) AC_PATH_PROG(SWTPM, swtpm,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) fi -LIBS="$_save_libs" -CFLAGS="$_save_cflags" AC_SUBST(LIBTSS_LIBS) AC_SUBST(LIBTSS_CFLAGS) -AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" = yes) +AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" != no) AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" -o -n "$SWTPM") AC_SUBST(HAVE_LIBTSS) diff --git a/tpm2d/intel-tss.h b/tpm2d/intel-tss.h new file mode 100644 index 000000000..6e0d0a040 --- /dev/null +++ b/tpm2d/intel-tss.h @@ -0,0 +1,667 @@ +/* + * Copyright (C) 2021 James Bottomley + * + * Some portions of the TSS routines are + * (c) Copyright IBM Corporation 2015 - 2019 + */ +#ifndef _TPM2_INTEL_TSS_H +#define _TPM2_INTEL_TSS_H + +#include +#include +#include +#include +#include + +#define EXT_TPM_RH_OWNER TPM2_RH_OWNER +#define EXT_TPM_RH_PLATFORM TPM2_RH_PLATFORM +#define EXT_TPM_RH_ENDORSEMENT TPM2_RH_ENDORSEMENT +#define EXT_TPM_RH_NULL TPM2_RH_NULL +#define INT_TPM_RH_NULL ESYS_TR_RH_NULL + +#define TSS_CONTEXT ESYS_CONTEXT + +#define MAX_RESPONSE_SIZE TPM2_MAX_RESPONSE_SIZE +#define MAX_RSA_KEY_BYTES TPM2_MAX_RSA_KEY_BYTES +#define MAX_ECC_CURVES TPM2_MAX_ECC_CURVES +#define MAX_ECC_KEY_BYTES TPM2_MAX_ECC_KEY_BYTES +#define MAX_SYM_DATA TPM2_MAX_SYM_DATA + +#define AES_128_BLOCK_SIZE_BYTES 16 + +/* + * The TCG defines all begin TPM_ but for some unknown reason Intel + * ignored this and all its defines begin TPM2_ + */ + +#define TPM_RC_SUCCESS TPM2_RC_SUCCESS +#define TPM_RC_SYMMETRIC TPM2_RC_SYMMETRIC +#define TPM_RC_ASYMMETRIC TPM2_RC_ASYMMETRIC +#define TPM_RC_CURVE TPM2_RC_CURVE +#define TPM_RC_KEY_SIZE TPM2_RC_KEY_SIZE +#define TPM_RC_KEY TPM2_RC_KEY +#define TPM_RC_VALUE TPM2_RC_VALUE +#define TPM_RC_POLICY TPM2_RC_POLICY +#define TPM_RC_FAILURE TPM2_RC_FAILURE +#define TPM_RC_AUTH_FAIL TPM2_RC_AUTH_FAIL +#define TPM_RC_BAD_AUTH TPM2_RC_BAD_AUTH + +#define RC_VER1 TPM2_RC_VER1 +#define RC_FMT1 TPM2_RC_FMT1 + +#define TPM_EO_EQ TPM2_EO_EQ +#define TPM_EO_NEQ TPM2_EO_NEQ +#define TPM_EO_SIGNED_GT TPM2_EO_SIGNED_GT +#define TPM_EO_UNSIGNED_GT TPM2_EO_UNSIGNED_GT +#define TPM_EO_SIGNED_LT TPM2_EO_SIGNED_LT +#define TPM_EO_UNSIGNED_LT TPM2_EO_UNSIGNED_LT +#define TPM_EO_SIGNED_GE TPM2_EO_SIGNED_GE +#define TPM_EO_UNSIGNED_GE TPM2_EO_UNSIGNED_GE +#define TPM_EO_SIGNED_LE TPM2_EO_SIGNED_LE +#define TPM_EO_UNSIGNED_LE TPM2_EO_UNSIGNED_LE +#define TPM_EO_BITSET TPM2_EO_BITSET +#define TPM_EO_BITCLEAR TPM2_EO_BITCLEAR + +#define TPM_CC_PolicyPCR TPM2_CC_PolicyPCR +#define TPM_CC_PolicyAuthValue TPM2_CC_PolicyAuthValue +#define TPM_CC_PolicyCounterTimer TPM2_CC_PolicyCounterTimer + +#define TPM_ST_HASHCHECK TPM2_ST_HASHCHECK + +#define TPM_RH_OWNER ESYS_TR_RH_OWNER +#define TPM_RH_PLATFORM ESYS_TR_RH_PLATFORM +#define TPM_RH_ENDORSEMENT ESYS_TR_RH_ENDORSEMENT +#define TPM_RH_NULL ESYS_TR_NONE +#define TPM_RS_PW ESYS_TR_PASSWORD + +#define TPM_HT_PERMANENT TPM2_HT_PERMANENT +#define TPM_HT_TRANSIENT TPM2_HT_TRANSIENT +#define TPM_HT_PERSISTENT TPM2_HT_PERSISTENT + +#define TPM_HANDLE ESYS_TR +#define TPM_RC TPM2_RC +#define TPM_CC TPM2_CC + +#define TPM_ALG_ID TPM2_ALG_ID +#define TPM_SE TPM2_SE +#define TPM_SE_HMAC TPM2_SE_HMAC +#define TPM_SE_POLICY TPM2_SE_POLICY +#define TPM_CAP TPM2_CAP +#define TPM_CAP_ECC_CURVES TPM2_CAP_ECC_CURVES +#define TPM_EO TPM2_EO + +#define TPM_ECC_NONE TPM2_ECC_NONE +#define TPM_ECC_NIST_P192 TPM2_ECC_NIST_P192 +#define TPM_ECC_NIST_P224 TPM2_ECC_NIST_P224 +#define TPM_ECC_NIST_P256 TPM2_ECC_NIST_P256 +#define TPM_ECC_NIST_P384 TPM2_ECC_NIST_P384 +#define TPM_ECC_NIST_P521 TPM2_ECC_NIST_P521 +#define TPM_ECC_BN_P256 TPM2_ECC_BN_P256 +#define TPM_ECC_BN_P638 TPM2_ECC_BN_P638 +#define TPM_ECC_SM2_P256 TPM2_ECC_SM2_P256 + +#define TPM_ALG_NULL TPM2_ALG_NULL +#define TPM_ALG_SHA1 TPM2_ALG_SHA1 +#define TPM_ALG_SHA256 TPM2_ALG_SHA256 +#define TPM_ALG_SHA384 TPM2_ALG_SHA384 +#define TPM_ALG_SHA512 TPM2_ALG_SHA512 +#define TPM_ALG_AES TPM2_ALG_AES +#define TPM_ALG_CFB TPM2_ALG_CFB +#define TPM_ALG_RSA TPM2_ALG_RSA +#define TPM_ALG_RSASSA TPM2_ALG_RSASSA +#define TPM_ALG_ECC TPM2_ALG_ECC +#define TPM_ALG_KEYEDHASH TPM2_ALG_KEYEDHASH +#define TPM_ALG_RSAES TPM2_ALG_RSAES +#define TPM_ALG_OAEP TPM2_ALG_OAEP +#define TPM_ALG_ECDSA TPM2_ALG_ECDSA + +/* the odd TPMA_OBJECT_ type is wrong too */ + +#define TPMA_OBJECT_SIGN TPMA_OBJECT_SIGN_ENCRYPT + +/* Intel and IBM have slightly different names for all the 2B structures */ + +#define NAME_2B TPM2B_NAME +#define DATA_2B TPM2B_DATA +#define PRIVATE_2B TPM2B_PRIVATE +#define ENCRYPTED_SECRET_2B TPM2B_ENCRYPTED_SECRET +#define KEY_2B TPM2B_KEY +#define TPM2B_KEY TPM2B_DATA +#define DIGEST_2B TPM2B_DIGEST +#define ECC_PARAMETER_2B TPM2B_ECC_PARAMETER +#define SENSITIVE_DATA_2B TPM2B_SENSITIVE_DATA +#define PUBLIC_KEY_RSA_2B TPM2B_PUBLIC_KEY_RSA + +#define FALSE 0 +#define TRUE 1 + +typedef struct { + uint16_t size; + BYTE buffer[]; +} TPM2B; + +#define TSS_CONVERT_MARSHAL(TYPE, PTR) \ +static inline TPM_RC \ +TSS_##TYPE##_Marshal(const TYPE *source, UINT16 *written, \ + BYTE **buffer, INT32 *size) \ +{ \ + size_t offset = 0; \ + TPM_RC rc; \ + \ + rc = Tss2_MU_##TYPE##_Marshal(PTR source, *buffer, *size, &offset); \ + \ + *buffer += offset; \ + *size -= offset; \ + *written = offset; \ + \ + return rc; \ +} +#define TSS_CONVERT_UNMARSHAL(TYPE, ARG) \ +static inline TPM_RC \ +TYPE##_Unmarshal##ARG(TYPE *dest, \ + BYTE **buffer, INT32 *size) \ +{ \ + size_t offset = 0; \ + TPM_RC rc; \ + \ + memset(dest, 0, sizeof(TYPE)); \ + rc = Tss2_MU_##TYPE##_Unmarshal(*buffer, *size, &offset, dest); \ + \ + *buffer += offset; \ + *size -= offset; \ + \ + return rc; \ +} + +TSS_CONVERT_MARSHAL(TPMT_PUBLIC, ) +TSS_CONVERT_MARSHAL(UINT16, *) +TSS_CONVERT_MARSHAL(TPMT_SENSITIVE, ) +TSS_CONVERT_MARSHAL(TPM2B_ECC_POINT, ) +TSS_CONVERT_MARSHAL(TPM2B_DIGEST, ) +TSS_CONVERT_MARSHAL(TPM2B_PUBLIC, ) +TSS_CONVERT_MARSHAL(TPM2B_PRIVATE, ) + +TSS_CONVERT_UNMARSHAL(TPML_PCR_SELECTION, ) +TSS_CONVERT_UNMARSHAL(TPM2B_PRIVATE, ) +TSS_CONVERT_UNMARSHAL(TPM2B_PUBLIC, X) +TSS_CONVERT_UNMARSHAL(TPM2B_ENCRYPTED_SECRET, ) +TSS_CONVERT_UNMARSHAL(UINT16, ) +TSS_CONVERT_UNMARSHAL(UINT32, ) + +#define ARRAY_SIZE(A) (sizeof(A)/sizeof(A[0])) + +#define TPM2B_PUBLIC_Unmarshal(A, B, C, D) TPM2B_PUBLIC_UnmarshalX(A, B, C) +#define TPM_EO_Unmarshal UINT16_Unmarshal +#define TPM_CC_Unmarshal UINT32_Unmarshal + +#define VAL(X) X +#define VAL_2B(X, MEMBER) X.MEMBER +#define VAL_2B_P(X, MEMBER) X->MEMBER + +static const struct { + TPM_ALG_ID alg; + int gcrypt_algo; + int size; +} TSS_Hashes[] = { + { TPM_ALG_SHA1, GCRY_MD_SHA1, 20 }, + { TPM_ALG_SHA256, GCRY_MD_SHA256, 32 }, + { TPM_ALG_SHA384, GCRY_MD_SHA3_384, 48 }, + { TPM_ALG_SHA512, GCRY_MD_SHA3_512, 64 } +}; + +static inline void +intel_auth_helper(TSS_CONTEXT *tssContext, TPM_HANDLE auth, const char *authVal) +{ + TPM2B_AUTH authVal2B; + + if (authVal) + { + authVal2B.size = strlen(authVal); + memcpy(authVal2B.buffer, authVal, authVal2B.size); + } + else + { + authVal2B.size = 0; + } + Esys_TR_SetAuth(tssContext, auth, &authVal2B); +} + +static inline void +intel_sess_helper(TSS_CONTEXT *tssContext, TPM_HANDLE auth, TPMA_SESSION flags) +{ + Esys_TRSess_SetAttributes(tssContext, auth, flags, + TPMA_SESSION_CONTINUESESSION | flags); +} + +static inline TPM_HANDLE +intel_handle(TPM_HANDLE h) +{ + if (h == 0) + return ESYS_TR_NONE; + return h; +} + +static inline void +TSS_Delete(TSS_CONTEXT *tssContext) +{ + TSS2_TCTI_CONTEXT *tcti_ctx; + TPM_RC rc; + + rc = Esys_GetTcti(tssContext, &tcti_ctx); + Esys_Finalize(&tssContext); + if (rc == TPM_RC_SUCCESS) + Tss2_TctiLdr_Finalize(&tcti_ctx); +} + +static inline TPM_RC +TSS_Create(TSS_CONTEXT **tssContext) +{ + TPM_RC rc; + TSS2_TCTI_CONTEXT *tcti_ctx = NULL; + char *intType; + char *tctildr = NULL; + + intType = getenv("TPM_INTERFACE_TYPE"); + /* + * FIXME: This should be way more sophisticated, but it's + * enough to get the simulator tests running + */ + if (intType) + { + if (strcmp("socsim", intType) == 0) { + tctildr = "mssim"; + } + else if (strcmp("dev", intType) == 0) + { + tctildr = "device"; + } + else + { + fprintf(stderr, "Unknown TPM_INTERFACE_TYPE %s\n", intType); + } + } + + rc = Tss2_TctiLdr_Initialize(tctildr, &tcti_ctx); + if (rc) + return rc; + + rc = Esys_Initialize(tssContext, tcti_ctx, NULL); + + return rc; +} + +static inline int +TSS_GetDigestSize(TPM_ALG_ID alg) { + int i; + + for (i = 0; i < ARRAY_SIZE(TSS_Hashes); i++) + if (TSS_Hashes[i].alg == alg) + return TSS_Hashes[i].size; + return -1; +} + +static inline int +TSS_Hash_GetMd(int *algo, TPM_ALG_ID alg) { + int i; + + for (i = 0; i < ARRAY_SIZE(TSS_Hashes); i++) + if (TSS_Hashes[i].alg == alg) + { + *algo = TSS_Hashes[i].gcrypt_algo; + return 0; + } + return TPM_RC_FAILURE; +} + +/* copied with modifications from the IBM TSS tsscrypto.c */ +static inline TPM_RC +TSS_Hash_Generate(TPMT_HA *digest, ...) +{ + TPM_RC rc = 0; + int length; + uint8_t *buffer; + int algo; + gcry_md_hd_t md; + va_list ap; + + va_start(ap, digest); + + rc = TSS_Hash_GetMd(&algo, digest->hashAlg); + if (rc) + { + fprintf(stderr, "TSS_HASH_GENERATE: Unknown hash %d\n", + digest->hashAlg); + goto out; + } + + rc = gcry_md_open (&md, algo, 0); + if (rc != 0) + { + fprintf(stderr, "TSS_Hash_Generate: EVP_MD_CTX_create failed\n"); + rc = TPM_RC_FAILURE; + goto out; + } + + rc = TPM_RC_FAILURE; + for (;;) + { + length = va_arg(ap, int); /* first vararg is the length */ + buffer = va_arg(ap, unsigned char *); /* second vararg is the array */ + if (buffer == NULL) /* loop until a NULL buffer terminates */ + break; + if (length < 0) + { + fprintf(stderr, "TSS_Hash_Generate: Length is negative\n"); + goto out_free; + } + if (length != 0) + gcry_md_write (md, buffer, length); + } + + memcpy (&digest->digest, gcry_md_read (md, algo), + TSS_GetDigestSize(digest->hashAlg)); + rc = TPM_RC_SUCCESS; + out_free: + gcry_md_close (md); + out: + va_end(ap); + return rc; +} + +static inline TPM_RC +TSS_TPM2B_Create(TPM2B *target, uint8_t *buffer, uint16_t size, + uint16_t targetSize) +{ + if (size > targetSize) + return TSS2_MU_RC_INSUFFICIENT_BUFFER; + target->size = size; + if (size) + memmove(target->buffer, buffer, size); + return TPM_RC_SUCCESS; +} + +static inline void +tpm2_error(TPM_RC rc, const char *reason) +{ + const char *msg; + + fprintf(stderr, "%s failed with %d\n", reason, rc); + msg = Tss2_RC_Decode(rc); + fprintf(stderr, "%s\n", msg); +} + +static inline int +TSS_start (TSS_CONTEXT **tssc) +{ + TPM_RC rc; + + rc = TSS_Create (tssc); + if (rc) + { + tpm2_error(rc, "TSS_Create"); + return GPG_ERR_CARD; + } + + return 0; +} + +static inline TPM_RC +tpm2_Import(TSS_CONTEXT *tssContext, TPM_HANDLE parentHandle, + DATA_2B *encryptionKey, TPM2B_PUBLIC *objectPublic, + PRIVATE_2B *duplicate, ENCRYPTED_SECRET_2B *inSymSeed, + TPMT_SYM_DEF_OBJECT *symmetricAlg, PRIVATE_2B *outPrivate, + TPM_HANDLE auth, const char *authVal) +{ + PRIVATE_2B *out; + TPM_RC rc; + + intel_auth_helper(tssContext, parentHandle, authVal); + intel_sess_helper(tssContext, auth, TPMA_SESSION_DECRYPT); + rc = Esys_Import(tssContext, parentHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, encryptionKey, objectPublic, + duplicate, inSymSeed, symmetricAlg, &out); + if (rc) + return rc; + + *outPrivate = *out; + free(out); + + return rc; +} + +static inline TPM_RC +tpm2_Create(TSS_CONTEXT *tssContext, TPM_HANDLE parentHandle, + TPM2B_SENSITIVE_CREATE *inSensitive, TPM2B_PUBLIC *inPublic, + PRIVATE_2B *outPrivate, TPM2B_PUBLIC *outPublic, + TPM_HANDLE auth, const char *authVal) +{ + TPM_RC rc; + PRIVATE_2B *opriv; + TPM2B_PUBLIC *opub; + DATA_2B outsideInfo; + TPML_PCR_SELECTION creationPCR; + + outsideInfo.size = 0; + creationPCR.count = 0; + + intel_auth_helper(tssContext, parentHandle, authVal); + intel_sess_helper(tssContext, auth, TPMA_SESSION_DECRYPT); + rc = Esys_Create(tssContext, parentHandle, auth, + ESYS_TR_NONE, ESYS_TR_NONE, inSensitive, + inPublic, &outsideInfo, &creationPCR, &opriv, + &opub, NULL, NULL, NULL); + + if (rc) + return rc; + + *outPublic = *opub; + free(opub); + *outPrivate = *opriv; + free(opriv); + + return rc; +} + +static inline TPM_RC +tpm2_ReadPublic(TSS_CONTEXT *tssContext, TPM_HANDLE objectHandle, + TPMT_PUBLIC *pub, TPM_HANDLE auth) +{ + TPM2B_PUBLIC *out; + TPM_RC rc; + + if (auth != TPM_RH_NULL) + intel_sess_helper(tssContext, auth, TPMA_SESSION_ENCRYPT); + + rc = Esys_ReadPublic(tssContext, objectHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, &out, NULL, NULL); + if (rc) + return rc; + + if (pub) + *pub = out->publicArea; + free(out); + + return rc; +} + +static inline TPM_RC +tpm2_RSA_Decrypt(TSS_CONTEXT *tssContext, TPM_HANDLE keyHandle, + PUBLIC_KEY_RSA_2B *cipherText, TPMT_RSA_DECRYPT *inScheme, + PUBLIC_KEY_RSA_2B *message, + TPM_HANDLE auth, const char *authVal, int flags) +{ + PUBLIC_KEY_RSA_2B *out; + DATA_2B label; + TPM_RC rc; + + label.size = 0; + + intel_auth_helper(tssContext, keyHandle, authVal); + intel_sess_helper(tssContext, auth, flags); + rc = Esys_RSA_Decrypt(tssContext, keyHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, cipherText, + inScheme, &label, &out); + + if (rc) + return rc; + + *message = *out; + free(out); + + return rc; +} + +static inline TPM_RC +tpm2_Sign(TSS_CONTEXT *tssContext, TPM_HANDLE keyHandle, DIGEST_2B *digest, + TPMT_SIG_SCHEME *inScheme, TPMT_SIGNATURE *signature, + TPM_HANDLE auth, const char *authVal) +{ + TPM_RC rc; + TPMT_TK_HASHCHECK validation; + TPMT_SIGNATURE *out; + + validation.tag = TPM_ST_HASHCHECK; + validation.hierarchy = EXT_TPM_RH_NULL; + validation.digest.size = 0; + + intel_auth_helper(tssContext, keyHandle, authVal); + intel_sess_helper(tssContext, auth, 0); + rc = Esys_Sign(tssContext, keyHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, digest, inScheme, &validation, &out); + + if (rc) + return rc; + + *signature = *out; + free(out); + + return rc; +} + +static inline TPM_RC +tpm2_ECDH_ZGen(TSS_CONTEXT *tssContext, TPM_HANDLE keyHandle, + TPM2B_ECC_POINT *inPoint, TPM2B_ECC_POINT *outPoint, + TPM_HANDLE auth, const char *authVal) +{ + TPM2B_ECC_POINT *out; + TPM_RC rc; + + intel_auth_helper(tssContext, keyHandle, authVal); + intel_sess_helper(tssContext, auth, TPMA_SESSION_ENCRYPT); + rc = Esys_ECDH_ZGen(tssContext, keyHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, inPoint, &out); + + if (rc) + return rc; + + *outPoint = *out; + free(out); + + return rc; +} + +static inline TPM_RC +tpm2_CreatePrimary(TSS_CONTEXT *tssContext, TPM_HANDLE primaryHandle, + TPM2B_SENSITIVE_CREATE *inSensitive, + TPM2B_PUBLIC *inPublic, TPM_HANDLE *objectHandle) +{ + TPM2B_DATA outsideInfo; + TPML_PCR_SELECTION creationPcr; + TPM_RC rc; + + /* FIXME will generate wrong value for NULL hierarchy */ + primaryHandle = intel_handle(primaryHandle); + + outsideInfo.size = 0; + creationPcr.count = 0; + + rc = Esys_CreatePrimary(tssContext, primaryHandle, ESYS_TR_PASSWORD, ESYS_TR_NONE, + ESYS_TR_NONE, inSensitive, inPublic, + &outsideInfo, &creationPcr, objectHandle, + NULL, NULL, NULL, NULL); + + return rc; +} + +static inline TPM_RC +tpm2_FlushContext(TSS_CONTEXT *tssContext, TPM_HANDLE flushHandle) +{ + return Esys_FlushContext(tssContext, flushHandle); +} + +static inline TPM_RC +tpm2_StartAuthSession(TSS_CONTEXT *tssContext, TPM_HANDLE tpmKey, + TPM_HANDLE bind, TPM_SE sessionType, + TPMT_SYM_DEF *symmetric, TPMI_ALG_HASH authHash, + TPM_HANDLE *sessionHandle, + const char *bindPassword) +{ + bind = intel_handle(bind); + tpmKey = intel_handle(tpmKey); + if (bind != ESYS_TR_NONE) + intel_auth_helper(tssContext, bind, bindPassword); + + return Esys_StartAuthSession(tssContext, tpmKey, bind, ESYS_TR_NONE, + ESYS_TR_NONE, ESYS_TR_NONE, NULL, + sessionType, symmetric, authHash, + sessionHandle); +} + +static inline TPM_RC +tpm2_Load(TSS_CONTEXT *tssContext, TPM_HANDLE parentHandle, + PRIVATE_2B *inPrivate, TPM2B_PUBLIC *inPublic, + TPM_HANDLE *objectHandle, + TPM_HANDLE auth, const char *authVal) +{ + intel_auth_helper(tssContext, parentHandle, authVal); + intel_sess_helper(tssContext, auth, 0); + return Esys_Load(tssContext, parentHandle, auth, ESYS_TR_NONE, + ESYS_TR_NONE, inPrivate, inPublic, objectHandle); +} + +static inline TPM_HANDLE +tpm2_handle_ext(TSS_CONTEXT *tssContext, TPM_HANDLE esysh) +{ + TPM2_HANDLE realh = 0; + + Esys_TR_GetTpmHandle(tssContext, esysh, &realh); + + return realh; +} + +static inline TPM_HANDLE +tpm2_handle_int(TSS_CONTEXT *tssContext, TPM_HANDLE realh) +{ + TPM_HANDLE esysh = 0; + + /* ***ing thing doesn't transform permanent handles */ + if ((realh >> 24) == TPM_HT_PERMANENT) + { + switch (realh) + { + case TPM2_RH_OWNER: + return TPM_RH_OWNER; + case TPM2_RH_PLATFORM: + return TPM_RH_PLATFORM; + case TPM2_RH_ENDORSEMENT: + return TPM_RH_ENDORSEMENT; + case TPM2_RH_NULL: + return ESYS_TR_RH_NULL; + default: + return 0; + } + } + + Esys_TR_FromTPMPublic(tssContext, realh, ESYS_TR_NONE, + ESYS_TR_NONE, ESYS_TR_NONE, &esysh); + + return esysh; +} + +static inline int +tpm2_handle_mso(TSS_CONTEXT *tssContext, TPM_HANDLE esysh, UINT32 mso) +{ + return (tpm2_handle_ext(tssContext, esysh) >> 24) == mso; +} + +#endif diff --git a/tpm2d/tpm2.h b/tpm2d/tpm2.h index a2d3745ea..0926d8014 100644 --- a/tpm2d/tpm2.h +++ b/tpm2d/tpm2.h @@ -2,7 +2,11 @@ #define _TPM2_H #include "../common/util.h" +#ifdef HAVE_INTEL_TSS +#include "intel-tss.h" +#else #include "ibm-tss.h" +#endif int tpm2_start (TSS_CONTEXT **tssc); void tpm2_end (TSS_CONTEXT *tssc); -- 2.26.2 From wk at gnupg.org Wed Mar 10 15:06:13 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 10 Mar 2021 15:06:13 +0100 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> (James Bottomley's message of "Tue, 9 Mar 2021 13:50:27 -0800") References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> Message-ID: <87wnufyuga.fsf@wheatstone.g10code.de> Hi James, > This is a set of patches adding TPM support to gnupg-2.3 Thanks for the patches. I was already considering when to add your old patches. So these reworked patches really came in time for a new beta. Thanks. > tpm2d: Add tpm2daemon code > agent: Add new shadow key type and functions to call tpm2daemon > g10: add new command keytotpm to convert a private key to TPM format > tpm2d: add tests for the tpm2daemon I applied all these patches with a few minor changes. However, I have not yet tested anything, just made sure that it builds fine. The tests duplicate quite some some code but I guess we better live with this until we could rework the test framework. header blurbs are missing but there is an SPDX line thus this should be okay. > Add Support for the Intel TSS I am not sure about this one and whether this needs to be applied right now. My installed libtss-dev version is the 2 years old 1045-1.2. The files in tpm2d/ are missing the usual header blurb. I assume they are all meant to be GPL-3. I attach a patch adding them. Would you mind to sign this off and send a fixed patch? In fact I am not sure were you use the code too and thus a different license version might be desired. The whole gpg with TPM thing sounds interesting. I took quite a while to add this to master since you first showed be it at some FOSDEM. Sorry. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-tpmd2-Add-copyright-blurbs.patch Type: text/x-diff Size: 6846 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From James.Bottomley at HansenPartnership.com Wed Mar 10 19:04:06 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Wed, 10 Mar 2021 10:04:06 -0800 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <87wnufyuga.fsf@wheatstone.g10code.de> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <87wnufyuga.fsf@wheatstone.g10code.de> Message-ID: <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> On Wed, 2021-03-10 at 15:06 +0100, Werner Koch wrote: > Hi James, > > > This is a set of patches adding TPM support to gnupg-2.3 > > Thanks for the patches. I was already considering when to add your > old patches. So these reworked patches really came in time for a new > beta. Thanks. You're welcome. > > tpm2d: Add tpm2daemon code > > agent: Add new shadow key type and functions to call tpm2daemon > > g10: add new command keytotpm to convert a private key to TPM > > format > > tpm2d: add tests for the tpm2daemon > > I applied all these patches with a few minor changes. However, I > have not yet tested anything, just made sure that it builds fine. Unfortunately debian doesn't package a software TPM ... I don't know why, most other distributions do. I have one here in deb format: https://build.opensuse.org/package/show/home:jejb1:TPM/swtpm2 > The tests duplicate quite some some code but I guess we better live > with this until we could rework the test framework. header blurbs > are missing but there is an SPDX line thus this should be okay. Yes, there's also doc missing, but I thought we could add that after the fact if you agree to the keytotpm command. It's basically just that to convert an existing key to TPM format. After that everything should just work (except once the key is converted it can't be unconverted and it will stop operating if you lose your TPM or clear it). > > > Add Support for the Intel TSS > > I am not sure about this one and whether this needs to be applied > right now. My installed libtss-dev version is the 2 years old 1045- > 1.2. It doesn't need to be applied immediately. Your libtss-dev is an IBM version number and the above patches, without this one, should work with every IBM TSS however old. For the Intel TSS on debian you need libtss2-dev from the tpm2-tss source package. The version on stable is too old (2.1.0) but the version in testing will work (3.0.3). > The files in tpm2d/ are missing the usual header blurb. I assume > they are all meant to be GPL-3. Yes, that was the intention ... I always forget header files, sorry. > I attach a patch adding them. Would you mind to sign this off and > send a fixed patch? In fact I am not sure were you use the code too > and thus a different license version might be desired. I copied the code with modifications from a different project which is under LGPL: https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/ But I own copyright in all the base files I've added to your repo, so I'm happy for them to remain under GPLv3 going forward. Since they had to be modified to support gcrypt, I don't think there's much direct reuse outside of the GPLv3 licence. I am contemplating helping gnutls add TPM2 support using the same framework, but their crypto system will require different modifications of the base files. > The whole gpg with TPM thing sounds interesting. I took quite a > while to add this to master since you first showed be it at some > FOSDEM. > Sorry. Well, stuff takes a while, thanks for adding it. Since it was always targetted at 2.3, there's no real delay anyway. James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From wk at gnupg.org Thu Mar 11 09:19:23 2021 From: wk at gnupg.org (Werner Koch) Date: Thu, 11 Mar 2021 09:19:23 +0100 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> (James Bottomley via Gnupg-devel's message of "Wed, 10 Mar 2021 10:04:06 -0800") References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <87wnufyuga.fsf@wheatstone.g10code.de> <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> Message-ID: <87h7liyues.fsf@wheatstone.g10code.de> On Wed, 10 Mar 2021 10:04, James Bottomley said: > Unfortunately debian doesn't package a software TPM ... I don't know > why, most other distributions do. I have one here in deb format: > > https://build.opensuse.org/package/show/home:jejb1:TPM/swtpm2 Thanks. > For the Intel TSS on debian you need libtss2-dev from the tpm2-tss > source package. The version on stable is too old (2.1.0) but the > version in testing will work (3.0.3). I deinstalled the IBM stack and the Intel code works with the opther patch. > But I own copyright in all the base files I've added to your repo, so > I'm happy for them to remain under GPLv3 going forward. Since they had > to be modified to support gcrypt, I don't think there's much direct > reuse outside of the GPLv3 licence. If there is ever a need we can easily chnage back to LGPL for tehse parts. I pushed my proposed patch with a link to your mail. We plan to do Debian packages; do you have any advise which stack we should prefer? I guess IBM, becuase that one is tried first in configure. > Well, stuff takes a while, thanks for adding it. Since it was always > targetted at 2.3, there's no real delay anyway. Now with TPM support in place, do you think that we could now go after the passpharse caching code which states: /* The encryption context. This is the only place where the encryption key for all cached entries is available. It would be nice to keep this (or just the key) in some hardware device, for example a TPM. Libgcrypt could be extended to provide such a service. With the current scheme it is easy to retrieve the cached entries if access to Libgcrypt's memory is available. The encryption merely avoids grepping for clear texts in the memory. Nevertheless the encryption provides the necessary infrastructure to make it more secure. */ static gcry_cipher_hd_t encryption_handle; It would be sufficent if we could limit the time this symmetric encryption key is exposed in memory to a minimum by encrypting the key with the tpm. Any ideas how to best integrate this? And a last thing: It would be supercool if you could do a short writeup on how to use the system in practise; for example as an article in our blob. Just if you can find some spare time (good joke, I know). Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Thu Mar 11 13:50:47 2021 From: wk at gnupg.org (Werner Koch) Date: Thu, 11 Mar 2021 13:50:47 +0100 Subject: [PATCH gpgme] Add license file for cJSON In-Reply-To: (=?utf-8?B?IkppxZnDrQ==?= K. via Gnupg-devel"'s message of "Thu, 26 Nov 2020 15:10:08 +0100") References: Message-ID: <87k0qdyhug.fsf@wheatstone.g10code.de> On Thu, 26 Nov 2020 15:10, Ji?? K. said: >>From 25655d9473770a355d61c47e9770a0d1806714ea Mon Sep 17 00:00:00 2001 > From: Jiri Kucera > > Add a COPYING.MIT file, containing the license of cJSON, to the > root directory. Thanks for noting this. To align it with how we handle this in Libgcrypt, I instead added a file LICENSES along with a pointer to it in AUTHORS. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Thu Mar 11 14:09:36 2021 From: wk at gnupg.org (Werner Koch) Date: Thu, 11 Mar 2021 14:09:36 +0100 Subject: PIV APT parsing compatibility In-Reply-To: <87zh0hffxw.fsf@notcom.org> (Valtteri Vuorikoski's message of "Wed, 03 Feb 2021 20:24:34 +0200") References: <87zh0hffxw.fsf@notcom.org> Message-ID: <87ft11ygz3.fsf@wheatstone.g10code.de> Hi! Thanks for the patch. I pushed it to master. > (The retry counter in gpg-card also shows an error for PivApplet > because app-piv.c queries the Global PIN even though the Discovery Object > doesn't indicate support for it. I couldn't try actual sign/encrypt > operations yet since card-keys.c can't read certs from gpg/gpgsm.) Oops, that must be a regression. I'l check. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From James.Bottomley at HansenPartnership.com Thu Mar 11 17:51:23 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Thu, 11 Mar 2021 08:51:23 -0800 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <87h7liyues.fsf@wheatstone.g10code.de> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <87wnufyuga.fsf@wheatstone.g10code.de> <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> <87h7liyues.fsf@wheatstone.g10code.de> Message-ID: <4be46ba09ba3e28d30cc1c6ed8b8d8ba201bf0b3.camel@HansenPartnership.com> On Thu, 2021-03-11 at 09:19 +0100, Werner Koch wrote: > On Wed, 10 Mar 2021 10:04, James Bottomley said: > > > Unfortunately debian doesn't package a software TPM ... I don't > > know why, most other distributions do. I have one here in deb > > format: > > > > https://build.opensuse.org/package/show/home:jejb1:TPM/swtpm2 > > Thanks. > > > For the Intel TSS on debian you need libtss2-dev from the tpm2-tss > > source package. The version on stable is too old (2.1.0) but the > > version in testing will work (3.0.3). > > I deinstalled the IBM stack and the Intel code works with the opther > patch. > > > But I own copyright in all the base files I've added to your repo, > > so I'm happy for them to remain under GPLv3 going forward. Since > > they had to be modified to support gcrypt, I don't think there's > > much direct reuse outside of the GPLv3 licence. > > If there is ever a need we can easily chnage back to LGPL for tehse > parts. I pushed my proposed patch with a link to your mail. Yes, that looks fine. > We plan to do Debian packages; do you have any advise which stack we > should prefer? I guess IBM, becuase that one is tried first in > configure. The Intel TSS is very new. I've actually been using the IBM TSS version of the patches with gnupg-2.2 for several years, so it's fairly well tested. I thought once I had a testing infrastructure it would be easy to verify the Intel TSS patch, which I did in my local environment. However, when I pushed the Intel TSS build to the openSUSE build servers, it exploded on pretty much every non-current distro because of API mutations. I think the configure.ac check I added catches all the problems, but I wouldn't necessarily bet the farm on it. So the bottom line is the most reliable build is with the IBM TSS although the Intel TSS in debian testing seems to work fine as well. > > Well, stuff takes a while, thanks for adding it. Since it was > > always targetted at 2.3, there's no real delay anyway. > > Now with TPM support in place, do you think that we could now go > after the passpharse caching code which states: > > /* The encryption context. This is the only place where the > encryption key for all cached entries is available. It would be > nice > to keep this (or just the key) in some hardware device, for > example > a TPM. Libgcrypt could be extended to provide such a service. > With the current scheme it is easy to retrieve the cached entries > if access to Libgcrypt's memory is available. The encryption > merely avoids grepping for clear texts in the > memory. Nevertheless > the encryption provides the necessary infrastructure to make it > more secure. */ > static gcry_cipher_hd_t encryption_handle; > > It would be sufficent if we could limit the time this symmetric > encryption key is exposed in memory to a minimum by encrypting the > key with the tpm. Any ideas how to best integrate this? It's certainly possible. The TPM API you're after is called the sealing one. What happens is that the TPM can encrypt a blob of data up to 128 bytes with a TPM internal key and give it back to you when you call TPM2_Unseal(). For safety, since the password cache isn't expected to survive a reboot, the parent of the seal operation should be the NULL seed, so the sealed data becomes unextractable after a TPM restart (the NULL seed changes on every restart). You could seal the password when it's added to the cache and unseal it just before use. The safety you get is that an attacker who steals memory pages can't unseal the password unless they also can access the TPM on your laptop. However, if the threat model is an attacker who can steal memory pages in real time, they can likely snoop the unseal operation as well and extract the password that way. I can investigate coding this if you like. Unfortunately the Intel TSS has yet another bug around NULL seed handling, which we'll then need a configure.ac test for: https://github.com/intel/tpm2-tss/issues/1993 > And a last thing: It would be supercool if you could do a short > writeup on how to use the system in practise; for example as an > article in our blob. Just if you can find some spare time (good > joke, I know). Adding documentation is on my list of things to do, so a blog entry shouldn't be too much of a stretch. Regards, James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From jcb62281 at gmail.com Fri Mar 12 05:03:08 2021 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Thu, 11 Mar 2021 22:03:08 -0600 Subject: Mock signature verification for application testing Message-ID: <604AE7FC.7000400@gmail.com> Hello all, I answered a call for volunteers to help with the FTP upload handling tool that runs ftp.gnu.org and I have been developing a testsuite for that tool. To support automated testing I have written a mockup of gpgv, attached to this message. I am sending this message on a recommendation from Ian at the FSF to ask the gnupg list when I requested that someone review the mock gpgv script that I had written. I apologize in advance if this is not the appropriate list for this request. The mock gpgv's role inside the testsuite is to provide an easy way to test and verify the upload handler's behavior with various combinations of valid and invalid signatures, without having to actually generate those signatures. The mock gpgv itself should be self-contained, although some additional DejaGnu interface code for driving it has also been written. The mock gpgv was written mostly by examining GPG source code, and there is a chance that I may have misunderstood the program flow, although I believe I have it right, including some surprising (to me) results with the exit code returned by gpgv: a valid signature produces a successful exit code, even if the key has expired or been revoked, or the signature itself has expired. An unsuccessful exit code occurs only if (code 1) the data is found to not match the signature or (code 2) an error prevents checking the signature at all. It seems to me that the proper way to distinguish the other situations (matching signature from questionable key) involves using the --status-fd mechanism. Do I understand correctly? Does the attached shell script accurately mimic gpgv's behavior? Are there further elements that should be added to better support testing of programs that use gpgv to perform automatic signature verification against a set of approved keys? As a maintainer of DejaGnu, I may eventually put this script and its associated DejaGnu code into DejaGnu's contrib/ directory, if it is or can be made sufficiently general, or I would be happy to contribute this support for automated testing to the GnuPG project. -- Jacob -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: mockgpgv URL: From James.Bottomley at HansenPartnership.com Fri Mar 12 16:59:17 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Fri, 12 Mar 2021 07:59:17 -0800 Subject: [PATCH] gpg.texi: add documentation for the keytotpm command Message-ID: <4583a7116539ac230f0f5fabc58582b1898d2f9d.camel@HansenPartnership.com> The tpm2d patches introduced a new --edit-key command: keytotpm. Add a descriptive entry explaining what it does and how it works. Signed-off-by: James Bottomley --- doc/gpg.texi | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/doc/gpg.texi b/doc/gpg.texi index 2ba99e5c0..54455b4ac 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1002,6 +1002,26 @@ signing. select 2 to restore as encryption key. You will first be asked to enter the passphrase of the backup key and then for the Admin PIN of the card. + @item keytotpm + @opindex keyedit:keytotpm + Transfer the selected secret subkey (or the primary key if no subkey + has been selected) to TPM form. The secret key in the keyring will + be replaced by the TPM representation of that key, which can only be + read by the particular TPM that created it (so the keyfile now + becomes locked to the laptop containing the TPM). Only certain key + types may be transferred to the TPM (all TPM 2.0 systems are + mandated to have the rsa2048 and nistp256 algorithms but newer TPMs + may have more). Note that the key itself is not transferred into the + TPM, merely encrypted by the TPM in-place, so if the keyfile is + deleted, the key will be lost. Once transferred to TPM + representation, the key file can never be converted back to non-TPM + form and the key will die when the TPM does, so you should first + have a backup on secure offline storage of the actual secret key + file before conversion. It is essential to use the physical system + TPM that you have rw permission on the TPM resource manager device + (/dev/tpmrm0). Usually this means you must be a member of the tss + group. + @item delkey @opindex keyedit:delkey Remove a subkey (secondary key). Note that it is not possible to retract -- 2.26.2 From James.Bottomley at HansenPartnership.com Fri Mar 12 17:45:46 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Fri, 12 Mar 2021 08:45:46 -0800 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <87h7liyues.fsf@wheatstone.g10code.de> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <87wnufyuga.fsf@wheatstone.g10code.de> <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> <87h7liyues.fsf@wheatstone.g10code.de> Message-ID: <8e9acb4b85c2cb10e05e8e9b3058ec50344f7faf.camel@HansenPartnership.com> On Thu, 2021-03-11 at 09:19 +0100, Werner Koch wrote: [...] > And a last thing: It would be supercool if you could do a short > writeup on how to use the system in practise; for example as an > article in our blob. Just if you can find some spare time (good > joke, I know). I sent the doc update as a separate patch How about this for the blog entry: https://blog.hansenpartnership.com/?p=1223&shareadraft=baba1223_604b8ffac6d44 It's written in wordpress so it should simply cut and paste into your blog. James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From okigan at gmail.com Sat Mar 13 03:42:36 2021 From: okigan at gmail.com (Igor Okulist) Date: Fri, 12 Mar 2021 18:42:36 -0800 Subject: [PATCH gnupg] agent: Fix typo in a comment Message-ID: <20210313024236.1335904-1-okigan@gmail.com> --- agent/command-ssh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 393ee91e9..538b4ddef 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -158,7 +158,7 @@ typedef gpg_error_t (*ssh_signature_encoder_t) (ssh_key_type_spec_t *spec, estream_t signature_blob, gcry_sexp_t sig); -/* Type, which is used for boundling all the algorithm specific +/* Type, which is used for bundling all the algorithm specific information together in a single object. */ struct ssh_key_type_spec { -- 2.25.1 From okigan at gmail.com Sat Mar 13 03:24:51 2021 From: okigan at gmail.com (Igor Okulist) Date: Fri, 12 Mar 2021 18:24:51 -0800 Subject: [PATCH gnupg] agent: Fix typo in a comment Message-ID: <20210313022451.1334397-1-okigan@gmail.com> --- agent/command-ssh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 393ee91e9..538b4ddef 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -158,7 +158,7 @@ typedef gpg_error_t (*ssh_signature_encoder_t) (ssh_key_type_spec_t *spec, estream_t signature_blob, gcry_sexp_t sig); -/* Type, which is used for boundling all the algorithm specific +/* Type, which is used for bundling all the algorithm specific information together in a single object. */ struct ssh_key_type_spec { -- 2.25.1 From dgouttegattat at incenp.org Mon Mar 15 14:56:55 2021 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Mon, 15 Mar 2021 13:56:55 +0000 Subject: [PATCH v3 4/5] tpm2d: add tests for the tpm2daemon In-Reply-To: <20210309215032.14530-5-James.Bottomley@HansenPartnership.com> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <20210309215032.14530-5-James.Bottomley@HansenPartnership.com> Message-ID: <20210315135655.old3b7rz3u7phxap@dynein.local.incenp.org> Hi, On Tue, Mar 09, 2021 at 01:50:31PM -0800, James Bottomley via Gnupg-devel wrote: >Running this test infrastructure requires a tpm emulator, which is >tested for during configuration. I tried to run the tests. I do have an emulator (tpm_server) which is correctly found at configure time, but the tests failed because the script `start_sw_tpm.sh` is not found in the tests/tpm2dtests directory. There?s no trace of such a script in the patchset (apart from a mention in defs.scm), is it supposed to be auto-generated somehow? Or manually provided by whoever is calling `make check`? - Damien -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From James.Bottomley at HansenPartnership.com Mon Mar 15 15:07:51 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Mon, 15 Mar 2021 07:07:51 -0700 Subject: [PATCH v3 4/5] tpm2d: add tests for the tpm2daemon In-Reply-To: <20210315135655.old3b7rz3u7phxap@dynein.local.incenp.org> References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <20210309215032.14530-5-James.Bottomley@HansenPartnership.com> <20210315135655.old3b7rz3u7phxap@dynein.local.incenp.org> Message-ID: On Mon, 2021-03-15 at 13:56 +0000, Damien Goutte-Gattat via Gnupg-devel wrote: > Hi, > > On Tue, Mar 09, 2021 at 01:50:31PM -0800, James Bottomley via > Gnupg-devel wrote: > > Running this test infrastructure requires a tpm emulator, which is > > tested for during configuration. > > I tried to run the tests. I do have an emulator (tpm_server) which > is correctly found at configure time, but the tests failed because > the script `start_sw_tpm.sh` is not found in the tests/tpm2dtests > directory. > > There?s no trace of such a script in the patchset (apart from a > mention in defs.scm), is it supposed to be auto-generated somehow? Or > manually provided by whoever is calling `make check`? No it was supposed to be part of the testing commit. I think I just forgot to do git add ... and, of course, it still works for me because I have the script. I'll send it in a followup patch. James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From James.Bottomley at HansenPartnership.com Mon Mar 15 15:16:14 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Mon, 15 Mar 2021 07:16:14 -0700 Subject: [PATCH] tpm2dtests: add missing start_sw_tpm.sh script Message-ID: <0792e4a942ab64e40aed761e4de5d8bf43ae74de.camel@HansenPartnership.com> This accidentally got left out of the initial commit for testing 6720f1343 ("tpm2d: add tests for the tpm2daemon") Signed-off-by: James Bottomley --- tests/tpm2dtests/start_sw_tpm.sh | 34 ++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100755 tests/tpm2dtests/start_sw_tpm.sh diff --git a/tests/tpm2dtests/start_sw_tpm.sh b/tests/tpm2dtests/start_sw_tpm.sh new file mode 100755 index 000000000..0fb8f79cb --- /dev/null +++ b/tests/tpm2dtests/start_sw_tpm.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +# remove any prior TPM contents +rm -f NVChip h*.bin *.permall +if [ -x "${SWTPM}" ]; then + ${SWTPM} socket --tpm2 --server type=tcp,port=2321 --ctrl type=tcp,port=2322 --tpmstate dir=`pwd` & +else + ${TPMSERVER} > /dev/null 2>&1 & +fi +pid=$! +## +# This powers on the tpm and starts it +# then we derive the RSA version of the storage seed and +# store it permanently at handle 81000001 and flush the transient +## +a=0; while [ $a -lt 10 ]; do + if [ -x "${SWTPM_IOCTL}" ]; then + ${SWTPM_IOCTL} --tcp 127.0.0.1:2322 -i > /dev/null 2>&1 + else + tsspowerup > /dev/null 2>&1 + fi + if [ $? -eq 0 ]; then + break; + fi + sleep 1 + a=$[$a+1] +done +if [ $a -eq 10 ]; then + echo "Waited 10s for tpm_server to come up; exiting" + exit 1 +fi + +tssstartup || exit 1 +echo -n $pid -- 2.26.2 From wk at gnupg.org Mon Mar 15 15:32:01 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 15 Mar 2021 15:32:01 +0100 Subject: Second 2.3.0 Beta Message-ID: <87im5sv672.fsf@wheatstone.g10code.de> Hi! We plan to soon start with a GnuPG 2.3 series to slightly modernize GnuPG. We will need a few releases to fix still open bugs and to learn about new problems. Before we release 2.3.0 we consider it useful to have wider beta tests to catch build problems etc. Here comes the second beta. 2.3 is GnuPG Git master and is regularly used at least by us. However, building from Git is harder than building from a regular tarball or just using a Windows installer. Thus here is our Beta: https://gnupg.org/ftp/gcrypt/gnupg/unstable/gnupg-2.3.0-beta1655.tar.bz2 https://gnupg.org/ftp/gcrypt/gnupg/unstable/gnupg-2.3.0-beta1655.tar.bz2.sig You need the latest version of Libgcrypt and libgpg-error to build it. Windows users may want to try the installer at https://gnupg.org/ftp/gcrypt/binary/unstable/gnupg-w32-2.3.0-beta1655_20210315.exe https://gnupg.org/ftp/gcrypt/binary/unstable/gnupg-w32-2.3.0-beta1598_20210315.exe.sig As usual no guarantee for not breaking things. As long as no new option is used there should be no problem to move back to 2.2.27. Here is a list of new things since the first beta (beta1689): * tpm2d: New daemon to physically bind keys to the local machine. * gpg: New option --force-sign-key. [#4584] * gpg: New option --no-auto-trust-new-key. * scd: New option --pcsc-shared; see man page for important notes. See the included NEWS for all changes in 2.3.0. Note also that the Windows Unicode support in the provided build does not completely work if GnuPG is installed under a directory containing Unicode characters. This is because the needed Libassuan version has not yet been released; Unicode command line arguments will work in any case. Please send bug reports to this list. Happy hacking. Your GnuPG hackers. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Mon Mar 15 17:14:50 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 15 Mar 2021 17:14:50 +0100 Subject: [PATCH v3 0/5] Add TPM2 support to gnupg 2.3 In-Reply-To: <4be46ba09ba3e28d30cc1c6ed8b8d8ba201bf0b3.camel@HansenPartnership.com> (James Bottomley's message of "Thu, 11 Mar 2021 08:51:23 -0800") References: <20210309215032.14530-1-James.Bottomley@HansenPartnership.com> <87wnufyuga.fsf@wheatstone.g10code.de> <75ac2d5db2dd9ca593e571203d61a30b16f148cb.camel@HansenPartnership.com> <87h7liyues.fsf@wheatstone.g10code.de> <4be46ba09ba3e28d30cc1c6ed8b8d8ba201bf0b3.camel@HansenPartnership.com> Message-ID: <875z1sv1fp.fsf@wheatstone.g10code.de> On Thu, 11 Mar 2021 08:51, James Bottomley said: > The Intel TSS is very new. I've actually been using the IBM TSS > version of the patches with gnupg-2.2 for several years, so it's fairly > well tested. I thought once I had a testing infrastructure it would be Okay, stuff for packaging folks ;-) > It's certainly possible. The TPM API you're after is called the > sealing one. What happens is that the TPM can encrypt a blob of data > up to 128 bytes with a TPM internal key and give it back to you when > you call TPM2_Unseal(). For safety, since the password cache isn't > expected to survive a reboot, the parent of the seal operation should > be the NULL seed, so the sealed data becomes unextractable after a TPM > restart (the NULL seed changes on every restart). You could seal the > password when it's added to the cache and unseal it just before use. > The safety you get is that an attacker who steals memory pages can't > unseal the password unless they also can access the TPM on your laptop. > However, if the threat model is an attacker who can steal memory pages > in real time, they can likely snoop the unseal operation as well and > extract the password that way. Thanks for explaining. I see when we can add this. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Mon Mar 15 17:12:36 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 15 Mar 2021 17:12:36 +0100 Subject: [PATCH] tpm2dtests: add missing start_sw_tpm.sh script In-Reply-To: <0792e4a942ab64e40aed761e4de5d8bf43ae74de.camel@HansenPartnership.com> (James Bottomley's message of "Mon, 15 Mar 2021 07:16:14 -0700") References: <0792e4a942ab64e40aed761e4de5d8bf43ae74de.camel@HansenPartnership.com> Message-ID: <87a6r4v1jf.fsf@wheatstone.g10code.de> On Mon, 15 Mar 2021 07:16, James Bottomley said: > This accidentally got left out of the initial commit for testing > 6720f1343 ("tpm2d: add tests for the tpm2daemon") I just pushed it and added it to the Makefile. > + ${SWTPM} socket --tpm2 --server type=tcp,port=2321 --ctrl > type=tcp,port=2322 --tpmstate dir=`pwd` & That line was broken; I used ${SWTPM} socket --tpm2 --server type=tcp,port=2321 \ --ctrl type=tcp,port=2322 --tpmstate dir=`pwd` & instead. Note that this patch is not in the beta I released today. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From James.Bottomley at HansenPartnership.com Mon Mar 15 17:26:33 2021 From: James.Bottomley at HansenPartnership.com (James Bottomley) Date: Mon, 15 Mar 2021 09:26:33 -0700 Subject: [PATCH] tpm2dtests: add missing start_sw_tpm.sh script In-Reply-To: <87a6r4v1jf.fsf@wheatstone.g10code.de> References: <0792e4a942ab64e40aed761e4de5d8bf43ae74de.camel@HansenPartnership.com> <87a6r4v1jf.fsf@wheatstone.g10code.de> Message-ID: <260232b0ec8660439642ed2d0f95ebdd31071b25.camel@HansenPartnership.com> On Mon, 2021-03-15 at 17:12 +0100, Werner Koch via Gnupg-devel wrote: > On Mon, 15 Mar 2021 07:16, James Bottomley said: > > This accidentally got left out of the initial commit for testing > > 6720f1343 ("tpm2d: add tests for the tpm2daemon") > > I just pushed it and added it to the Makefile. > > > + ${SWTPM} socket --tpm2 --server type=tcp,port=2321 --ctrl > > type=tcp,port=2322 --tpmstate dir=`pwd` & > > That line was broken; I used > > ${SWTPM} socket --tpm2 --server type=tcp,port=2321 \ > --ctrl type=tcp,port=2322 --tpmstate dir=`pwd` & That's fine. Thanks for fixing this. > instead. > > Note that this patch is not in the beta I released today. I'm afraid there are going to be many more teething troubles with the TPM testing infrastructure. The distribution I use most frequently (openSUSE) has both the Intel and the IBM TSS, but the Intel one is too old to work, which is why I've only production tested the IBM one. We also have two separate software TPM projects (both from IBM) produced by Ken Goldman and Stefan Berger. OpenSUSE only packages the Ken Goldman one currently, so that's the one I've tested the best. However, you can't power on and start the Ken Goldman one without the IBM TSS tools. James -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part URL: From wk at gnupg.org Mon Mar 15 18:40:09 2021 From: wk at gnupg.org (Werner Koch) Date: Mon, 15 Mar 2021 18:40:09 +0100 Subject: GnuPG 2.3 Beta In-Reply-To: (Marco Ricci's message of "Thu, 25 Feb 2021 16:40:48 +0100") References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <20210222171548.01860e31@localhost> Message-ID: <87wnu8tix2.fsf@wheatstone.g10code.de> On Thu, 25 Feb 2021 16:40, Marco Ricci said: > * A static build with LDFLAGS=-static works in all components except > GnuPG itself, where neither the linked in libsqlite3.a nor > libgpg-error.a can resolve the dlsym and pthread symbols. We need pthreads on Unix and also dlopen some functions (e.g. PC/SC). Building statically has never been intended. > * Both the npth and gnupg configure scripts claim to support > --with-libksba-prefix=DIR. Using that option has no effect. Using > the option --with-ksba-prefix=DIR instead (i.e. without the "lib" > prefix) works, and has the desired effect. Both should be supported but indeed we tweaked the build system some time ago. Gniibe: would you mind to check whether we can fix this? > * ntbtls configure claims to support --with-zlib=DIR. Using this has > no effect; zlib is required to be in the standard location, else the > build fails. I need to check this but actually this is teh same code as in gpg. > * gnupg configure does not support specifying an alternate sqlite3 > location; there is no --with-sqlite3-prefix or similar. My example > build thus linked against SQLite 3.27 as provided by my system, > instead of SQLite 3.34 as intended by me. For our speedo build script we use our own hosted version of sqlite. Actually you may want to use the speedo build method (build-aux/speedo.mk) if you have many non-standard libraries. Thanks for testing. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From dgouttegattat at incenp.org Mon Mar 15 22:20:03 2021 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Mon, 15 Mar 2021 21:20:03 +0000 Subject: [PATCH gnupg 0/2] Small fixes for running the tpm2dtests. Message-ID: <20210315212005.24938-1-dgouttegattat@incenp.org> Hi, The following two patches fix two small issues with the build system caused by the newly added TPM code and specifically the corresponding tests. The first one is that the test files are not properly distributed in the generated tarball, causing `make distcheck` to fail if it is run on a system where the tests *can* be run (e.g. if a software TPM is detected). The second is that the tpm2d tests requires tools from the IBM TSS, which may not be present on the system even if a software TPM is available (this was the case on my system, where I initially only had the tools from the Intel TSS). The quick fix proposed here is to detect the IBM TSS tools and only run the tpm2d tests if they are present. I guess a better fix would be to adapt the start_sw_tpm.sh script to make it usable with either the IBM TSS tools or the Intel TSS tools, but I do not know either TSS well enough to do that (e.g. what is the equivalent of tssstartup in the Intel TSS?). - Damien Damien Goutte-Gattat (2): build: Fix distcheck when tpm2dtests are run. build: Check for the IBM TSS tools to run the tpm2d tests. configure.ac | 3 ++- tests/tpm2dtests/Makefile.am | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) -- 2.27.0 From dgouttegattat at incenp.org Mon Mar 15 22:20:04 2021 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Mon, 15 Mar 2021 21:20:04 +0000 Subject: [PATCH gnupg 1/2] build: Fix distcheck when tpm2dtests are run. In-Reply-To: <20210315212005.24938-1-dgouttegattat@incenp.org> References: <20210315212005.24938-1-dgouttegattat@incenp.org> Message-ID: <20210315212005.24938-2-dgouttegattat@incenp.org> * tests/tpm2dtests/Makefile.am (EXTRA_DIST): Distribute test files. (CLEANFILES): Make sure to remove log files. Signed-off-by: Damien Goutte-Gattat --- tests/tpm2dtests/Makefile.am | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/tpm2dtests/Makefile.am b/tests/tpm2dtests/Makefile.am index ced4a1f49..eeae39906 100644 --- a/tests/tpm2dtests/Makefile.am +++ b/tests/tpm2dtests/Makefile.am @@ -61,14 +61,15 @@ xcheck: tpm_server_found tpm_server_found: @if [ -z "$(TPMSERVER)" -a -z "$(SWTPM)" -a -z "$(FORCE)" ]; then echo "ERROR: No Software TPM has been found, cannot run TPM tests. Set FORCE=1 to force using the physical TPM"; exit 1; fi -EXTRA_DIST = defs.scm shell.scm all-tests.scm start_sw_tpm.sh +EXTRA_DIST = defs.scm shell.scm all-tests.scm run-tests.scm $(XTESTS) \ + start_sw_tpm.sh CLEANFILES = gpg.conf gpg-agent.conf S.gpg-agent \ pubring.gpg pubring.gpg~ pubring.kbx pubring.kbx~ \ secring.gpg pubring.pkr secring.skr \ gnupg-test.stop random_seed gpg-agent.log tofu.db \ passphrases sshcontrol S.gpg-agent.ssh report.xml \ - msg.txt + msg.txt *.log clean-local: -rm -rf private-keys-v1.d openpgp-revocs.d -- 2.27.0 From dgouttegattat at incenp.org Mon Mar 15 22:20:05 2021 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Mon, 15 Mar 2021 21:20:05 +0000 Subject: [PATCH gnupg 2/2] build: Check for the IBM TSS tools to run the tpm2d tests. In-Reply-To: <20210315212005.24938-1-dgouttegattat@incenp.org> References: <20210315212005.24938-1-dgouttegattat@incenp.org> Message-ID: <20210315212005.24938-3-dgouttegattat@incenp.org> * configure.ac (TEST_LIBTSS): Make that conditional depend on the detection of tssstartup. -- While the tpm2d daemon can use either the Intel TSS or the IBM TSS, the test code (specifically, the start_sw_tpm.sh script) requires some tools from the IBM TSS (tssstartup and tsspowerup). If a software TPM is detected at configure time but the IBM TSS tools are absent (e.g. because only the Intel TSS is available on the system), `make check` will attempt to run the tpm2d tests and those will fail when the start_sw_tpm.sh script is launched. This patch makes running the tpm2d tests dependent not only on the detection of a software TPM, but also on the detection of tssstartup (it is probably safe to assume that if tssstartup is present, then tsspowerup is available as well). Signed-off-by: Damien Goutte-Gattat --- configure.ac | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 82e3e670c..59374491f 100644 --- a/configure.ac +++ b/configure.ac @@ -1638,6 +1638,7 @@ if test "$build_tpm2d" = "yes"; then AC_PATH_PROG(TPMSERVER, tpm_server,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) AC_PATH_PROG(SWTPM, swtpm,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) + AC_PATH_PROG(TSSSTARTUP, tssstartup,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) fi fi if test "$have_libtss" = no; then @@ -1646,7 +1647,7 @@ fi AC_SUBST(LIBTSS_LIBS) AC_SUBST(LIBTSS_CFLAGS) AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" != no) -AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" -o -n "$SWTPM") +AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" || test -n "$SWTPM" && test -n "$TSSSTARTUP") AC_SUBST(HAVE_LIBTSS) # -- 2.27.0 From nicholas.cole at gmail.com Mon Mar 15 23:06:25 2021 From: nicholas.cole at gmail.com (Nicholas Cole) Date: Mon, 15 Mar 2021 22:06:25 +0000 Subject: GnuPG 2.3 Beta In-Reply-To: <87pn0rezus.fsf@wheatstone.g10code.de> References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> Message-ID: On Tue, Feb 23, 2021 at 12:26 PM Werner Koch via Gnupg-devel wrote: > > On Tue, 23 Feb 2021 10:48, Marco Ricci said: > > > Forgive my ignorance, but why exactly do you set up a new daemon for > > this? Just based on the description of the feature, I would have rather > > We use SQLite and transactions are very expensive if more than one > process is accessing the DB. So what we do is what all other database > engines do: run a single process with exclusive access to the DB. There > is some overhead due to IPC but overall things are much faster. > > The reason why several processes need to access the DB is that there are > often several gpg processes running and working on the same keyring. > This needs to be synchronized. Without the keyboxd we lock the keyring > and all other gpg and gpgsm processes need to wait until they can > continue even with a read. This multi-process serialization slows down > everything. I know many users of gpg are on single-user systems, but for systems with more than one user, does this mean that each user will need to start their own daemon, listening on their own ports? Or is there a single process running as a different user? Sorry to get caught up on one specific aspect. It's really good to see the 2.3 branch. From wk at gnupg.org Tue Mar 16 10:44:11 2021 From: wk at gnupg.org (Werner Koch) Date: Tue, 16 Mar 2021 10:44:11 +0100 Subject: [PATCH] tpm2dtests: add missing start_sw_tpm.sh script In-Reply-To: <260232b0ec8660439642ed2d0f95ebdd31071b25.camel@HansenPartnership.com> (James Bottomley's message of "Mon, 15 Mar 2021 09:26:33 -0700") References: <0792e4a942ab64e40aed761e4de5d8bf43ae74de.camel@HansenPartnership.com> <87a6r4v1jf.fsf@wheatstone.g10code.de> <260232b0ec8660439642ed2d0f95ebdd31071b25.camel@HansenPartnership.com> Message-ID: <87im5rtous.fsf@wheatstone.g10code.de> On Mon, 15 Mar 2021 09:26, James Bottomley said: > I'm afraid there are going to be many more teething troubles with the > TPM testing infrastructure. The distribution I use most frequently I don;t think that is too much of a problem. It should be clear tha this is a new development and problems are expected. Just in case of build problems, I added --disable-tpmd2 configure option so pppl can disable this part. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Tue Mar 16 11:00:27 2021 From: wk at gnupg.org (Werner Koch) Date: Tue, 16 Mar 2021 11:00:27 +0100 Subject: [PATCH gnupg 0/2] Small fixes for running the tpm2dtests. In-Reply-To: <20210315212005.24938-1-dgouttegattat@incenp.org> (Damien Goutte-Gattat via Gnupg-devel's message of "Mon, 15 Mar 2021 21:20:03 +0000") References: <20210315212005.24938-1-dgouttegattat@incenp.org> Message-ID: <87eegfto3o.fsf@wheatstone.g10code.de> On Mon, 15 Mar 2021 21:20, Damien Goutte-Gattat said: > The following two patches fix two small issues with the build system > caused by the newly added TPM code and specifically the corresponding Thanks. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Tue Mar 16 11:06:16 2021 From: wk at gnupg.org (Werner Koch) Date: Tue, 16 Mar 2021 11:06:16 +0100 Subject: GnuPG 2.3 Beta In-Reply-To: (Nicholas Cole via Gnupg-devel's message of "Mon, 15 Mar 2021 22:06:25 +0000") References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> Message-ID: <87a6r3tntz.fsf@wheatstone.g10code.de> On Mon, 15 Mar 2021 22:06, Nicholas Cole said: > I know many users of gpg are on single-user systems, but for systems > with more than one user, does this mean that each user will need to > start their own daemon, listening on their own ports? Or is there a These are all per-user daemon. That is easier for security and configration reasons. Back in the 2.0 age we allowed to run the dirmngr as a syustem wide daemon. Back then the primary task was to access to LDAP files and foremost to load and cache CRLs. So with 100 users on a machine only one CRL download was required. However, large multi user installations are rare and are a permanent problem security wise. Thus with 2.2 we dropped this feature and let each user configure the dirmngr to her own needs. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From m at the13thletter.info Tue Mar 16 11:26:25 2021 From: m at the13thletter.info (Marco Ricci) Date: Tue, 16 Mar 2021 11:26:25 +0100 Subject: GnuPG 2.3 Beta In-Reply-To: References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> Message-ID: Hi Nicolas. Thus spoke Nicholas Cole: > I know many users of gpg are on single-user systems, but for systems > with more than one user, does this mean that each user will need to > start their own daemon, listening on their own ports? Or is there > a single process running as a different user? Same as gpg-agent, dirmngr and scdaemon: one process per GnuPG homedir, and communication via a socket S.keyboxd in the homedir. (Dunno about Windows, but I assume it's similar.) Cheers, Marco -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 228 bytes Desc: OpenPGP digital signature URL: From dashohoxha at gmail.com Tue Mar 16 16:45:48 2021 From: dashohoxha at gmail.com (Dashamir Hoxha) Date: Tue, 16 Mar 2021 16:45:48 +0100 Subject: Sending key to WKS manually Message-ID: Hi, Since Thunderbird dropped Enigmail (and the ability to automatically handle key publishing to a WKS), I have tried to do this step manually. I use mutt (instead of sendmail) because I need to authenticate to the mail server. I am using a command like this: ---- /usr/lib/gnupg/gpg-wks-client --create \ AB97233AD0EB0180882D1227799020EF6FF16876 user3 at tst1.fs.al \ | mutt -F .mutt/user3 at tst1.fs.al keys at tst1.fs.al ---- Here '.mutt/user3 at tst1.fs.al' contains SMTP and authentication details and looks like this: ---- set from="user3 at tst1.fs.al" set use_from="yes" set smtp_url="smtp://user3 at tst1.fs.al@smtp.tst1.fs.al:587/ set smtp_pass="pass3" ---- The key publishing request that arrives on the WKS server looks like this: https://pastebin.com/S8Qc3pka However I get this error on the logs: ---- gpg-wks-server: t2body for level 0 gpg-wks-server: command failed: Unexpected message ---- I have tried to process the request manually, adding the option --verbose as well, but I don't get more details: ---- cat archive/new/'1615.....5F6_0.wks.tst1.fs.al,S=6250' \ | sudo -H -u webkey \ gpg-wks-server --directory /host/wkd --receive --send --verbose gpg-wks-server: t2body for level 0 gpg-wks-server: command failed: Unexpected message ---- I suspect that mutt alters the request that is generated by gpg-wks-client in a way that is unacceptable for gpg-wks-server, but cannot say where the problem is. Can you spot something wrong on the request: https://pastebin.com/S8Qc3pka ? Thanks, Dashamir From andrewg at andrewg.com Tue Mar 16 17:20:45 2021 From: andrewg at andrewg.com (Andrew Gallagher) Date: Tue, 16 Mar 2021 16:20:45 +0000 Subject: Sending key to WKS manually In-Reply-To: References: Message-ID: On 16/03/2021 15:45, Dashamir Hoxha via Gnupg-devel wrote: > > I suspect that mutt alters the request that is generated by > gpg-wks-client in a way that is unacceptable for gpg-wks-server, but > cannot say where the problem is. > Can you spot something wrong on the request: https://pastebin.com/S8Qc3pka ? Yes, it looks like when you sent the generated message to mutt, mutt interpreted it as plaintext rather than a complete raw message - you've got two sets of headers there separated by a blank line (line 27), so the second (real) set of headers is part of the message text, incorrectly. -- Andrew Gallagher -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: From dashohoxha at gmail.com Tue Mar 16 22:53:10 2021 From: dashohoxha at gmail.com (Dashamir Hoxha) Date: Tue, 16 Mar 2021 22:53:10 +0100 Subject: Sending key to WKS manually In-Reply-To: References: Message-ID: On Tue, Mar 16, 2021 at 6:37 PM Andrew Gallagher via Gnupg-devel wrote: > > On 16/03/2021 15:45, Dashamir Hoxha via Gnupg-devel wrote: > > > > I suspect that mutt alters the request that is generated by > > gpg-wks-client in a way that is unacceptable for gpg-wks-server, but > > cannot say where the problem is. > > Can you spot something wrong on the request: https://pastebin.com/S8Qc3pka ? > > Yes, it looks like when you sent the generated message to mutt, mutt > interpreted it as plaintext rather than a complete raw message - you've > got two sets of headers there separated by a blank line (line 27), so > the second (real) set of headers is part of the message text, incorrectly. You are absolutely right, that is the problem. Thanks for your quick help. Dashamir From dashohoxha at gmail.com Tue Mar 16 22:56:12 2021 From: dashohoxha at gmail.com (Dashamir Hoxha) Date: Tue, 16 Mar 2021 22:56:12 +0100 Subject: Sending key to WKS manually In-Reply-To: References: Message-ID: On Tue, Mar 16, 2021 at 6:58 PM ilf wrote: > > Mutt is not an smtp client, but a full-fledged MUA. Seems like you want > something like https://marlam.de/msmtp/ instead. Indeed, Mutt is not the right tool for sending emails from programs, and msmtp seems to be the best one. I used msmtp like this: 1. Send a key publishing request: ---- /usr/lib/gnupg/gpg-wks-client \ --create AB97233AD0EB0180882D1227799020EF6FF16876 user3 at tst1.fs.al \ | msmtp \ --read-envelope-from --read-recipients \ --tls=on --auth=on \ --host=smtp.tst1.fs.al --port=587 \ --user=user3 at tst1.fs.al --passwordeval="echo pass3" ---- 2. When the email with subject "Confirm your key publication" arrives, save it as a text file. 3. Send the confirmation email with a command like this: ---- cat Confirm-your-key-publication.eml | /usr/lib/gnupg/gpg-wks-client --receive \ | msmtp \ --tls=on --auth=on \ --read-envelope-from --read-recipients \ --host=smtp.tst1.fs.al --port=587 \ --user=user3 at tst1.fs.al --passwordeval="echo pass3" ---- It is not that bad, if you know how to do it. Regards, Dashamir From jcb62281 at gmail.com Wed Mar 17 03:22:56 2021 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Tue, 16 Mar 2021 21:22:56 -0500 Subject: GnuPG 2.3 Beta In-Reply-To: References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> Message-ID: <60516800.6040801@gmail.com> Nicholas Cole via Gnupg-devel wrote: > does this mean that each user will need to > start their own daemon, listening on their own ports? The solution to that is very easy, at least on POSIX systems: an AF_UNIX socket in the user's home directory, with the name including the hostname on which the daemon is running to support environments where home directories are shared on NFS or similar. -- Jacob From cb at gnupg.org Wed Mar 17 09:09:33 2021 From: cb at gnupg.org (Christoph Biedl) Date: Wed, 17 Mar 2021 09:09:33 +0100 Subject: dev.gnupg.org downtime Message-ID: <1615968356@msgid.g10code.com> Hello, the dev.gnupg.org development hub is in need of a major upgrade and some maintenance. Unfortunately this will require a longer downtime. Work will start on March 17th (today) at 15:30 UTC We expect the service to be inaccessible for about four hours. This will be followed by a period of up to twelve hours of reduced performance and possibly slight visual errors while databases are being re-indexed and similar things. There will be a second, shorter downtime about two days later, details will follow. Christoph -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From okigan at gmail.com Wed Mar 17 10:04:01 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:04:01 -0700 Subject: [PATCH 0/4] T1756 gpg-agent doesn't accept ssh certificates Message-ID: <20210317090405.263229-1-okigan@gmail.com> This set of patches updates support for certificates and addresses (at least part of) https://dev.gnupg.org/T1756. With thes patches user shall be able to add RSA key and certificate to the gpg-agent and get a passwordless sign through signed certificates. Looking forward to feedback and comments. Signed-off-by: Igor Okulist Igor Okulist (4): ssh: update certificate support ssh: update certificate support ssh: update certificate support ssh: update certificate support agent/agent.h | 3 +- agent/command-ssh.c | 117 +++++++++++++++++++++++++++++++++++++++++--- agent/cvt-openpgp.c | 12 ++++- agent/findkey.c | 46 ++++++++++++++--- 4 files changed, 159 insertions(+), 19 deletions(-) -- 2.25.1 From okigan at gmail.com Wed Mar 17 10:04:02 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:04:02 -0700 Subject: [PATCH 1/4] ssh: update certificate support In-Reply-To: <20210317090405.263229-1-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> Message-ID: <20210317090405.263229-2-okigan@gmail.com> --- agent/agent.h | 3 +- agent/command-ssh.c | 156 ++++++++++++++++++++++++++++++++++++++++---- agent/cvt-openpgp.c | 12 +++- agent/findkey.c | 58 +++++++++++++--- 4 files changed, 204 insertions(+), 25 deletions(-) diff --git a/agent/agent.h b/agent/agent.h index fb4641259..207ed45a9 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -619,6 +619,7 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data, const char **r_algoname, int *r_npkey, int *r_nskey, const char **r_format, gcry_mpi_t *mpi_array, int arraysize, - gcry_sexp_t *r_curve, gcry_sexp_t *r_flags); + gcry_sexp_t *r_curve, gcry_sexp_t *r_flags, + gcry_sexp_t *key_type); #endif /*AGENT_H*/ diff --git a/agent/command-ssh.c b/agent/command-ssh.c index bcc78bd15..d8ccbafb0 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -1897,6 +1897,10 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, goto out; } + gcry_sexp_t list = gcry_sexp_find_token (sexp, "key-type", 0); + size_t len = 0; + const char *key_type = gcry_sexp_nth_data (list, 1, &len); + /* Get key value list. */ value_list = gcry_sexp_cadr (sexp); if (!value_list) @@ -1933,10 +1937,42 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, } else { - /* Note: This is also used for EdDSA. */ - err = stream_write_cstring (stream, key_spec.ssh_identifier); - if (err) - goto out; + if (key_type) + { + // err = stream_write_string (stream, key_type, len); + // if (err) + // goto out; + // err = stream_write_string (stream, "", strlen ("")); + // if (err) + // goto out; + + gcry_sexp_t certificate_sexp = gcry_sexp_find_token (sexp, "certificate", 0); + size_t certificate_sexp_b64_len = 0; + const char *certificate_sexp_b64 = gcry_sexp_nth_data(certificate_sexp, 1, &certificate_sexp_b64_len); + + char *certificate = xtrymalloc (certificate_sexp_b64_len + 1); + strncpy(certificate, certificate_sexp_b64, certificate_sexp_b64_len); + certificate[certificate_sexp_b64_len] = '\0'; + + struct b64state b64s = {}; + long int len = 0; + + err = b64dec_start (&b64s, NULL); + err = b64dec_proc (&b64s, certificate, certificate_sexp_b64_len, &len); + err = b64dec_finish (&b64s); + err = stream_write_data (stream, certificate, len); + + xfree (certificate); + + goto done; + } + else + { + /* Note: This is also used for EdDSA. */ + err = stream_write_cstring (stream, key_spec.ssh_identifier); + if (err) + goto out; + } } /* Write the parameters. */ @@ -1986,6 +2022,7 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, } } +done: if (es_fclose_snatch (stream, &blob, &blob_size)) { err = gpg_error_from_syserror (); @@ -2005,7 +2042,6 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, return err; } - /* @@ -2065,23 +2101,31 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, if (err) goto out; + log_info("key type: %s", key_type); + err = ssh_key_type_lookup (key_type, 0, &spec); if (err) goto out; + log_info("key spec flags: 0x%x", spec.flags); + + unsigned char *cert_buffer = NULL; + u32 cert_buffer_len = 0; + if ((spec.flags & SPEC_FLAG_WITH_CERT)) { + /* in case of certs it reads part of cert to get public mpints + and parts of the payload for private mpints -- so -cert.pub files + have private mpints? or is it just reading random data to fill out the + key struct ? */ /* This is an OpenSSH certificate+private key. The certificate is an SSH string and which we store in an estream object. */ - unsigned char *buffer; - u32 buflen; char *cert_key_type; - err = stream_read_string (stream, 0, &buffer, &buflen); + err = stream_read_string (stream, 0, &cert_buffer, &cert_buffer_len); if (err) goto out; - cert = es_fopenmem_init (0, "rb", buffer, buflen); - xfree (buffer); + cert = es_fopenmem_init (0, "rb", cert_buffer, cert_buffer_len); if (!cert) { err = gpg_error_from_syserror (); @@ -2092,6 +2136,9 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = stream_read_cstring (cert, &cert_key_type); if (err) goto out; + + log_info ("certificate type: %s", cert_key_type); + if (strcmp (cert_key_type, key_type) ) { xfree (cert_key_type); @@ -2211,6 +2258,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = stream_read_cstring (stream, &comment); if (err) goto out; + log_info("key comment: %s", comment); } if (secret) @@ -2246,12 +2294,55 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, comment? comment:""); } } - else + else if (0==strcmp(spec.ssh_identifier, "ssh-rsa-cert-v01 at openssh.com")) { + struct b64state b64s; + estream_t stream; + long int len; + + stream = es_fopenmem(0, "wt"); + err = b64enc_start_es (&b64s, stream, ""); + err = b64enc_write (&b64s, cert_buffer, cert_buffer_len); + err = b64enc_finish (&b64s); + len = es_ftell (stream); + + char *result = xtrymalloc (len + 1); + size_t nread; + + es_fseek(stream, 0, SEEK_SET); + es_read (stream, result, len, &nread); + result[len] = 0; + + es_fclose (stream); + + err = gcry_sexp_build (&key, NULL, + "(private-key " + " (rsa " + " (n %m)" + " (e %m)" + " (d %m)" + " (p %m)" + " (q %m)" + " (u %m)" + " )" + " (comment %s)" + " (key-type %s)" + " (certificate %s)" + " )", + mpi_list[1], // !swapped 1 and 0 + mpi_list[0], + mpi_list[2], + mpi_list[3], + mpi_list[4], + mpi_list[5], + comment!=NULL?comment:"", + spec.ssh_identifier, + result); + } + else + { err = sexp_key_construct (&key, spec, secret, curve_name, mpi_list, - comment? comment:""); - if (err) - goto out; + comment? comment:""); } if (key_spec) @@ -2264,6 +2355,8 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, xfree (key_type); xfree (comment); + xfree (cert_buffer); + return err; } @@ -2366,6 +2459,28 @@ ssh_key_grip (gcry_sexp_t key, unsigned char *buffer) return err? err : gpg_error (GPG_ERR_INTERNAL); } + gcry_sexp_t list = NULL; + size_t len = 0; + const char *data = NULL; + + list = gcry_sexp_find_token (key, "key-type", 0); + len = 0; + data = gcry_sexp_nth_data(list, 1, &len); + + if (data) + { + gcry_md_hd_t md = NULL; + gcry_md_open (&md, GCRY_MD_SHA1, 0); + + gcry_md_write (md, buffer, 20); + gcry_md_write (md, data, len); + + memcpy (buffer, gcry_md_read (md, GCRY_MD_SHA1), 20); + gcry_md_close (md); + } + + gcry_sexp_release(list); + return 0; } @@ -2652,6 +2767,13 @@ ssh_handler_request_identities (ctrl_t ctrl, gpg_strerror (err)); continue; } + if (opt.verbose > 1) { + log_info ("fname: %s", cf->fname); + log_info ("hexgrip: %s", cf->item.hexgrip); + char debug_buffer[8192] = "\0"; + err = gcry_sexp_sprint (key_public, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); + log_info ("key sExpression: %s", debug_buffer); + } err = ssh_send_key_public (key_blobs, key_public, NULL); if (err) @@ -3132,6 +3254,12 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, } } + if (opt.verbose > 1) { + char debug_buffer[8192] = "\0"; + err = gcry_sexp_sprint (key, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); + log_info ("key Sexpression: %s", debug_buffer); + } + err = ssh_key_to_protected_buffer (key, pi->pin, &buffer, &buffer_n); if (err) goto out; diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index ff153c358..54f38997c 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -1194,7 +1194,8 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data, const char **r_algoname, int *r_npkey, int *r_nskey, const char **r_elems, gcry_mpi_t *array, int arraysize, - gcry_sexp_t *r_curve, gcry_sexp_t *r_flags) + gcry_sexp_t *r_curve, gcry_sexp_t *r_flags, + gcry_sexp_t *r_key_type) { gpg_error_t err; gcry_sexp_t list, l2; @@ -1203,6 +1204,7 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data, int npkey, nskey; gcry_sexp_t curve = NULL; gcry_sexp_t flags = NULL; + gcry_sexp_t key_type = NULL; *r_curve = NULL; *r_flags = NULL; @@ -1224,6 +1226,8 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data, return gpg_error (GPG_ERR_BAD_SECKEY); } + key_type = gcry_sexp_find_token (list, "key_type", 0); + l2 = gcry_sexp_cadr (list); gcry_sexp_release (list); list = l2; @@ -1305,6 +1309,9 @@ extract_private_key (gcry_sexp_t s_key, int req_private_key_data, *r_curve = curve; *r_flags = flags; + if (r_key_type) + *r_key_type = key_type; + return 0; } } @@ -1323,6 +1330,7 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, gcry_mpi_t array[10]; gcry_sexp_t curve = NULL; gcry_sexp_t flags = NULL; + gcry_sexp_t key_name = NULL; char protect_iv[16]; char salt[8]; unsigned long s2k_count; @@ -1336,7 +1344,7 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, array[i] = NULL; err = extract_private_key (s_key, 1, &algoname, &npkey, &nskey, NULL, - array, DIM (array), &curve, &flags); + array, DIM (array), &curve, &flags, &key_name); if (err) return err; diff --git a/agent/findkey.c b/agent/findkey.c index cea21959f..5b54de7cb 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -1245,13 +1245,13 @@ agent_public_key_from_file (ctrl_t ctrl, gcry_mpi_t array[10]; gcry_sexp_t curve = NULL; gcry_sexp_t flags = NULL; - gcry_sexp_t uri_sexp, comment_sexp; - const char *uri, *comment; - size_t uri_length, comment_length; - int uri_intlen, comment_intlen; + gcry_sexp_t uri_sexp, comment_sexp, key_type_sexp, certificate_sexp; + const char *uri, *comment, *key_type, *certificate; + size_t uri_length, comment_length, key_type_length, certificate_length; + int uri_intlen, comment_intlen, key_type_intlen, certificate_intlen; char *format, *p; - void *args[2+7+2+2+1]; /* Size is 2 + max. # of elements + 2 for uri + 2 - for comment + end-of-list. */ + void *args[2+7+2+2+2+1]; /* Size is 2 + max. # of elements + 2 for uri + 2 + for comment + key_type + certificate + end-of-list. */ int argidx; gcry_sexp_t list = NULL; const char *s; @@ -1264,11 +1264,21 @@ agent_public_key_from_file (ctrl_t ctrl, if (err) return err; + if (opt.verbose > 1) { + char hexgrip[40+4+1]; + bin2hex (grip, 20, hexgrip); + + log_info ("hexgrip: %s", hexgrip); + char debug_buffer[8192] = "\0"; + err = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); + log_info ("loaded key sExpression: %s", debug_buffer); + } + for (i=0; i < DIM (array); i++) array[i] = NULL; err = extract_private_key (s_skey, 0, &algoname, &npkey, NULL, &elems, - array, DIM (array), &curve, &flags); + array, DIM (array), &curve, &flags, &key_type_sexp); if (err) { gcry_sexp_release (s_skey); @@ -1287,10 +1297,25 @@ agent_public_key_from_file (ctrl_t ctrl, if (comment_sexp) comment = gcry_sexp_nth_data (comment_sexp, 1, &comment_length); + key_type = NULL; + key_type_length = 0; + key_type_sexp = gcry_sexp_find_token (s_skey, "key-type", 0); + if (key_type_sexp) + key_type = gcry_sexp_nth_data (key_type_sexp, 1, &key_type_length); + + certificate = NULL; + certificate_length = 0; + certificate_sexp = gcry_sexp_find_token (s_skey, "certificate", 0); + if (certificate_sexp) + certificate = gcry_sexp_nth_data (certificate_sexp, 1, &certificate_length); + + gcry_sexp_release (s_skey); s_skey = NULL; + // TODO: the following FIXME is so true -- following code is + // prone to buffer overrun /* FIXME: The following thing is pretty ugly code; we should investigate how to make it cleaner. Probably code to handle canonical S-expressions in a memory buffer is better suited for @@ -1299,7 +1324,7 @@ agent_public_key_from_file (ctrl_t ctrl, them. */ assert (sizeof (size_t) <= sizeof (void*)); - format = xtrymalloc (15+4+7*npkey+10+15+1+1); + format = xtrymalloc (15+4+7*npkey+10+15+1+1+5+4096); if (!format) { err = gpg_error_from_syserror (); @@ -1342,6 +1367,23 @@ agent_public_key_from_file (ctrl_t ctrl, args[argidx++] = (void *)&comment_intlen; args[argidx++] = (void*)&comment; } + if (key_type) + { + p = stpcpy (p, "(key-type %b)"); + log_assert (argidx+1 < DIM (args)); + key_type_intlen = (int)key_type_length; + args[argidx++] = (void *)&key_type_intlen; + args[argidx++] = (void*)&key_type; + } + if (certificate) + { + p = stpcpy (p, "(certificate %b)"); + log_assert (argidx+1 < DIM (args)); + certificate_intlen = (int)certificate_length; + args[argidx++] = (void *)&certificate_intlen; + args[argidx++] = (void*)&certificate; + } + *p++ = ')'; *p = 0; assert (argidx < DIM (args)); -- 2.25.1 From okigan at gmail.com Wed Mar 17 10:04:03 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:04:03 -0700 Subject: [PATCH 2/4] ssh: update certificate support In-Reply-To: <20210317090405.263229-1-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> Message-ID: <20210317090405.263229-3-okigan@gmail.com> code cleanup --- agent/command-ssh.c | 147 ++++++++++++++++++++------------------------ agent/findkey.c | 10 --- 2 files changed, 66 insertions(+), 91 deletions(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index d8ccbafb0..dfdc36f97 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -1897,10 +1897,6 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, goto out; } - gcry_sexp_t list = gcry_sexp_find_token (sexp, "key-type", 0); - size_t len = 0; - const char *key_type = gcry_sexp_nth_data (list, 1, &len); - /* Get key value list. */ value_list = gcry_sexp_cadr (sexp); if (!value_list) @@ -1937,15 +1933,12 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, } else { - if (key_type) - { - // err = stream_write_string (stream, key_type, len); - // if (err) - // goto out; - // err = stream_write_string (stream, "", strlen ("")); - // if (err) - // goto out; + gcry_sexp_t list = gcry_sexp_find_token (sexp, "key-type", 0); + size_t len = 0; + const char *key_type = gcry_sexp_nth_data (list, 1, &len); + if (key_type) + { gcry_sexp_t certificate_sexp = gcry_sexp_find_token (sexp, "certificate", 0); size_t certificate_sexp_b64_len = 0; const char *certificate_sexp_b64 = gcry_sexp_nth_data(certificate_sexp, 1, &certificate_sexp_b64_len); @@ -1955,15 +1948,17 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, certificate[certificate_sexp_b64_len] = '\0'; struct b64state b64s = {}; - long int len = 0; + long int certificate_len = 0; err = b64dec_start (&b64s, NULL); - err = b64dec_proc (&b64s, certificate, certificate_sexp_b64_len, &len); - err = b64dec_finish (&b64s); - err = stream_write_data (stream, certificate, len); + err = err || b64dec_proc (&b64s, certificate, certificate_sexp_b64_len, &certificate_len); + err = err || b64dec_finish (&b64s); + err = err | stream_write_data (stream, certificate, certificate_len); xfree (certificate); + if (err) + goto out; goto done; } else @@ -2021,7 +2016,7 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, goto out; } } - + done: if (es_fclose_snatch (stream, &blob, &blob_size)) { @@ -2101,23 +2096,21 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, if (err) goto out; - log_info("key type: %s", key_type); + if (opt.verbose) + log_info("key type: %s", key_type); err = ssh_key_type_lookup (key_type, 0, &spec); if (err) goto out; - log_info("key spec flags: 0x%x", spec.flags); + if (opt.verbose) + log_info("key spec flags: 0x%x", spec.flags); unsigned char *cert_buffer = NULL; u32 cert_buffer_len = 0; if ((spec.flags & SPEC_FLAG_WITH_CERT)) { - /* in case of certs it reads part of cert to get public mpints - and parts of the payload for private mpints -- so -cert.pub files - have private mpints? or is it just reading random data to fill out the - key struct ? */ /* This is an OpenSSH certificate+private key. The certificate is an SSH string and which we store in an estream object. */ char *cert_key_type; @@ -2137,7 +2130,8 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, if (err) goto out; - log_info ("certificate type: %s", cert_key_type); + if (opt.verbose) + log_info ("certificate type: %s", cert_key_type); if (strcmp (cert_key_type, key_type) ) { @@ -2258,7 +2252,8 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = stream_read_cstring (stream, &comment); if (err) goto out; - log_info("key comment: %s", comment); + if (opt.verbose) + log_info("key comment: %s", comment); } if (secret) @@ -2294,55 +2289,57 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, comment? comment:""); } } - else if (0==strcmp(spec.ssh_identifier, "ssh-rsa-cert-v01 at openssh.com")) + else if (0 == strcmp(spec.ssh_identifier, "ssh-rsa-cert-v01 at openssh.com")) { - struct b64state b64s; - estream_t stream; - long int len; + struct b64state b64s = {}; + estream_t stream = NULL; + long int b64_cert_buffer_len = 0; - stream = es_fopenmem(0, "wt"); - err = b64enc_start_es (&b64s, stream, ""); - err = b64enc_write (&b64s, cert_buffer, cert_buffer_len); - err = b64enc_finish (&b64s); - len = es_ftell (stream); + stream = es_fopenmem(0, "wt"); + err = b64enc_start_es (&b64s, stream, ""); + err = err || b64enc_write (&b64s, cert_buffer, cert_buffer_len); + err = err || b64enc_finish (&b64s); + if (err) + goto out; - char *result = xtrymalloc (len + 1); - size_t nread; + b64_cert_buffer_len = es_ftell (stream); - es_fseek(stream, 0, SEEK_SET); - es_read (stream, result, len, &nread); - result[len] = 0; + char *b64_cert_buffer = xtrymalloc (b64_cert_buffer_len + 1); + size_t nread = 0; - es_fclose (stream); + err = es_fseek(stream, 0, SEEK_SET); + err = err || es_read (stream, b64_cert_buffer, b64_cert_buffer_len, &nread); + if (err) + goto out; + b64_cert_buffer[b64_cert_buffer_len] = "\0"; - err = gcry_sexp_build (&key, NULL, - "(private-key " - " (rsa " - " (n %m)" - " (e %m)" - " (d %m)" - " (p %m)" - " (q %m)" - " (u %m)" - " )" - " (comment %s)" - " (key-type %s)" - " (certificate %s)" - " )", - mpi_list[1], // !swapped 1 and 0 - mpi_list[0], - mpi_list[2], - mpi_list[3], - mpi_list[4], - mpi_list[5], - comment!=NULL?comment:"", - spec.ssh_identifier, - result); + es_fclose (stream); + + err = gcry_sexp_build (&key, NULL, + "(private-key " + " (rsa (n %m) (e %m) (d %m) (p %m) (q %m) (u %m) )" + " (comment %s)" + " (key-type %s)" + " (certificate %s)" + " )", + // swapped! 1 and 0 required + mpi_list[1], mpi_list[0], mpi_list[2], mpi_list[3], mpi_list[4], mpi_list[5], + comment!=NULL?comment:"", + spec.ssh_identifier, + b64_cert_buffer); + + xfree(b64_cert_buffer); + b64_cert_buffer = NULL; + + if (err) + goto out; } else { err = sexp_key_construct (&key, spec, secret, curve_name, mpi_list, comment? comment:""); + if (err) + goto out; } if (key_spec) @@ -2449,7 +2446,7 @@ ssh_read_key_public_from_blob (unsigned char *blob, size_t blob_size, /* This function calculates the key grip for the key contained in the S-Expression KEY and writes it to BUFFER, which must be large - enough to hold it. Returns usual error code. */ + enough to hold 20 characters. Returns usual error code. */ static gpg_error_t ssh_key_grip (gcry_sexp_t key, unsigned char *buffer) { @@ -2459,13 +2456,14 @@ ssh_key_grip (gcry_sexp_t key, unsigned char *buffer) return err? err : gpg_error (GPG_ERR_INTERNAL); } + // if the key contains "key-type" update the gcry_pk_get_keygrip computed + // keygrip by the hashing it with key-type value gcry_sexp_t list = NULL; - size_t len = 0; const char *data = NULL; + size_t data_len = 0; list = gcry_sexp_find_token (key, "key-type", 0); - len = 0; - data = gcry_sexp_nth_data(list, 1, &len); + data = gcry_sexp_nth_data(list, 1, &data_len); if (data) { @@ -2473,7 +2471,7 @@ ssh_key_grip (gcry_sexp_t key, unsigned char *buffer) gcry_md_open (&md, GCRY_MD_SHA1, 0); gcry_md_write (md, buffer, 20); - gcry_md_write (md, data, len); + gcry_md_write (md, data, data_len); memcpy (buffer, gcry_md_read (md, GCRY_MD_SHA1), 20); gcry_md_close (md); @@ -2767,13 +2765,6 @@ ssh_handler_request_identities (ctrl_t ctrl, gpg_strerror (err)); continue; } - if (opt.verbose > 1) { - log_info ("fname: %s", cf->fname); - log_info ("hexgrip: %s", cf->item.hexgrip); - char debug_buffer[8192] = "\0"; - err = gcry_sexp_sprint (key_public, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); - log_info ("key sExpression: %s", debug_buffer); - } err = ssh_send_key_public (key_blobs, key_public, NULL); if (err) @@ -3253,12 +3244,6 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, goto next_try; } } - - if (opt.verbose > 1) { - char debug_buffer[8192] = "\0"; - err = gcry_sexp_sprint (key, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); - log_info ("key Sexpression: %s", debug_buffer); - } err = ssh_key_to_protected_buffer (key, pi->pin, &buffer, &buffer_n); if (err) diff --git a/agent/findkey.c b/agent/findkey.c index 5b54de7cb..b558ab893 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -1263,16 +1263,6 @@ agent_public_key_from_file (ctrl_t ctrl, err = read_key_file (grip, &s_skey); if (err) return err; - - if (opt.verbose > 1) { - char hexgrip[40+4+1]; - bin2hex (grip, 20, hexgrip); - - log_info ("hexgrip: %s", hexgrip); - char debug_buffer[8192] = "\0"; - err = gcry_sexp_sprint (s_skey, GCRYSEXP_FMT_ADVANCED, debug_buffer, sizeof(debug_buffer)); - log_info ("loaded key sExpression: %s", debug_buffer); - } for (i=0; i < DIM (array); i++) array[i] = NULL; -- 2.25.1 From okigan at gmail.com Wed Mar 17 10:04:04 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:04:04 -0700 Subject: [PATCH 3/4] ssh: update certificate support In-Reply-To: <20210317090405.263229-1-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> Message-ID: <20210317090405.263229-4-okigan@gmail.com> remove useful but not feature related log messages --- agent/command-ssh.c | 30 +++++++++--------------------- agent/findkey.c | 6 ++---- 2 files changed, 11 insertions(+), 25 deletions(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index dfdc36f97..3983bbeb4 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -1963,11 +1963,11 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, } else { - /* Note: This is also used for EdDSA. */ - err = stream_write_cstring (stream, key_spec.ssh_identifier); - if (err) - goto out; - } + /* Note: This is also used for EdDSA. */ + err = stream_write_cstring (stream, key_spec.ssh_identifier); + if (err) + goto out; + } } /* Write the parameters. */ @@ -2016,7 +2016,7 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, goto out; } } - + done: if (es_fclose_snatch (stream, &blob, &blob_size)) { @@ -2096,16 +2096,10 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, if (err) goto out; - if (opt.verbose) - log_info("key type: %s", key_type); - err = ssh_key_type_lookup (key_type, 0, &spec); if (err) goto out; - if (opt.verbose) - log_info("key spec flags: 0x%x", spec.flags); - unsigned char *cert_buffer = NULL; u32 cert_buffer_len = 0; @@ -2129,10 +2123,6 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = stream_read_cstring (cert, &cert_key_type); if (err) goto out; - - if (opt.verbose) - log_info ("certificate type: %s", cert_key_type); - if (strcmp (cert_key_type, key_type) ) { xfree (cert_key_type); @@ -2252,8 +2242,6 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = stream_read_cstring (stream, &comment); if (err) goto out; - if (opt.verbose) - log_info("key comment: %s", comment); } if (secret) @@ -2335,9 +2323,9 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, goto out; } else - { + { err = sexp_key_construct (&key, spec, secret, curve_name, mpi_list, - comment? comment:""); + comment? comment:""); if (err) goto out; } @@ -3244,7 +3232,7 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, goto next_try; } } - + err = ssh_key_to_protected_buffer (key, pi->pin, &buffer, &buffer_n); if (err) goto out; diff --git a/agent/findkey.c b/agent/findkey.c index b558ab893..63964ce69 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -1263,7 +1263,7 @@ agent_public_key_from_file (ctrl_t ctrl, err = read_key_file (grip, &s_skey); if (err) return err; - + for (i=0; i < DIM (array); i++) array[i] = NULL; @@ -1304,8 +1304,6 @@ agent_public_key_from_file (ctrl_t ctrl, s_skey = NULL; - // TODO: the following FIXME is so true -- following code is - // prone to buffer overrun /* FIXME: The following thing is pretty ugly code; we should investigate how to make it cleaner. Probably code to handle canonical S-expressions in a memory buffer is better suited for @@ -1314,7 +1312,7 @@ agent_public_key_from_file (ctrl_t ctrl, them. */ assert (sizeof (size_t) <= sizeof (void*)); - format = xtrymalloc (15+4+7*npkey+10+15+1+1+5+4096); + format = xtrymalloc (15+4+7*npkey+10+15+1+1+5+10); if (!format) { err = gpg_error_from_syserror (); -- 2.25.1 From okigan at gmail.com Wed Mar 17 10:04:05 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:04:05 -0700 Subject: [PATCH 4/4] ssh: update certificate support In-Reply-To: <20210317090405.263229-1-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> Message-ID: <20210317090405.263229-5-okigan@gmail.com> GnuPG-bug-id: https://dev.gnupg.org/T1756 Signed-off-by: Igor Okulist --- agent/command-ssh.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 3983bbeb4..101bbc691 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -60,7 +60,7 @@ #include "../common/ssh-utils.h" - + /* Request types. */ #define SSH_REQUEST_REQUEST_IDENTITIES 11 @@ -1953,7 +1953,7 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret, err = b64dec_start (&b64s, NULL); err = err || b64dec_proc (&b64s, certificate, certificate_sexp_b64_len, &certificate_len); err = err || b64dec_finish (&b64s); - err = err | stream_write_data (stream, certificate, certificate_len); + err = err || stream_write_data (stream, certificate, certificate_len); xfree (certificate); @@ -2299,7 +2299,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret, err = err || es_read (stream, b64_cert_buffer, b64_cert_buffer_len, &nread); if (err) goto out; - b64_cert_buffer[b64_cert_buffer_len] = "\0"; + b64_cert_buffer[b64_cert_buffer_len] = '\0'; es_fclose (stream); -- 2.25.1 From wk at gnupg.org Wed Mar 17 10:03:42 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 17 Mar 2021 10:03:42 +0100 Subject: Sending key to WKS manually In-Reply-To: (Dashamir Hoxha via Gnupg-devel's message of "Tue, 16 Mar 2021 22:56:12 +0100") References: Message-ID: <87sg4urw29.fsf@wheatstone.g10code.de> On Tue, 16 Mar 2021 22:56, Dashamir Hoxha said: > /usr/lib/gnupg/gpg-wks-client \ > --create AB97233AD0EB0180882D1227799020EF6FF16876 user3 at tst1.fs.al \ > | msmtp \ > --read-envelope-from --read-recipients \ > --tls=on --auth=on \ > --host=smtp.tst1.fs.al --port=587 \ > --user=user3 at tst1.fs.al --passwordeval="echo pass3" > ---- I don't know about msmtp but I would expect that it comes with a /var/lib/sendmail wrapper. So all you need to do is to add --send to the gpg-wks-client invocation. > 3. Send the confirmation email with a command like this: Given tha you seem to use mutt, you may simply add application/vnd.gnupg.wks; /home/wk/b/gnupg/tools/gpg-wks-client \ -v --read --send; needsterminal; description=WKS message to /etc/mailcap and you are done. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From dashohoxha at gmail.com Wed Mar 17 11:15:34 2021 From: dashohoxha at gmail.com (Dashamir Hoxha) Date: Wed, 17 Mar 2021 11:15:34 +0100 Subject: Sending key to WKS manually In-Reply-To: <87sg4urw29.fsf@wheatstone.g10code.de> References: <87sg4urw29.fsf@wheatstone.g10code.de> Message-ID: On Wed, Mar 17, 2021 at 10:05 AM Werner Koch wrote: > I don't know about msmtp but I would expect that it comes with a > /var/lib/sendmail wrapper. So all you need to do is to add --send to > the gpg-wks-client invocation. Yes, msmtp can work as a replacement for sendmail, so that we can use the --send option. But this requires global configuration of the SMTP server, username, password etc. For testing and for sending a couple of emails I would prefer to use the command line options, instead of making a global configuration. By the way, this is a good tutorial about msmtp: https://arnaudr.io/2020/08/24/send-emails-from-your-terminal-with-msmtp/ > > Given tha you seem to use mutt, you may simply add > > application/vnd.gnupg.wks; /home/wk/b/gnupg/tools/gpg-wks-client \ > -v --read --send; needsterminal; description=WKS message > > to /etc/mailcap and you are done. I don't usually use Mutt, I was trying to find an alternative to Thunderbird for testing the WKS server. I have seen these instructions on the WKS wiki page, but I am not sure how it is supposed to work. Does it mean that when we receive the email "Confirm your key publication", we can open the attachment and Mutt will process it automatically with gpg-wks-client? But this also requires to setup sendmail because Mutt alone is not enough? On the other hand, how do we send the key-publication-request from Mutt (how do we initiate the key publishing process)? By the way, is there any chance that the mailcap mechanism could work with Thunderbird and other applications, or it is specific to Mutt only? Thanks for helping me to understand this better. Dashamir From okigan at gmail.com Wed Mar 17 10:09:04 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 02:09:04 -0700 Subject: [PATCH 5/4] T1756 gpg-agent doesn't accept ssh certificates In-Reply-To: References: Message-ID: Graphical view of the diff and corresponding CI loop output . -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Wed Mar 17 13:58:29 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 17 Mar 2021 13:58:29 +0100 Subject: GnuPG 2.3 Beta In-Reply-To: (Marco Ricci's message of "Tue, 16 Mar 2021 11:26:25 +0100") References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> Message-ID: <87k0q6rl6y.fsf@wheatstone.g10code.de> On Tue, 16 Mar 2021 11:26, Marco Ricci said: > Same as gpg-agent, dirmngr and scdaemon: one process per GnuPG homedir, > and communication via a socket S.keyboxd in the homedir. (Dunno about > Windows, but I assume it's similar.) Right, Windows works the same. Except that we don't use a socket but a plain file having the localhost TCP port number and a magic cookie. gpgconf --list-dirs shows the socket names also on Windows. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Wed Mar 17 14:02:20 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 17 Mar 2021 14:02:20 +0100 Subject: GnuPG 2.3 Beta In-Reply-To: <60516800.6040801@gmail.com> (Jacob Bachmeyer via Gnupg-devel's message of "Tue, 16 Mar 2021 21:22:56 -0500") References: <87wnv0ilsl.fsf@wheatstone.g10code.de> <0f946360-866a-da67-79e0-bb9c69358444@the13thletter.info> <87pn0rezus.fsf@wheatstone.g10code.de> <60516800.6040801@gmail.com> Message-ID: <87ft0url0j.fsf@wheatstone.g10code.de> On Tue, 16 Mar 2021 21:22, Jacob Bachmeyer said: > The solution to that is very easy, at least on POSIX systems: an > AF_UNIX socket in the user's home directory, with the name including It should actually not be in the home directory but under /var/run/user//gnupg/ to avoid problems with remote file systems. ~/.gnupg is just a fallback in case /var/run/user// does not exist. If the homedirectory is changed (vis GNUPGHOME or --homedir) a specially named subdirectory below the /var/run/ directory is used. gpgconf --list-dirs shows things. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From wk at gnupg.org Wed Mar 17 15:36:19 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 17 Mar 2021 15:36:19 +0100 Subject: Sending key to WKS manually In-Reply-To: (Dashamir Hoxha via Gnupg-devel's message of "Wed, 17 Mar 2021 11:15:34 +0100") References: <87sg4urw29.fsf@wheatstone.g10code.de> Message-ID: <87blbhsv8c.fsf@wheatstone.g10code.de> On Wed, 17 Mar 2021 11:15, Dashamir Hoxha said: > email "Confirm your key publication", we can open the attachment and > Mutt will process it automatically with gpg-wks-client? But this also Right, that is the whole point of /etc/mailcap. > requires to setup sendmail because Mutt alone is not enough? On the Sure. A Unix system is supposed to have a proper mail interface for automated use, think only about cron. But current Linux desktops are too much Windows than Unix :-( > By the way, is there any chance that the mailcap mechanism could work > with Thunderbird and other applications, or it is specific to Mutt I guess not. Firefox also uses its own Mime type registry; so I think TB does the same. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From jcb62281 at gmail.com Wed Mar 17 23:39:26 2021 From: jcb62281 at gmail.com (Jacob Bachmeyer) Date: Wed, 17 Mar 2021 17:39:26 -0500 Subject: [PATCH 3/4] ssh: update certificate support In-Reply-To: <20210317090405.263229-4-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> <20210317090405.263229-4-okigan@gmail.com> Message-ID: <6052851E.9030203@gmail.com> Igor Okulist via Gnupg-devel wrote: > [...] > @@ -1304,8 +1304,6 @@ agent_public_key_from_file (ctrl_t ctrl, > s_skey = NULL; > > > - // TODO: the following FIXME is so true -- following code is > - // prone to buffer overrun > /* FIXME: The following thing is pretty ugly code; we should > investigate how to make it cleaner. Probably code to handle > canonical S-expressions in a memory buffer is better suited for > @@ -1314,7 +1312,7 @@ agent_public_key_from_file (ctrl_t ctrl, > them. */ > assert (sizeof (size_t) <= sizeof (void*)); > > - format = xtrymalloc (15+4+7*npkey+10+15+1+1+5+4096); > + format = xtrymalloc (15+4+7*npkey+10+15+1+1+5+10); > if (!format) > { > err = gpg_error_from_syserror (); > Are you sure about this? Removing a comment that warns of possible buffer overruns that need to be addressed without (as far as I can tell) actually addressing the possible issue while also *reducing* the size of an allocated buffer strikes me as odd. -- Jacob From dgouttegattat at incenp.org Thu Mar 18 00:19:21 2021 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Wed, 17 Mar 2021 23:19:21 +0000 Subject: [PATCH gnupg] build: Allow selection of TSS library. Message-ID: <20210317231921.31185-1-dgouttegattat@incenp.org> * configure.ac: New option --with-tss to force the use of a specific TSS library. -- While most systems will probably have only one of the two TPM libraries that we support (the IBM TSS or the Intel TSS), it would still be helpful to allow which one to use in the event that both are detected, instead of always using the IBM one. This patch does that by adding a --with-tss=TSS configure-time option, where TSS can be "ibm", "intel", or "autodetect". The default value is "autodetect", which triggers the original behavior (i.e. try to detect both libraries, and prefer the IBM one if both are found). Signed-off-by: Damien Goutte-Gattat --- configure.ac | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index 59374491f..55de98ef4 100644 --- a/configure.ac +++ b/configure.ac @@ -1594,14 +1594,30 @@ AC_SUBST(W32SOCKLIBS) # # TPM libtss library .. don't compile TPM support if we don't have it # +AC_ARG_WITH([tss], + [AS_HELP_STRING([--with-tss=TSS], + [use the specified TPM Software Stack (ibm, intel, or autodetect)])], + [with_tss=$withval], + [with_tss=autodetect]) LIBTSS_LIBS= LIBTSS_CFLAGS= if test "$build_tpm2d" = "yes"; then _save_libs="$LIBS" _save_cflags="$CFLAGS" LIBS="" - AC_SEARCH_LIBS([TSS_Create], [tss ibmtss],have_libtss=IBM, - AC_SEARCH_LIBS([Esys_Initialize], [tss2-esys],have_libtss=Intel)) + if test "$with_tss" = autodetect; then + AC_SEARCH_LIBS([TSS_Create],[tss ibmtss],have_libtss=IBM, + AC_SEARCH_LIBS([Esys_Initialize],[tss2-esys],have_libtss=Intel,have_libtss=no)) + elif test "$with_tss" = ibm; then + AC_SEARCH_LIBS([TSS_Create],[tss ibmtss],have_libtss=IBM, + [AC_MSG_ERROR([IBM TPM Software Stack requested but not found])]) + elif test "$with_tss" = intel; then + AC_SEARCH_LIBS([Esys_Initialize],[tss2-esys],have_libtss=Intel, + [AC_MSG_ERROR([Intel TPM Software Stack requested but not found])]) + else + AC_MSG_ERROR([Invalid TPM Software Stack requested: $with_tss]) + fi + if test "$have_libtss" = IBM; then LIBTSS_CFLAGS="-DTPM_POSIX" CFLAGS="$CFLAGS ${LIBTSS_CFLAGS}" -- 2.27.0 From wk at gnupg.org Thu Mar 18 09:56:27 2021 From: wk at gnupg.org (Werner Koch) Date: Thu, 18 Mar 2021 09:56:27 +0100 Subject: [PATCH 3/4] ssh: update certificate support In-Reply-To: <6052851E.9030203@gmail.com> (Jacob Bachmeyer via Gnupg-devel's message of "Wed, 17 Mar 2021 17:39:26 -0500") References: <20210317090405.263229-1-okigan@gmail.com> <20210317090405.263229-4-okigan@gmail.com> <6052851E.9030203@gmail.com> Message-ID: <87ft0srgas.fsf@wheatstone.g10code.de> On Wed, 17 Mar 2021 17:39, Jacob Bachmeyer said: > Are you sure about this? Removing a comment that warns of possible > buffer overruns that need to be addressed without (as far as I can Anyway, I took the opportunity to rewrite that part to use a membuf. Not a generic solution to create such s-expression but better than fragile in-advance byte counting. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From okigan at gmail.com Wed Mar 17 11:13:05 2021 From: okigan at gmail.com (Igor Okulist) Date: Wed, 17 Mar 2021 03:13:05 -0700 Subject: DCO form Message-ID: Public key found at: https://github.com/okigan.gpg -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Libgcrypt Developer's Certificate of Origin. Version 1.0 ========================================================= By making a contribution to the Libgcrypt project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: Igor Okulist -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBL7IFU3IcEBSFHAMXVDiCOifas4FAmBR1WoACgkQXVDiCOif as5XURAAmZyMWbZ7VWqJc9S2xWiXld0Lz2daL1vUNpehYoqt1c+r2qIyMpOjjzxG 1OQutEoFBxaGLw1J2fy/ja0sWP24spLrTxxUK66idOEVHGRAVBzhBWVAaL207WuJ me0YkfZnN3FEPj5OOlvkb0/xvbH+xVEWZUQqRCL/8hPlffRMGIwW+lBR8CEwvk/+ icTaLlurbb2ccm4iZv9vzOyUztF8purI5aPt6TWmB8tN/Dj6dEA5fli7bluG7gyT q2n2G9oy/c6lIPSInJwrYY8BvY1SG5hhPQIrFNAC5AO0lV6DqQFGh+o4ZX067qGy jkDMobkn972hJEOqtEX/rYNnGIUI1wzRoEzamWgjV0rcBi3HPM41fiagEqDkeT3R Ba8XHV3vGvBYD64lfpYY0Lv07rBV01S3+Jm8d0OvH2B/4gAp+nscwfAlTqML72R8 x88xh1uSxER5aTSxYfZB1tucG9ZaWpXXIL3LBWWt1jMeS26/nD5c09bCm1/Kntsb oPWEfZ2Z37DnvsVaynjh9zw+QHWndhVLe88pWZe8lMl3E3E+7De73eVylz1Rb4Dd zzAiyLzvIW78dCWFpuFtBFrQ3Mh8zSwF+/1jNC7UfowLYpYa0AAH3Q9YFlTP9Wh6 VZR5hCGyDYMRF+45nciukNtWHp5rqDe/eBENLVLX1u+pEOCj3Rw= =OkUO -----END PGP SIGNATURE----- From gniibe at fsij.org Fri Mar 19 07:24:55 2021 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 19 Mar 2021 15:24:55 +0900 Subject: [PATCH 0/4] T1756 gpg-agent doesn't accept ssh certificates In-Reply-To: <20210317090405.263229-1-okigan@gmail.com> References: <20210317090405.263229-1-okigan@gmail.com> Message-ID: <87lfajwthk.fsf@iwagami.gniibe.org> Igor Okulist wrote: > This set of patches updates support for certificates and > addresses (at least part of) https://dev.gnupg.org/T1756. > > With thes patches user shall be able to add RSA key and > certificate to the gpg-agent and get a passwordless sign > through signed certificates. AFAIU, ssh-agent (or gpg-agent's ssh-agent emulation) has no way to _use_ certificates, when transferred from ssh-add. Please use -k option for ssh-add. Then, no changes are required to current implementation of gpg-agent. Please let us know your use case(s), if it's real. -- From cb at gnupg.org Fri Mar 19 08:58:42 2021 From: cb at gnupg.org (Christoph Biedl) Date: Fri, 19 Mar 2021 08:58:42 +0100 Subject: dev.gnupg.org downtime In-Reply-To: <1615968356@msgid.g10code.com> References: <1615968356@msgid.g10code.com> Message-ID: <1616140552@msgid.g10code.com> Christoph Biedl via Gnupg-devel wrote... > the dev.gnupg.org development hub is in need of a major upgrade and some > maintenance. Unfortunately this will require a longer downtime. (...) > There will be a second, shorter downtime about two days later, details > will follow. Part one was successful, second downtime will be on March 19th (today) starting at 13:00 UTC The services will be unavailable for at most 30 minutes. Christoph -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From cb at gnupg.org Fri Mar 19 15:14:02 2021 From: cb at gnupg.org (Christoph Biedl) Date: Fri, 19 Mar 2021 15:14:02 +0100 Subject: dev.gnupg.org downtime In-Reply-To: <1615968356@msgid.g10code.com> References: <1615968356@msgid.g10code.com> Message-ID: <1616162858@msgid.g10code.com> Hello, the migration has been completed, all services related to dev.gnupg.org should be back to normal. We are aware of some glitches in the generated e-mails and are working on it. If you notice other defects that might be related to this change, please create a ticket or report to the list here. Thanks. Christoph -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From patrick at enigmail.net Sun Mar 21 15:28:16 2021 From: patrick at enigmail.net (Patrick Brunschwig) Date: Sun, 21 Mar 2021 15:28:16 +0100 Subject: Second 2.3.0 Beta In-Reply-To: <87im5sv672.fsf@wheatstone.g10code.de> References: <87im5sv672.fsf@wheatstone.g10code.de> Message-ID: <68763941-8f70-cb12-2050-2a6c7cc29b93@enigmail.net> I created a first package of GpgOSX for x86_64 and arm64 of the new beta: https://enigmail.net/download/gpgosx/unstable/GnuPG-2.3.0-beta1655.dmg https://enigmail.net/download/gpgosx/unstable/GnuPG-2.3.0-beta1655.dmg.sig -Patrick Werner Koch via Gnupg-devel wrote on 15.03.2021 15:32: > Hi! > > We plan to soon start with a GnuPG 2.3 series to slightly modernize > GnuPG. We will need a few releases to fix still open bugs and to learn > about new problems. Before we release 2.3.0 we consider it useful to > have wider beta tests to catch build problems etc. Here comes the > second beta. > > 2.3 is GnuPG Git master and is regularly used at least by us. However, > building from Git is harder than building from a regular tarball or just > using a Windows installer. Thus here is our Beta: > > https://gnupg.org/ftp/gcrypt/gnupg/unstable/gnupg-2.3.0-beta1655.tar.bz2 > https://gnupg.org/ftp/gcrypt/gnupg/unstable/gnupg-2.3.0-beta1655.tar.bz2.sig > > You need the latest version of Libgcrypt and libgpg-error to build it. > Windows users may want to try the installer at > > https://gnupg.org/ftp/gcrypt/binary/unstable/gnupg-w32-2.3.0-beta1655_20210315.exe > https://gnupg.org/ftp/gcrypt/binary/unstable/gnupg-w32-2.3.0-beta1598_20210315.exe.sig > > As usual no guarantee for not breaking things. As long as no new option > is used there should be no problem to move back to 2.2.27. > > Here is a list of new things since the first beta (beta1689): > > * tpm2d: New daemon to physically bind keys to the local machine. > > * gpg: New option --force-sign-key. [#4584] > > * gpg: New option --no-auto-trust-new-key. > > * scd: New option --pcsc-shared; see man page for important notes. > > See the included NEWS for all changes in 2.3.0. Note also that the > Windows Unicode support in the provided build does not completely work > if GnuPG is installed under a directory containing Unicode characters. > This is because the needed Libassuan version has not yet been released; > Unicode command line arguments will work in any case. > > Please send bug reports to this list. > > > > Happy hacking. > > Your GnuPG hackers. > > > > > > _______________________________________________ > Gnupg-devel mailing list > Gnupg-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-devel > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 834 bytes Desc: OpenPGP digital signature URL: From noloader at gmail.com Tue Mar 23 16:38:56 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Tue, 23 Mar 2021 11:38:56 -0400 Subject: dev.gnupg.org downtime In-Reply-To: <1616162858@msgid.g10code.com> References: <1615968356@msgid.g10code.com> <1616162858@msgid.g10code.com> Message-ID: On Fri, Mar 19, 2021 at 10:14 AM Christoph Biedl via Gnupg-devel wrote: > > Hello, > > the migration has been completed, all services related to dev.gnupg.org > should be back to normal. > > We are aware of some glitches in the generated e-mails and are working > on it. If you notice other defects that might be related to this change, > please create a ticket or report to the list here. It looks like bugs.gnupg.org has some problems. Firefox is saying: Did Not Connect: Potential Security Issue Firefox detected a potential security threat and did not continue to bugs.gnupg.org because this website requires a secure connection. bugs.gnupg.org has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can?t add an exception to visit this site. The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website?s administrator about the problem. -------------- next part -------------- A non-text attachment was scrubbed... Name: bugs-gnupg.png Type: image/png Size: 36823 bytes Desc: not available URL: From noloader at gmail.com Tue Mar 23 16:45:11 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Tue, 23 Mar 2021 11:45:11 -0400 Subject: Apple M1 and libgcrypt 1.9.2 Message-ID: Hi Everyone, I'm having trouble connecting to bugs.gnupg.org. I'm going to send this report to the mailing list. libgcrypt 1.9.2 is having some trouble on Apple M1 hardware. Attached is config.log and the test results. The GCC compile farm has a M1 machine for testing. It is GCC304, on port 2409. Also see https://cfarm.tetaneutral.net/machines/list/. Jeff -------------- next part -------------- A non-text attachment was scrubbed... Name: libgcrypt-config.log.zip Type: application/zip Size: 17788 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: libgcrypt-test-suite.log.zip Type: application/zip Size: 8062 bytes Desc: not available URL: From cb at gnupg.org Tue Mar 23 18:03:53 2021 From: cb at gnupg.org (Christoph Biedl) Date: Tue, 23 Mar 2021 18:03:53 +0100 Subject: dev.gnupg.org downtime In-Reply-To: References: <1615968356@msgid.g10code.com> <1616162858@msgid.g10code.com> Message-ID: <1616518985@msgid.g10code.com> Jeffrey Walton wrote... > It looks like bugs.gnupg.org has some problems. Yes, that was an oversight. Request should now be handled properly. Thanks for reporting. Christoph -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From lists at schamschula.com Tue Mar 23 16:53:26 2021 From: lists at schamschula.com (Marius Schamschula) Date: Tue, 23 Mar 2021 10:53:26 -0500 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: Message-ID: Jeff, Not too surprising. To get libgcrypt to build on Big Sur I had to create a pair of patches for MacPorts: https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files > On Mar 23, 2021, at 10:45 AM, Jeffrey Walton via Gnupg-devel wrote: > > Hi Everyone, > > I'm having trouble connecting to bugs.gnupg.org. I'm going to send > this report to the mailing list. > > libgcrypt 1.9.2 is having some trouble on Apple M1 hardware. Attached > is config.log and the test results. > > The GCC compile farm has a M1 machine for testing. It is GCC304, on > port 2409. Also see https://cfarm.tetaneutral.net/machines/list/. > > Jeff > _______________________________________________ > Gnupg-devel mailing list > Gnupg-devel at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-devel Marius -- Marius Schamschula -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Wed Mar 24 17:33:16 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 24 Mar 2021 17:33:16 +0100 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: (Marius Schamschula's message of "Tue, 23 Mar 2021 10:53:26 -0500") References: Message-ID: <87v99gjyur.fsf@wheatstone.g10code.de> On Tue, 23 Mar 2021 10:53, Marius Schamschula said: > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files You should never ever patch configure - that is a generated file. So this is just a temoporary kludge to make things build. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From noloader at gmail.com Wed Mar 24 17:41:45 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 24 Mar 2021 12:41:45 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: <87v99gjyur.fsf@wheatstone.g10code.de> References: <87v99gjyur.fsf@wheatstone.g10code.de> Message-ID: On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: > > On Tue, 23 Mar 2021 10:53, Marius Schamschula said: > > > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files > > You should never ever patch configure - that is a generated file. So > this is just a temoporary kludge to make things build. That's actually a fairly clean fix for the break-fix cycle in this circumstance. The Apple M1's lack Libtool and Autotools, so they can't autoreconf if configure.ac is touched. Jeff From lists at schamschula.com Wed Mar 24 17:59:01 2021 From: lists at schamschula.com (Marius Schamschula) Date: Wed, 24 Mar 2021 11:59:01 -0500 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: <87v99gjyur.fsf@wheatstone.g10code.de> Message-ID: <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> > On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: >> >> On Tue, 23 Mar 2021 10:53, Marius Schamschula said: >> >>> https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files >> >> You should never ever patch configure - that is a generated file. So >> this is just a temoporary kludge to make things build. > > That's actually a fairly clean fix for the break-fix cycle in this circumstance. > > The Apple M1's lack Libtool and Autotools, so they can't autoreconf if > configure.ac is touched. Why do you believe libtool and the autotools don?t exist on M1 machines? Indeed, Werner is correct: fixing the configure.ac file is the better approach. However, with macOS Big Sur the number of projects with implicit declaration errors is so large, we often do the quick fix. Marius -- Marius Schamschula -------------- next part -------------- An HTML attachment was scrubbed... URL: From noloader at gmail.com Wed Mar 24 18:03:12 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 24 Mar 2021 13:03:12 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> Message-ID: On Wed, Mar 24, 2021 at 12:59 PM Marius Schamschula wrote: > > > On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: > > > On Tue, 23 Mar 2021 10:53, Marius Schamschula said: > > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files > > You should never ever patch configure - that is a generated file. So > this is just a temoporary kludge to make things build. > > That's actually a fairly clean fix for the break-fix cycle in this circumstance. > > The Apple M1's lack Libtool and Autotools, so they can't autoreconf if > configure.ac is touched. > > Why do you believe libtool and the autotools don?t exist on M1 machines? The one I bought did not have them. I had to install libtool myself: % command -v autoconf % command -v autoreconf % command -v libtool /usr/bin/libtool % command -v glibtool /usr/local/bin/glibtool > Indeed, Werner is correct: fixing the configure.ac file is the better approach. Until you have to autoreconf and the tools are missing or too old... Jeff From lists at schamschula.com Wed Mar 24 18:08:57 2021 From: lists at schamschula.com (Marius Schamschula) Date: Wed, 24 Mar 2021 12:08:57 -0500 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> Message-ID: <70456B5D-9D05-4EB4-BAEB-8BB3CF6CA42B@schamschula.com> On Mar 24, 2021, at 12:03 PM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:59 PM Marius Schamschula > > wrote: >> >> >> On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: >> >> On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: >> >> >> On Tue, 23 Mar 2021 10:53, Marius Schamschula said: >> >> https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files >> >> You should never ever patch configure - that is a generated file. So >> this is just a temoporary kludge to make things build. >> >> That's actually a fairly clean fix for the break-fix cycle in this circumstance. >> >> The Apple M1's lack Libtool and Autotools, so they can't autoreconf if >> configure.ac is touched. >> >> Why do you believe libtool and the autotools don?t exist on M1 machines? > > The one I bought did not have them. I had to install libtool myself: > > % command -v autoconf > % command -v autoreconf > % command -v libtool > /usr/bin/libtool > % command -v glibtool > /usr/local/bin/glibtool > >> Indeed, Werner is correct: fixing the configure.ac file is the better approach. > > Until you have to autoreconf and the tools are missing or too old? Sure, libtool is part of Xcode. Everything else is installed via MacPorts, Homebrew or Fink - or manually built. Marius -- Marius Schamschula -------------- next part -------------- An HTML attachment was scrubbed... URL: From noloader at gmail.com Wed Mar 24 18:15:51 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 24 Mar 2021 13:15:51 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: <70456B5D-9D05-4EB4-BAEB-8BB3CF6CA42B@schamschula.com> References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <70456B5D-9D05-4EB4-BAEB-8BB3CF6CA42B@schamschula.com> Message-ID: On Wed, Mar 24, 2021 at 1:09 PM Marius Schamschula wrote: > > On Mar 24, 2021, at 12:03 PM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:59 PM Marius Schamschula > wrote: > > > > On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: > > On Tue, 23 Mar 2021 10:53, Marius Schamschula said: > > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files > > You should never ever patch configure - that is a generated file. So > this is just a temoporary kludge to make things build. > > That's actually a fairly clean fix for the break-fix cycle in this circumstance. > > The Apple M1's lack Libtool and Autotools, so they can't autoreconf if > configure.ac is touched. > > Why do you believe libtool and the autotools don?t exist on M1 machines? > > The one I bought did not have them. I had to install libtool myself: > > % command -v autoconf > % command -v autoreconf > % command -v libtool > /usr/bin/libtool > % command -v glibtool > /usr/local/bin/glibtool > > Indeed, Werner is correct: fixing the configure.ac file is the better approach. > > Until you have to autoreconf and the tools are missing or too old? > > Sure, libtool is part of Xcode. > > Everything else is installed via MacPorts, Homebrew or Fink - or manually built. This machine has Command Line Tools, not Xcode. (I don't have a AppleId or developer account). Jeff From lists at schamschula.com Wed Mar 24 18:26:37 2021 From: lists at schamschula.com (Marius Schamschula) Date: Wed, 24 Mar 2021 12:26:37 -0500 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <70456B5D-9D05-4EB4-BAEB-8BB3CF6CA42B@schamschula.com> Message-ID: > On Mar 24, 2021, at 12:15 PM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 1:09 PM Marius Schamschula > > wrote: >> >> On Mar 24, 2021, at 12:03 PM, Jeffrey Walton wrote: >> >> On Wed, Mar 24, 2021 at 12:59 PM Marius Schamschula >> wrote: >> >> >> >> On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: >> >> On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: >> >> On Tue, 23 Mar 2021 10:53, Marius Schamschula said: >> >> https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files >> >> You should never ever patch configure - that is a generated file. So >> this is just a temoporary kludge to make things build. >> >> That's actually a fairly clean fix for the break-fix cycle in this circumstance. >> >> The Apple M1's lack Libtool and Autotools, so they can't autoreconf if >> configure.ac is touched. >> >> Why do you believe libtool and the autotools don?t exist on M1 machines? >> >> The one I bought did not have them. I had to install libtool myself: >> >> % command -v autoconf >> % command -v autoreconf >> % command -v libtool >> /usr/bin/libtool >> % command -v glibtool >> /usr/local/bin/glibtool >> >> Indeed, Werner is correct: fixing the configure.ac file is the better approach. >> >> Until you have to autoreconf and the tools are missing or too old? >> >> Sure, libtool is part of Xcode. >> >> Everything else is installed via MacPorts, Homebrew or Fink - or manually built. > > This machine has Command Line Tools, not Xcode. (I don't have a > AppleId or developer account). The CLT package installs alongside each version of Xcode. All the above mentioned packages should compile w/o the SDKs provided by Xcode. Marius -- Marius Schamschula -------------- next part -------------- An HTML attachment was scrubbed... URL: From noloader at gmail.com Wed Mar 24 18:48:27 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 24 Mar 2021 13:48:27 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <70456B5D-9D05-4EB4-BAEB-8BB3CF6CA42B@schamschula.com> Message-ID: On Wed, Mar 24, 2021 at 1:27 PM Marius Schamschula wrote: > > On Mar 24, 2021, at 12:15 PM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 1:09 PM Marius Schamschula > wrote: > > On Mar 24, 2021, at 12:03 PM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:59 PM Marius Schamschula > wrote: > > On Mar 24, 2021, at 11:41 AM, Jeffrey Walton wrote: > > On Wed, Mar 24, 2021 at 12:35 PM Werner Koch wrote: > > On Tue, 23 Mar 2021 10:53, Marius Schamschula said: > > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files > > You should never ever patch configure - that is a generated file. So > this is just a temoporary kludge to make things build. > > That's actually a fairly clean fix for the break-fix cycle in this circumstance. > > The Apple M1's lack Libtool and Autotools, so they can't autoreconf if > configure.ac is touched. > > Why do you believe libtool and the autotools don?t exist on M1 machines? > > The one I bought did not have them. I had to install libtool myself: > > % command -v autoconf > % command -v autoreconf > % command -v libtool > /usr/bin/libtool > % command -v glibtool > /usr/local/bin/glibtool > > Indeed, Werner is correct: fixing the configure.ac file is the better approach. > > Until you have to autoreconf and the tools are missing or too old? > > Sure, libtool is part of Xcode. > > Everything else is installed via MacPorts, Homebrew or Fink - or manually built. > > This machine has Command Line Tools, not Xcode. (I don't have a > AppleId or developer account). > > The CLT package installs alongside each version of Xcode. All the above mentioned packages should compile w/o the SDKs provided by Xcode. My M1 does not have Xcode. It only has CLT: % find /Applications -name 'Xcode*' % find /Library -name 'Xcode*' % find /Library/Developer/CommandLineTools -name autoconf % find /Library/Developer/CommandLineTools -name autoreconf % find /Library/Developer/CommandLineTools -name libtool /Library/Developer/CommandLineTools/usr/bin/libtool % find /Library/Developer/CommandLineTools -name glibtool % CLT only provides a basic toolchain. The basic toolchain is all we really need. Other tools folks might expect, like autoconf and autoreconf, are not available. And this issue is not limited to a new M1. If you stand up a Solaris box the same problems apply because Autotools is too old. Or if you regression test on CentOS 5, Ubuntu 4 or Fedora 1. If you have to autoreconf then the build breaks. That's why I said it was a fairly clean fix for the circumstance. The configure patch avoids the autoreconf. Jeff From wk at gnupg.org Wed Mar 24 19:17:09 2021 From: wk at gnupg.org (Werner Koch) Date: Wed, 24 Mar 2021 19:17:09 +0100 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: (Jeffrey Walton via Gnupg-devel's message of "Wed, 24 Mar 2021 13:03:12 -0400") References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> Message-ID: <87r1k4ju1m.fsf@wheatstone.g10code.de> On Wed, 24 Mar 2021 13:03, Jeffrey Walton said: > Until you have to autoreconf and the tools are missing or too old... In GnuPG project you should never do autoreconf. We distribute the required files for running autoconf and automake. This way we get a stable config system which is not suject to all the friction metween different macro use. Regarding M1, if you config.sub has stable support for it, we should update these files and then see what other fixes are required. In genera; autoconf generated configure scripts auto-adjust to a wide variety of Unix systems and you only need to tweak things for some minor cases - well, Apple is probably the worst player here. Having said this, I just ask for some patience and until we support it. Quick hacks are of course okay - it is free software. Unfortunately they have a tendency to never go away and still show up in web searches after years Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From lists at schamschula.com Wed Mar 24 20:31:27 2021 From: lists at schamschula.com (Marius Schamschula) Date: Wed, 24 Mar 2021 14:31:27 -0500 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: <87r1k4ju1m.fsf@wheatstone.g10code.de> References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <87r1k4ju1m.fsf@wheatstone.g10code.de> Message-ID: On Mar 24, 2021, at 1:17 PM, Werner Koch wrote: > > On Wed, 24 Mar 2021 13:03, Jeffrey Walton said: > >> Until you have to autoreconf and the tools are missing or too old... > > In GnuPG project you should never do autoreconf. We distribute the > required files for running autoconf and automake. This way we get a > stable config system which is not suject to all the friction metween > different macro use. > > Regarding M1, if you config.sub has stable support for it, we should > update these files and then see what other fixes are required. In > genera; autoconf generated configure scripts auto-adjust to a wide > variety of Unix systems and you only need to tweak things for some minor > cases - well, Apple is probably the worst player here. > > Having said this, I just ask for some patience and until we support it. > Quick hacks are of course okay - it is free software. Unfortunately > they have a tendency to never go away and still show up in web searches > after years > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. However, running autoreconf does make patching the configure script unnecessary. In other words, the macros used to build the packaged configure script are outdated. Marius -- Marius Schamschula -------------- next part -------------- An HTML attachment was scrubbed... URL: From noloader at gmail.com Thu Mar 25 04:16:18 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 24 Mar 2021 23:16:18 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <87r1k4ju1m.fsf@wheatstone.g10code.de> Message-ID: On Wed, Mar 24, 2021 at 3:31 PM Marius Schamschula wrote: > > On Mar 24, 2021, at 1:17 PM, Werner Koch wrote: > > > On Wed, 24 Mar 2021 13:03, Jeffrey Walton said: > > Until you have to autoreconf and the tools are missing or too old... > > In GnuPG project you should never do autoreconf. We distribute the > required files for running autoconf and automake. This way we get a > stable config system which is not suject to all the friction metween > different macro use. > > Regarding M1, if you config.sub has stable support for it, we should > update these files and then see what other fixes are required. In > genera; autoconf generated configure scripts auto-adjust to a wide > variety of Unix systems and you only need to tweak things for some minor > cases - well, Apple is probably the worst player here. > > Having said this, I just ask for some patience and until we support it. > Quick hacks are of course okay - it is free software. Unfortunately > they have a tendency to never go away and still show up in web searches > after years > > However, running autoreconf does make patching the configure script unnecessary. > > In other words, the macros used to build the packaged configure script are outdated. I find fetching the latest config.sub and confg.guess, and overwriting the tarball's files, is good maintenance. In fact, if you are building the tarballs, it is a good idea to do, too. The Gnulib folks even recommend using the latest config.sub and confg.guess by fetching them using Wget: https://www.gnu.org/software/gettext/manual/html_node/config_002eguess.html. Jeff From wk at gnupg.org Thu Mar 25 07:46:06 2021 From: wk at gnupg.org (Werner Koch) Date: Thu, 25 Mar 2021 07:46:06 +0100 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: (Jeffrey Walton via Gnupg-devel's message of "Wed, 24 Mar 2021 23:16:18 -0400") References: <87v99gjyur.fsf@wheatstone.g10code.de> <52DC417D-D3AD-4718-8D56-08271644F9EE@schamschula.com> <87r1k4ju1m.fsf@wheatstone.g10code.de> Message-ID: <87im5fk9xt.fsf@wheatstone.g10code.de> On Wed, 24 Mar 2021 23:16, Jeffrey Walton said: > I find fetching the latest config.sub and confg.guess, and overwriting > the tarball's files, is good maintenance. In fact, if you are building > the tarballs, it is a good idea to do, too. The problem with updating these files too often is that - We need to do that for all GnuPG related packages so that we get the same behavaiour. - We had cases in the part were the updated version supported a new platform but broke others. - Bugs vanish are hide due to updates. Thus I consider it better to wait some time for config.{guess,sub} to stabilize before replacing them. Consider that GnuPG support more Unix versions than just the common Linux distros and FreeBSD. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From fedora.dm0 at gmail.com Thu Mar 25 23:05:05 2021 From: fedora.dm0 at gmail.com (David Michael) Date: Thu, 25 Mar 2021 18:05:05 -0400 Subject: [PATCH libgpg-error] build: Remove literal "\c" strings from lock-obj-pub.native.h Message-ID: <87o8f6hotq.fsf@gmail.com> * src/gen-lock-obj.sh: Capture echo output with quotes. -- Cross-compiling produces a gpg-error.h with instances of "\c" everywhere which breaks compilation due to invalid syntax. It is caused by the "echo -n" test having no output, which was not captured as an empty token due to not being quoted. That meant the "test" command was operating on only the "-n" argument. Signed-off-by: David Michael --- (resending since it doesn't look like this was delivered to the list) Hi, Can something like this be applied to fix cross-compiling 1.42? You can try it with commands like this: /bin/sh -c 'test -n `echo -n` ; echo $?' /bin/sh -c 'test -n "`echo -n`" ; echo $?' Thanks. David src/gen-lock-obj.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gen-lock-obj.sh b/src/gen-lock-obj.sh index a710f0c..258eec6 100755 --- a/src/gen-lock-obj.sh +++ b/src/gen-lock-obj.sh @@ -38,7 +38,7 @@ # AWK=gawk ./gen-lock-obj.sh # -if test -n `echo -n`; then +if test -n "`echo -n`"; then ECHO_C='\c' ECHO_N='' else -- 2.26.3 From gniibe at fsij.org Fri Mar 26 08:11:46 2021 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 26 Mar 2021 16:11:46 +0900 Subject: [PATCH libgpg-error] build: Remove literal "\c" strings from lock-obj-pub.native.h In-Reply-To: <87o8f6hotq.fsf@gmail.com> References: <87o8f6hotq.fsf@gmail.com> Message-ID: <87blb6bd8t.fsf@iwagami.gniibe.org> David Michael via Gnupg-devel wrote: > Can something like this be applied to fix cross-compiling 1.42? Thank you. Applied and pushed. -- From okigan at gmail.com Sat Mar 27 01:32:23 2021 From: okigan at gmail.com (Igor Okulist) Date: Fri, 26 Mar 2021 17:32:23 -0700 Subject: [PATCH 0/4] T1756 gpg-agent doesn't accept ssh certificates In-Reply-To: <87lfajwthk.fsf@iwagami.gniibe.org> References: <20210317090405.263229-1-okigan@gmail.com> <87lfajwthk.fsf@iwagami.gniibe.org> Message-ID: On Thu, Mar 18, 2021 at 11:25 PM NIIBE Yutaka wrote: > > Igor Okulist wrote: > > This set of patches updates support for certificates and > > addresses (at least part of) https://dev.gnupg.org/T1756. > > > > With thes patches user shall be able to add RSA key and > > certificate to the gpg-agent and get a passwordless sign > > through signed certificates. > > AFAIU, ssh-agent (or gpg-agent's ssh-agent emulation) has no way to > _use_ certificates, when transferred from ssh-add. > > Please use -k option for ssh-add. Then, no changes are required to > current implementation of gpg-agent. > > Please let us know your use case(s), if it's real. > -- Thanks for review NIIBE, You are absolutely right, but current functionality of gpg-agent does not allow certificate based login. Here is a workflow (and test script) showing usage of ssh-agent and gpg-agent and unfortunately it would not work with gpg-agent as is. So looking for a way to use gpg-agent with ssh and actually other tools as well, the attached patch allowed it to work, but I would be curious if there is another way to do that. Regards, Igor From okigan at gmail.com Sat Mar 27 01:35:59 2021 From: okigan at gmail.com (Igor Okulist) Date: Fri, 26 Mar 2021 17:35:59 -0700 Subject: [PATCH 0/4] T1756 gpg-agent doesn't accept ssh certificates In-Reply-To: References: <20210317090405.263229-1-okigan@gmail.com> <87lfajwthk.fsf@iwagami.gniibe.org> Message-ID: The link to the workflow (and test script): https://github.com/okigan/gnupg-workspace/blob/feature/tp-5487-on-2.2.24/issues/tp-5487/repro.sh#L76 On Fri, Mar 26, 2021 at 5:32 PM Igor Okulist wrote: > > On Thu, Mar 18, 2021 at 11:25 PM NIIBE Yutaka wrote: > > > > Igor Okulist wrote: > > > This set of patches updates support for certificates and > > > addresses (at least part of) https://dev.gnupg.org/T1756. > > > > > > With thes patches user shall be able to add RSA key and > > > certificate to the gpg-agent and get a passwordless sign > > > through signed certificates. > > > > AFAIU, ssh-agent (or gpg-agent's ssh-agent emulation) has no way to > > _use_ certificates, when transferred from ssh-add. > > > > Please use -k option for ssh-add. Then, no changes are required to > > current implementation of gpg-agent. > > > > Please let us know your use case(s), if it's real. > > -- > > > Thanks for review NIIBE, > > You are absolutely right, but current functionality of gpg-agent does not allow > certificate based login. Here is a workflow (and test script) showing usage of > ssh-agent and gpg-agent and unfortunately it would not work with > gpg-agent as is. > > So looking for a way to use gpg-agent with ssh and actually other tools as well, > the attached patch allowed it to work, but I would be curious if there > is another way to do that. > > Regards, > Igor From noloader at gmail.com Mon Mar 29 03:41:43 2021 From: noloader at gmail.com (Jeffrey Walton) Date: Sun, 28 Mar 2021 21:41:43 -0400 Subject: Apple M1 and libgcrypt 1.9.2 In-Reply-To: References: Message-ID: On Tue, Mar 23, 2021 at 11:53 AM Marius Schamschula wrote: > > Not too surprising. > > To get libgcrypt to build on Big Sur I had to create a pair of patches for MacPorts: > > https://github.com/macports/macports-ports/tree/7c793c22a4315ee01ae92ed7104cea4d6def1036/devel/libgcrypt/files Here's a couple of patches for the latest Apple hardware. This is M1 specific: https://github.com/noloader/Build-Scripts/blob/master/patch/libgcrypt-darwin.patch. The patch fixes the missing symbols in libgcrypt and gnupg, and the unaligned code warning. All of the self tests run ok after the patch. This patch is for OS X 10.11 and above with SIP: https://github.com/noloader/Build-Scripts/blob/master/patch/libgcrypt.patch . I've been using it since Intel machines got SIP. It allows the self tests to run without disabling SIP. Jeff