trussed icon indicating copy to clipboard operation
trussed copied to clipboard

Published 20 hours ago verified publisher icon trussed-dev

Add support for extracting keys

Open sosthene-nitrokey opened this issue 1 year ago • 4 comments

This PR follows what was discussed in https://github.com/trussed-dev/trussed/discussions/36.

There are two issues to solve:

  • [ ] Migrations: Already created public keys will have the EXTRACTABLE flag off by default, when it should be set, otherwise it will not be possible to serialize them.
  • [ ] What mechanism should be used to serialize a symmetric key?

sosthene-nitrokey avatar Aug 19 '22 09:08 sosthene-nitrokey

This PR now adds

  • a SERIALIZABLE key flag
  • A Serializable StorageAttribute which is only considered in CryptoClient::agree to set the SERIALIZABLE key flag
  • A SharedSecret Mechanism used to serialize kind::Shared with the SERIALIZABLE flag set.

sosthene-nitrokey avatar Aug 25 '22 14:08 sosthene-nitrokey

The build failure seems to be caused by https://github.com/trussed-dev/interchange/pull/4, and that the solo2 firmware uses undocumented APIs that were modified.

sosthene-nitrokey avatar Aug 25 '22 15:08 sosthene-nitrokey

Will be Is fixed by https://github.com/solokeys/solo2/pull/122.

robin-nitrokey avatar Aug 25 '22 15:08 robin-nitrokey

@sosthene-nitrokey can you please rebase/force-push on main (fixing fake merge conflicts), then feel free to merge.

nickray avatar Sep 11 '22 21:09 nickray