trussed
trussed copied to clipboard
Add support for extracting keys
This PR follows what was discussed in https://github.com/trussed-dev/trussed/discussions/36.
There are two issues to solve:
- [ ] Migrations: Already created public keys will have the
EXTRACTABLE
flag off by default, when it should be set, otherwise it will not be possible to serialize them. - [ ] What mechanism should be used to serialize a symmetric key?
This PR now adds
- a
SERIALIZABLE
key flag - A Serializable
StorageAttribute
which is only considered inCryptoClient::agree
to set theSERIALIZABLE
key flag - A
SharedSecret
Mechanism
used to serializekind::Shared
with theSERIALIZABLE
flag set.
The build failure seems to be caused by https://github.com/trussed-dev/interchange/pull/4, and that the solo2 firmware uses undocumented APIs that were modified.
Will be Is fixed by https://github.com/solokeys/solo2/pull/122.
@sosthene-nitrokey can you please rebase/force-push on main (fixing fake merge conflicts), then feel free to merge.