GnuPG et SmartCards

Pour que GnuPG (Manpage) ou PKCS#11 Les clés ne puissent plus être volées par un virus ou similaire, elles peuvent être déplacées vers un module de sécurité matériel (HSM) ou une SmartCard. Cet article de blog montre comment créer une clé GnuPG selon les “meilleures pratiques actuelles” et comment la stocker sur une carte à puce (par exemple Yubikey ou Nitrokey). La même chose serait possible avec une clé PKCS#11, mais cela n’est pas discuté ici, mais la procédure devrait être similaire.
Dans cet exemple, une clé GnuPG est créée avec trois sous-clés (Cryptage, Signature et Authentification). Ensuite, seules les sous-clés sont chargées dans la SmartCard. La clé passe-partout réelle est stockée dans un fichier, qui doit finalement être stocké hors ligne dans un endroit sûr. L’avantage de cette configuration est que les clés ne peuvent pas être modifiées sans la clé maître (date d’expiration, UIDs, sous-clés, ….).

Engendrer GnuPG Key

$ gpg2 --expert --full-gen-key

Please select what kind of key you want:

(1) RSA and RSA (default)

(2) DSA and Elgamal

(3) DSA (sign only)

(4) RSA (sign only)

(7) DSA (set your own capabilities)

(8) RSA (set your own capabilities)

(9) ECC and ECC

(10) ECC (sign only)

(11) ECC (set your own capabilities)

Your selection? 8

Possible actions for a RSA key: Sign Certify Encrypt Authenticate Current allowed actions: Sign Certify Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Certify Encrypt Authenticate Current allowed actions: Certify Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Certify Encrypt Authenticate Current allowed actions: Certify

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? q RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 3y Key expires at Sam 15 Feb 2020 09:27:17 CET Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Pallando Email address: pallando@example.org Comment: You selected this USER-ID: “Pallando <pallando@example.org>”

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

pub rsa4096/0x0DA3852689C0BC38 2017-02-15 [C] [expires: 2020-02-15] 01691D7408369C26A5B7D9390DA3852689C0BC38 Key fingerprint = 0169 1D74 0836 9C26 A5B7 D939 0DA3 8526 89C0 BC38 uid Pallando <pallando@example.org>

Extension de la clé GnuPG avec les sous-clés

Dans la clé ci-dessus, il y a maintenant un UID et une sous-clé. Ceci est maintenant étendu avec les autres sous-clés.

$ gpg2 --expert --edit-key 0x0DA3852689C0BC38

sec rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate [ultimate] (1). Pallando <pallando@example.org>

gpg> addkey Please select what kind of key you want: (3) DSA (sign only) (4) RSA (sign only) (5) Elgamal (encrypt only) (6) RSA (encrypt only) (7) DSA (set your own capabilities) (8) RSA (set your own capabilities) (10) ECC (sign only) (11) ECC (set your own capabilities) (12) ECC (encrypt only) (13) Existing key Your selection? 8

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Sign Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Sign

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? q RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 3y Key expires at Son 24 Mär 2019 09:49:46 CET Is this correct? (y/N) y Really create? (y/N) y

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Sign Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? q RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 3y Key expires at Son 24 Mär 2019 09:49:46 CET Is this correct? (y/N) y Really create? (y/N) y

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Sign Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? s

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Encrypt

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? e

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions:

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? a

Possible actions for a RSA key: Sign Encrypt Authenticate Current allowed actions: Authenticate

(S) Toggle the sign capability (E) Toggle the encrypt capability (A) Toggle the authenticate capability (Q) Finished

Your selection? q RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 3y Key expires at Son 24 Mär 2019 09:49:46 CET Is this correct? (y/N) y Really create? (y/N) y

sec rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> quit Save changes? (y/N) y

Maintenant, la clé a trois sous-clés, une pour la signature, une pour le cryptage et une pour l’authentification. Les capacités ont la signification suivante :

•S: Good for signatures
•E: Good for encryption
•C: Also good to certify keys
•A: Good for authentication

Maintenant, la clé entière doit être exportée avec la commande gpg2 --armor --export-secret-keys 0x0DA3852689C0BC38 > 0x0DA3852689C0BC38 > 0x0DA3852689C0BC38.asc dans un fichier, qui est ensuite stocké dans un endroit sûr.

Avec la commande gpg2 --armor --export-secret-subkeys 0x0DA3852689C0BC38 > 0x0DA3852689C0BC38 > 0x0DA3852689C0BC38_subs.asc nous exportons les sous-keys et ensuite la clé entière est supprimée du porte-clés gpg2 --lete-secret-key 0x0DA3852689C0BC38 (cela doit être confirmé avec deux “y”).
Maintenant les sous-clés (SEULEMENT les sous-clés) peuvent être importées à nouveau gpg2 --import 0x0DA3852689C0BC38_subs.asc. Le porte-clés devrait ressembler à ceci :

$ gpg2 --list-secret-keys

sec# rsa4096/0x0DA3852689C0BC38 2017-02-15 [C] [expires: 2020-02-15]

01691D7408369C26A5B7D9390DA3852689C0BC38

uid [ultimate] Pallando <pallando@example.org>

ssb rsa4096/0x0B8635FD20045068 2017-02-15 [S] [expires: 2020-02-15]

ssb rsa4096/0x8BF4DDB73F29DDAA 2017-02-15 [E] [expires: 2020-02-15]

ssb rsa4096/0xC163F1DC0667E483 2017-02-15 [A] [expires: 2020-02-15]

Le “#” après le “sec” sur la première ligne de la sortie indique que la clé maîtresse n’est pas présente, seulement les sous-clés.

Configurer la SmartCard

Cet exemple est réalisé à l’aide d’une Yubikeys, mais est tout aussi valable pour d’autres cartes à puce telles que Nitrokeys.
Si la SmartCard doit être réinitialisée à l’avance, cela peut se faire de la manière suivante (uniquement pour les SmartCards version >2 !):

$ gpg-connect-agent --hex

# reset your PIN

> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40

D[0000] 69 83 i.

# reset your Admin PIN

> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40

D[0000] 69 82 i.

> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40

D[0000] 69 83 i.

La SmartCard est alors configurée :

$ gpg2 --card-edit

Reader ………..: 1050:0407:X:0 Application ID …: D2760001240102010006042451460000 Version ……….: 2.1 Manufacturer …..: Yubico Serial number ….: 04245146 Name of cardholder: [not set] Language prefs …: [not set] Sex …………..: unspecified URL of public key : [not set] Login data …….: [not set] Signature PIN ….: not forced Key attributes …: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 0 3 Signature counter : 0 Signature key ….: [none] Encryption key….: [none] Authentication key: [none] General key info..: [none]

gpg/card> admin Admin commands are allowed

gpg/card> passwd 1 – change PIN 2 – unblock PIN 3 – change Admin PIN 4 – set the Reset Code Q – quit

Your selection? 3 Admin PIN prompt (default admin PIN is 12345678) PIN changed.

1 – change PIN 2 – unblock PIN 3 – change Admin PIN 4 – set the Reset Code Q – quit

Your selection? 1 PIN prompt (default PIN is 123456) PIN changed.

1 – change PIN 2 – unblock PIN 3 – change Admin PIN 4 – set the Reset Code Q – quit

Your selection? q

gpg/card> name Cardholder’s surname: Cardholder’s given name: Pallando

gpg/card> lang Language preferences: de

gpg/card> sex Sex ((M)ale, (F)emale or space): m

gpg/card> q

Après cela, la sortie de gpg2 -card-status devrait ressembler à ceci :

Reader ...........: 1050:0407:X:0

Application ID ...: D2760001240102010006042451460000

Version ..........: 2.1

Manufacturer .....: Yubico

Serial number ....: 04245146

Name of cardholder: Pallando

Language prefs ...: de

Sex ..............: male

URL of public key : [not set]

Signature PIN ....: not forced

Key attributes ...: rsa4096 rsa4096 rsa4096

Max. PIN lengths .: 127 127 127

PIN retry counter : 3 0 3

Signature counter : 0

Signature key ....: [none]

Encryption key....: [none]

Authentication key: [none]

General key info..: [none]

Conserver les clés GnuPG dans la SmartCard

$ gpg2 --edit-key 0x0DA3852689C0BC38

Secret key is available.

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> key 1

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb* rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> keytocard Please select where to store the key: (1) Signature key (3) Authentication key Your selection? 1

gpg> key 1

gpg> key 2

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb* rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> keytocard Please select where to store the key: (2) Encryption key Your selection? 2

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb* rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> key 2

gpg> key 3

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb* rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> keytocard Please select where to store the key: (3) Authentication key Your selection? 3

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15 usage: C trust: ultimate validity: ultimate ssb rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15 usage: S ssb rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15 usage: E ssb* rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15 usage: A [ultimate] (1). Pallando <pallando@example.org>

gpg> save

Après cela, gpg2 -card-status devrait ressembler à ceci :

Reader ...........: 1050:0407:X:0

Application ID ...: D2760001240102010006042451460000

Version ..........: 2.1

Manufacturer .....: Yubico

Serial number ....: 04245146

Name of cardholder: Pallando

Language prefs ...: de

Sex ..............: male

URL of public key : [not set]

Signature PIN ....: not forced

Key attributes ...: rsa4096 rsa4096 rsa4096

Max. PIN lengths .: 127 127 127

PIN retry counter : 3 0 3

Signature counter : 0

Signature key ....: DF3B 91AD 59A5 BF46 916D 9A32 0B86 35FD 2004 5068

created ....: 2017-02-15 08:52:56

Encryption key....: 5777 58DA AE13 D7AC 9528 287C 8BF4 DDB7 3F29 DDAA

created ....: 2017-02-15 08:34:39

Authentication key: EAEF A30B E182 129A CB7A 5D9F C163 F1DC 0667 E483

created ....: 2017-02-15 08:58:07

General key info..: sub rsa4096/0x8BF4DDB73F29DDAA 2017-02-15 Pallando <pallando@example.org>

sec# rsa4096/0x0DA3852689C0BC38 created: 2017-02-15 expires: 2020-02-15

ssb> rsa4096/0x0B8635FD20045068 created: 2017-02-15 expires: 2020-02-15

card-no: 0006 04245146

ssb> rsa4096/0x8BF4DDB73F29DDAA created: 2017-02-15 expires: 2020-02-15

card-no: 0006 04245146

ssb> rsa4096/0xC163F1DC0667E483 created: 2017-02-15 expires: 2020-02-15

card-no: 0006 04245146

und die Ausgabe von $ gpg2 --list-secret-keys sollte in etwa so aussehen:

sec# rsa4096/0x0DA3852689C0BC38 2017-02-15 [C] [expires: 2020-02-15]

01691D7408369C26A5B7D9390DA3852689C0BC38

uid [ultimate] Pallando <pallando@example.org>

ssb> rsa4096/0x0B8635FD20045068 2017-02-15 [S] [expires: 2020-02-15]

ssb> rsa4096/0x8BF4DDB73F29DDAA 2017-02-15 [E] [expires: 2020-02-15]

ssb> rsa4096/0xC163F1DC0667E483 2017-02-15 [A] [expires: 2020-02-15]

Le > après ssb signifie que la clé est une clé stubkey (c’est-à-dire qu’elle n’est pas connue en soi, mais sur la carte à puce).

Désormais, la clé GnuPG n’est disponible que via la SmartCard. Les données sont envoyées à la SmartCard, qui les déchiffre ou les signe, puis les renvoie.