Niels Möller via Sigsum-general sigsum-general@lists.sigsum.org wrote Tue, 04 Apr 2023 11:07:30 +0200:
Hi, I wrote up some notes and ideas on how to do backups of private keys, which is needed for sigsum primary-secondary failover.
I would hope the way I propose (if it actually works) could be implemented on a Tillitis key. I have no idea if something like that is supported by yubico hsm, but I think Linus is investigating.
See https://git.glasklar.is/sigsum/project/documentation/-/blob/main/archive/202... comments and feedback appreciated.
Nice write-up.
The YubiHSM does have key wrapping, but only using symmetric keys for wrap keys. I've heard that this might change but nothing confirmed.
What we will probably do in System Transparency, for signing an UEFI shim using a key on a YubiHSM, is to expose the (secret behind) the symmetric wrap key briefly to the computer used for provisioning the YubiHSM devices in order to generate the same wrap key on a second YubiHSM device and cross our fingers that the computer in question is not too severely compromised. Whether to expose the secret to /dev/shm and a shell, or to wayland/x11 and its clipboard buffer is something to ponder. Probably doesn't matter at all.