Package: wnpp
Severity: wishlist
* Package name : canokey-qemu
Upstream Author : ZenithalHourlyRate Hongren Zheng
* URL : https://github.com/canokeys/canokey-qemu
* License : Apache-2.0 license
Programming Lang: C
Description : virtual canokey to the guest OS
CanoKey [1] is an open-source secure key with supports of:
- U2F / FIDO2 with Ed25519 and HMAC-secret
- OpenPGP Card V3.4 with RSA4096, Ed25519 and more 2
- PIV (NIST SP 800-73-4)
- HOTP / TOTP
- NDEF
There is an emulated QEMU device in the form of libcanokey-qemu which is
the focus of this wishlist request. This feature will allow safe usage
of ones keys in a virtual environment with the trust issues that
accompany physical smartcard device implementations. Canokey also
provides a more straightforward and generic approach to interacting with
secure key material compared to swtpm-tools which support a subset of
these ciphers and algos in a TPM only context.
Once packaged, this feature will bring what was exclusively a feature
(Split GPG [3]) limited to users of security hypervisor distros like
QubesOS to the masses.
[1] https://canokeys.org/
[2] https://www.qemu.org/docs/master/system/devices/canokey.html#id9
[3] https://www.qubes-os.org/doc/split-gpg/