plugin: support p256tag

[Foxboron]

This contains a couple of changes.

• Support the new p256tag
• Removal of the --swtpm feature
• A bit of modernizing of ecdh keys

All older keys age!tpm and old stanzas, tpm-ecc, are still supported. But warnings will be printed when people try to use the old style stuff.

See C2SP/C2SP#156

[Foxboron]

The plain build is going to continue to fail until stuff is properly upstream. But most of the work is completed in the branch.

[FiloSottile]

C2SP/C2SP#156 and FiloSottile/age#651 are merged!

[Foxboron]

Christmas came early :) Thanks!

@FiloSottile Do you have any plans on a release soon'ish or is that for next year?

[FiloSottile]

You can depend on the current main branch, I might try to merge a couple unrelated backwards-compatible things before cutting a release, but I want to do release and announcement before Christmas (and it would be awesome to have an age-plugin-tpm release to point to!).

[Foxboron]

I'll work towards the main branch. I just wanted to figure out the time-scale for the release so I can have a v1.0.0 release or something similar ready for the age release :)

[Foxboron]

@FiloSottile One question around nistec and ECC key manipulation. The TPM interactions requires me to create keys from the raw X and Y points, as well as access these from public keys.

Since the Go crypto library is deprecating all of this I can't seem to find equivalent code in either x/crypto, crypto nor nistec.

Whats the new strategy for this?

[FiloSottile]

The nistec Bytes/SetBytes format is just 0x04 || X || Y, where X and Y are fixed-length big endian.

[Foxboron]

Aha, is there a reason why we can't have easily accessible APIs to retrieve these values?

[FiloSottile]

I'm not sure how much easier we can make it. We definitely don't want to import math/big after so much effort pushing it out of the boundary, and big-endian byte slices are the next easiest thing.

I guess we can strip the 0x04 in front and split it in two, but we'd be saving one or two line of code.

[Foxboron]

I'm not sure how much easier we can make it. We definitely don't want to import math/big after so much effort pushing it out of the boundary, and big-endian byte slices are the next easiest thing.

Completely understandable.

I guess we can strip the 0x04 in front and split it in two, but we'd be saving one or two line of code.

As a non-crypto person it just feels very fragile dealing with this myself :)

Thanks!

[FiloSottile]

As a non-crypto person it just feels very fragile dealing with this myself :)

Fair, but if you are moving around raw coordinates I do want you to feel a little uncomfortable, because you'd be doing low-level things even if we did have an API making it easier :)

(To be clear, in this case it makes perfect sense you'd need to. You are effectively in charge of doing a format conversion.)