Am working on GPG mechanism to code sign my debian packages. I have generated both Master Key pair and Subordinate Key pairs to sign my packages. Now i want to store my key-pair in TPM hardware instead of Key ring. Later i want to delete my key ring and i want to retrieve keys from TPM.
Can anybody explain what is the mechanism to store and retrieve the code signing key securely in TPM, for secure code signing.