Documentation
¶
Index ¶
- func CloseAllPIVHandles()
- func RefreshSmartCards()
- type SmartCard
- func (c *SmartCard) Attest(slot piv.Slot) (cert *x509.Certificate, err error)
- func (c *SmartCard) GenerateKey(slot piv.Slot, key piv.Key) (err error)
- func (c *SmartCard) GetAttestation(toVerify piv.Slot) (attestation *piv.Attestation, err error)
- func (c *SmartCard) GetAttestationCertificate() (cert *x509.Certificate, err error)
- func (c *SmartCard) GetCertificate(slot piv.Slot) (cert *x509.Certificate, err error)
- func (c *SmartCard) GetPublicKey(slot piv.Slot) (publicKey any, err error)
- func (c *SmartCard) GetYKHandle() (*ThreadSafeYubikey, error)
- func (c *SmartCard) ImportCertificate(slot piv.Slot, cert *x509.Certificate) error
- func (c *SmartCard) ResetYubikey() error
- type ThreadSafeYubikey
- func (y *ThreadSafeYubikey) Attest(slot piv.Slot) (*x509.Certificate, error)
- func (y *ThreadSafeYubikey) AttestationCertificate() (*x509.Certificate, error)
- func (y *ThreadSafeYubikey) Certificate(slot piv.Slot) (*x509.Certificate, error)
- func (y *ThreadSafeYubikey) Close() error
- func (y *ThreadSafeYubikey) GenerateKey(key [24]byte, slot piv.Slot, opts piv.Key) (crypto.PublicKey, error)
- func (y *ThreadSafeYubikey) Metadata(pin string) (*piv.Metadata, error)
- func (y *ThreadSafeYubikey) PrivateKey(slot piv.Slot, public crypto.PublicKey, auth piv.KeyAuth) (crypto.PrivateKey, error)
- func (y *ThreadSafeYubikey) Reset() error
- func (y *ThreadSafeYubikey) Retries() (int, error)
- func (y *ThreadSafeYubikey) Serial() (uint32, error)
- func (y *ThreadSafeYubikey) SetCertificate(key [24]byte, slot piv.Slot, cert *x509.Certificate) error
- func (y *ThreadSafeYubikey) SetManagementKey(oldKey, newKey [24]byte) error
- func (y *ThreadSafeYubikey) SetMetadata(key [24]byte, m *piv.Metadata) error
- func (y *ThreadSafeYubikey) SetPIN(oldPIN, newPIN string) error
- func (y *ThreadSafeYubikey) SetPUK(oldPUK, newPUK string) error
- func (y *ThreadSafeYubikey) SetPrivateKeyInsecure(key [24]byte, slot piv.Slot, private crypto.PrivateKey, policy piv.Key) error
- func (y *ThreadSafeYubikey) Unblock(puk, newPIN string) error
- func (y *ThreadSafeYubikey) Version() piv.Version
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CloseAllPIVHandles ¶
func CloseAllPIVHandles()
CloseAllPIVHandles must be called at the end of the program
Types ¶
type SmartCard ¶
type SmartCard struct {
Name string
Pin string
Puk string
Version piv.Version
Serial uint32
ManagementKey [24]byte
// contains filtered or unexported fields
}
SmartCard contains information to uniquely identify a SmartCard
func GetValidSmartCards ¶
GetValidSmartCards returns a list of valid smart cards, optionally filtered by the given serial number
func (*SmartCard) GenerateKey ¶
GenerateKey generates a new key on the YubiKey
func (*SmartCard) GetAttestation ¶
GetAttestation returns the attestation certificate of the YubiKey
func (*SmartCard) GetAttestationCertificate ¶
func (c *SmartCard) GetAttestationCertificate() (cert *x509.Certificate, err error)
GetAttestationCertificate returns the attestation certificate of the YubiKey
func (*SmartCard) GetCertificate ¶
GetCertificate returns the certificate of a slot on the YubiKey
func (*SmartCard) GetPublicKey ¶
GetPublicKey returns the public key of a slot on the YubiKey
func (*SmartCard) GetYKHandle ¶
func (c *SmartCard) GetYKHandle() (*ThreadSafeYubikey, error)
func (*SmartCard) ImportCertificate ¶
ImportCertificate imports a certificate on the YubiKey
func (*SmartCard) ResetYubikey ¶
ResetYubikey resets the YubiKey
type ThreadSafeYubikey ¶
type ThreadSafeYubikey struct {
// contains filtered or unexported fields
}
ThreadSafeYubikey is a thread safe wrapper for the yubikey It contains information about the yubikey and a lock to prevent concurrent access It also contains a boolean to check if the yubikey is open
func (*ThreadSafeYubikey) Attest ¶
func (y *ThreadSafeYubikey) Attest(slot piv.Slot) (*x509.Certificate, error)
Attest generates an attestation of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) AttestationCertificate ¶
func (y *ThreadSafeYubikey) AttestationCertificate() (*x509.Certificate, error)
AttestationCertificate returns the attestation certificate of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Certificate ¶
func (y *ThreadSafeYubikey) Certificate(slot piv.Slot) (*x509.Certificate, error)
Certificate returns the certificate of a slot in the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Close ¶
func (y *ThreadSafeYubikey) Close() error
Close closes the yubikey, once all other locks are released
func (*ThreadSafeYubikey) GenerateKey ¶
func (y *ThreadSafeYubikey) GenerateKey(key [24]byte, slot piv.Slot, opts piv.Key) (crypto.PublicKey, error)
GenerateKey generates a key in the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Metadata ¶
func (y *ThreadSafeYubikey) Metadata(pin string) (*piv.Metadata, error)
Metadata returns the metadata of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) PrivateKey ¶
func (y *ThreadSafeYubikey) PrivateKey(slot piv.Slot, public crypto.PublicKey, auth piv.KeyAuth) ( crypto.PrivateKey, error)
PrivateKey returns the private key of a slot in the yubikey, once all other locks are released Note: The private key never really leaves the yubikey, this will only return an interface to the key
func (*ThreadSafeYubikey) Reset ¶
func (y *ThreadSafeYubikey) Reset() error
Reset resets the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Retries ¶
func (y *ThreadSafeYubikey) Retries() (int, error)
Retries returns the number of retries left to unlock the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Serial ¶
func (y *ThreadSafeYubikey) Serial() (uint32, error)
Serial returns the serial number of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetCertificate ¶
func (y *ThreadSafeYubikey) SetCertificate(key [24]byte, slot piv.Slot, cert *x509.Certificate) error
SetCertificate sets the certificate of a slot in the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetManagementKey ¶
func (y *ThreadSafeYubikey) SetManagementKey(oldKey, newKey [24]byte) error
SetManagementKey sets the management key of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetMetadata ¶
func (y *ThreadSafeYubikey) SetMetadata(key [24]byte, m *piv.Metadata) error
SetMetadata sets the metadata of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetPIN ¶
func (y *ThreadSafeYubikey) SetPIN(oldPIN, newPIN string) error
SetPIN sets the PIN of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetPUK ¶
func (y *ThreadSafeYubikey) SetPUK(oldPUK, newPUK string) error
SetPUK sets the PUK of the yubikey, once all other locks are released
func (*ThreadSafeYubikey) SetPrivateKeyInsecure ¶
func (y *ThreadSafeYubikey) SetPrivateKeyInsecure( key [24]byte, slot piv.Slot, private crypto.PrivateKey, policy piv.Key) error
SetPrivateKeyInsecure sets the private key of a slot in the yubikey, once all other locks are released
func (*ThreadSafeYubikey) Unblock ¶
func (y *ThreadSafeYubikey) Unblock(puk, newPIN string) error
Unblock sets a new PIN using the PUK, once all other locks are released
func (*ThreadSafeYubikey) Version ¶
func (y *ThreadSafeYubikey) Version() piv.Version
Version returns the version of the yubikey, once all other locks are released
Source Files