Documentation ¶
Overview ¶
Package yubikey provides PIV smart card interface for YubiKey security keys.
Index ¶
- Variables
- func CardSlots(serials, slots, pins []string) (map[string]map[string]*Slot, error)
- type Algorithm
- type Card
- func (card *Card) Name() string
- func (card *Card) Serial() string
- func (card *Card) SetManKey(manKey []byte)
- func (card *Card) SetPIN(pin string)
- func (card *Card) SetPUK(puk string)
- func (card *Card) SlotKeys() []string
- func (card *Card) Slots() ([]*Slot, error)
- func (card *Card) SlotsByKey(slotKeys []string) ([]*Slot, error)
- func (card *Card) Unblock(puk, newPIN string) error
- func (card *Card) VerifyPIN(pin string) error
- func (card *Card) Version() string
- type GenerateKeyOpts
- type PINPolicy
- type Slot
- func (slot *Slot) GenerateKey(opts GenerateKeyOpts) error
- func (slot *Slot) HasKey() bool
- func (slot *Slot) IsGenerated() bool
- func (slot *Slot) IsImported() bool
- func (slot *Slot) Key() string
- func (slot *Slot) PINPolicy() PINPolicy
- func (slot *Slot) PublicKey() []byte
- func (slot *Slot) PublicKeyAlgorithm() Algorithm
- func (slot *Slot) SharedKey(peerPublicKey []byte) ([]byte, error)
- func (slot *Slot) TouchPolicy() TouchPolicy
- type TouchPolicy
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidPIN represents an invalid PIN error. ErrInvalidPIN = errors.New("invalid PIN") // ErrMissingPIN represents a missing PIN error. ErrMissingPIN = errors.New("missing PIN") // ErrAuthError represents an authentication error. ErrAuthError = errors.New("authentication error") // ErrAuthBlocked represents an authentication block error. ErrAuthBlocked = errors.New("authentication method blocked") )
var ( // DefaultPIN holds the default card PIN. DefaultPIN = piv.DefaultPIN // DefaultPUK holds the default card PUK. DefaultPUK = piv.DefaultPUK // DefaultManagementKey holds the default card management key. DefaultManagementKey = piv.DefaultManagementKey // ErrOutstandingConnections returns an outstanding connections error. ErrOutstandingConnections = errors.New("outstanding connections") )
Functions ¶
Types ¶
type Algorithm ¶
type Algorithm int
Algorithm represents an algorithm.
const ( // AlgorithmUnknown represents the unknown algorithm. AlgorithmUnknown Algorithm = 0 // AlgorithmEC256 represents the EC256 algorithm. AlgorithmEC256 Algorithm = 1 // AlgorithmEC384 represents the EC384 algorithm. AlgorithmEC384 Algorithm = 2 // AlgorithmEd25519 represents the Ed25519 algorithm. AlgorithmEd25519 Algorithm = 3 // AlgorithmRSA1024 represents the RSA1024 algorithm. AlgorithmRSA1024 Algorithm = 4 // AlgorithmRSA2048 represents the RSA2048 algorithm. AlgorithmRSA2048 Algorithm = 5 )
type Card ¶
type Card struct {
// contains filtered or unexported fields
}
Card represents a YubiKey smart card. For more information see https://developers.yubico.com/PIV/Introduction/YubiKey_and_PIV.html
func (*Card) SlotsByKey ¶
SlotsByKey returns the card slots by the given slot keys.
type GenerateKeyOpts ¶
type GenerateKeyOpts struct { Overwrite bool Algorithm Algorithm PINPolicy PINPolicy TouchPolicy TouchPolicy ManKey []byte }
GenerateKeyOpts represents the options which can be used for generating a key.
type PINPolicy ¶
type PINPolicy int
PINPolicy represents a slot PIN policy.
const ( // PINPolicyUnknown represents the unknown PIN policy. PINPolicyUnknown PINPolicy = 0 // PINPolicyNever represents the "never" PIN policy. PINPolicyNever PINPolicy = 1 // PINPolicyOnce represents the "once" PIN policy. PINPolicyOnce PINPolicy = 2 // PINPolicyAlways represents the "always" PIN policy. PINPolicyAlways PINPolicy = 3 )
type Slot ¶
type Slot struct {
// contains filtered or unexported fields
}
Slot represents a YubiKey smart card slot.
func (*Slot) GenerateKey ¶
func (slot *Slot) GenerateKey(opts GenerateKeyOpts) error
GenerateKey generates an asymmetric key by the given slot name and options.
func (*Slot) IsGenerated ¶
IsGenerated returns whether the slot key is generated (secure) or not.
func (*Slot) IsImported ¶
IsImported returns whether the slot key is imported (may not be secure) or not.
func (*Slot) PublicKeyAlgorithm ¶
PublicKeyAlgorithm returns the public key algorithm of the slot.
func (*Slot) TouchPolicy ¶
func (slot *Slot) TouchPolicy() TouchPolicy
TouchPolicy returns the slot touch policy.
type TouchPolicy ¶
type TouchPolicy int
TouchPolicy represents a slot touch policy.
const ( // TouchPolicyUnknown represents the unknown touch policy. TouchPolicyUnknown TouchPolicy = 0 // TouchPolicyNever represents the "never" touch policy. TouchPolicyNever TouchPolicy = 1 // TouchPolicyAlways represents the "always" touch policy. TouchPolicyAlways TouchPolicy = 2 // TouchPolicyCached represents the "cached" touch policy. TouchPolicyCached TouchPolicy = 3 )
func (TouchPolicy) String ¶
func (touchPolicy TouchPolicy) String() string
String returns the policy name.