Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for AES management keys #92

Open
str4d opened this issue Dec 30, 2022 · 1 comment
Open

Add support for AES management keys #92

str4d opened this issue Dec 30, 2022 · 1 comment
Labels
enhancement New feature or request S-blocked-on-upstream Status: Requires changes to an upstream dependency.

Comments

@str4d
Copy link
Owner

str4d commented Dec 30, 2022

Once iqlusioninc/yubikey.rs#330 is resolved, we should start using PIN-protected AES management keys for YubiKeys that support them. We should also migrate YubiKeys that we previously configured to use a PIN-protected TDES management key, if AES is supported.
@str4d str4d added the enhancement New feature or request label Dec 30, 2022
@str4d
Copy link
Owner Author

str4d commented Jan 1, 2023

We want to ensure that a YubiKey set up by age-plugin-yubikey is usable with yubikey-agent, so we use the same management setup (PIN-protected management key, PUK set to PIN) as yubikey-agent. We therefore need to synchronise on AES management key usage, which means we also need to block on go-piv/piv-go#109.

@str4d str4d mentioned this issue Apr 8, 2023
Closed
@str4d str4d added the S-blocked-on-upstream Status: Requires changes to an upstream dependency. label Aug 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request S-blocked-on-upstream Status: Requires changes to an upstream dependency.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@str4d