Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add basic support for 5.7.0+ yubikeys that default to AES192 management keys #148

Closed
wants to merge 1 commit into from

Conversation

Quantu
Copy link
Contributor

@Quantu Quantu commented Jun 27, 2024

Changes to add basic support for 5.7.0+ yubikeys that default to AES192 management keys rather than the previous default of 3DES. Assumes management key type is the default type for the key version - does not support non-default management key types, but it didn't before anyway.

Minimal changes to add support for 5.7.0+ yubikeys that default to AES192 management keys
Copy link
Collaborator

@ericchiang ericchiang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How did you test this? Is there any way for a user to change the kind of management key?


// If yubikey is 5.7.0 or newer, management key default is AES192
if int(v.major) >= 5 && int(v.minor) >= 7 {
DefaultManagementKeyType = algAES192
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can this be on the client rather than global to the package?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested with v4.3.7, v5.4.3, and v5.7.1 yubikeys. It has been possible for users to change the type of management key since 5.4, but the default has remained 3DES. I decided in lieu of this minimal fix, I would take things a step further and just implement dynamic support for all the supported management key types. Closing this PR in favor of : #149

@Quantu Quantu closed this Jul 1, 2024
@Quantu Quantu deleted the yk57_minimal branch July 2, 2024 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants