Skip to content

Commit

Permalink
feat: add touch policy to synthesized openpgp key comment
Browse files Browse the repository at this point in the history
  • Loading branch information
smlx committed Aug 8, 2021
1 parent 07780d7 commit c1a5038
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions internal/securitykey/string.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,10 +46,6 @@ func (k *SecurityKey) StringsSSH() []string {
// on the yubikey for slots with touch policies that require it.
func (k *SecurityKey) synthesizeEntities(name, email string) ([]Entity, error) {
now := time.Now()
uid := packet.NewUserId(name, "piv-agent synthesized user ID", email)
if uid == nil {
return nil, errors.InvalidArgumentError("invalid characters in user ID")
}
var entities []Entity
for _, signingKey := range k.SigningKeys() {
cryptoPrivKey, err := k.PrivateKey(&signingKey)
Expand All @@ -60,6 +56,12 @@ func (k *SecurityKey) synthesizeEntities(name, email string) ([]Entity, error) {
if !ok {
return nil, fmt.Errorf("private key is invalid type")
}
comment := fmt.Sprintf("piv-agent synthesized; touch-policy %s",
touchStringMap[signingKey.SlotSpec.TouchPolicy])
uid := packet.NewUserId(name, comment, email)
if uid == nil {
return nil, errors.InvalidArgumentError("invalid characters in user ID")
}
ecdsaPubKey, ok := signingKey.Public.(*ecdsa.PublicKey)
if !ok {
// TODO: handle ed25519 keys
Expand Down

0 comments on commit c1a5038

Please sign in to comment.