README
¶
Table of Contents
ykpiv
Go bindings for ykpiv so you can write Go to interact with your yubikeys. The C library lives at yubico/yubico-piv-tool.
C Libraries Required for Compilation
- libcrypto
- libykpiv
- libpcsclite
- ccid
Example
package main
import (
"fmt"
"log"
"github.com/jessfraz/ykpiv"
)
func main() {
s := ykpiv.NewState()
defer s.Free()
// Let's get the readers
readers := make([]byte, 2048)
len := []uint{2048}
log.Println("list")
err := ykpiv.ListReaders([]ykpiv.State{*s}, readers, len)
if err != 0 {
log.Fatalf("%s: %#v", ykpiv.Strerror(err), err)
}
fmt.Printf("readers: %s\n", string(readers))
}
Starting pcscd
Hopefully your operating system does this for you with a nice init script but if not here you go:
$ sudo LIBCCID_ifdLogLevel=0x000F /usr/sbin/pcscd --foreground --debug --apdu --color
$ sudo /usr/sbin/pcscd --hotplug
Documentation
¶
Overview ¶
Package ykpiv provides Go bindings for libykpiv.
Index ¶
- Constants
- func CheckVersion(reqVersion string) string
- func Strerror(err Rc) string
- func StrerrorName(err Rc) string
- type RawString
- type Rc
- func Authenticate(state []State, key string) Rc
- func ChangePin(state []State, currentPin string, currentPinLen uint, newPin string, ...) Rc
- func ChangePuk(state []State, currentPuk string, currentPukLen uint, newPuk string, ...) Rc
- func Connect(state []State, wanted string) Rc
- func DecipherData(state []State, encIn string, inLen uint, encOut []byte, outLen []uint, ...) Rc
- func Disconnect(state []State) Rc
- func Done(state []State) Rc
- func FetchObject(state []State, objectId int32, data []byte, len []uint) Rc
- func GetVersion(state []State, version []byte, len uint) Rc
- func HexDecode(hexIn string, inLen uint, hexOut []byte, outLen []uint) Rc
- func ImportPrivateKey(state []State, key byte, algorithm byte, p string, pLen uint, q string, ...) Rc
- func Init(state [][]State, verbose int32) Rc
- func ListReaders(state []State, readers []byte, len []uint) Rc
- func SaveObject(state []State, objectId int32, indata []byte, len uint) Rc
- func SetMgmkey(state []State, newKey string) Rc
- func SetMgmkey2(state []State, newKey string, touch byte) Rc
- func SignData(state []State, signIn string, inLen uint, signOut []byte, outLen []uint, ...) Rc
- func TransferData(state []State, templ string, inData string, inLen int, outData []byte, ...) Rc
- func UnblockPin(state []State, puk string, pukLen uint, newPin string, newPinLen uint, ...) Rc
- func Verify(state []State, pin string, tries []int32) Rc
- type State
Constants ¶
View Source
const ( // ALGOTAG as defined in ykpiv/ykpiv.h:113 ALGOTAG = 0x80 // ALGO3DES as defined in ykpiv/ykpiv.h:114 ALGO3DES = 0x03 // ALGORSA1024 as defined in ykpiv/ykpiv.h:115 ALGORSA1024 = 0x06 // ALGORSA2048 as defined in ykpiv/ykpiv.h:116 ALGORSA2048 = 0x07 // ALGOECCP256 as defined in ykpiv/ykpiv.h:117 ALGOECCP256 = 0x11 // ALGOECCP384 as defined in ykpiv/ykpiv.h:118 ALGOECCP384 = 0x14 // KEYAUTHENTICATION as defined in ykpiv/ykpiv.h:120 KEYAUTHENTICATION = 0x9a // KEYCARDMGM as defined in ykpiv/ykpiv.h:121 KEYCARDMGM = 0x9b // KEYSIGNATURE as defined in ykpiv/ykpiv.h:122 KEYSIGNATURE = 0x9c // KEYKEYMGM as defined in ykpiv/ykpiv.h:123 KEYKEYMGM = 0x9d // KEYCARDAUTH as defined in ykpiv/ykpiv.h:124 KEYCARDAUTH = 0x9e // KEYRETIRED1 as defined in ykpiv/ykpiv.h:125 KEYRETIRED1 = 0x82 // KEYRETIRED2 as defined in ykpiv/ykpiv.h:126 KEYRETIRED2 = 0x83 // KEYRETIRED3 as defined in ykpiv/ykpiv.h:127 KEYRETIRED3 = 0x84 // KEYRETIRED4 as defined in ykpiv/ykpiv.h:128 KEYRETIRED4 = 0x85 // KEYRETIRED5 as defined in ykpiv/ykpiv.h:129 KEYRETIRED5 = 0x86 // KEYRETIRED6 as defined in ykpiv/ykpiv.h:130 KEYRETIRED6 = 0x87 // KEYRETIRED7 as defined in ykpiv/ykpiv.h:131 KEYRETIRED7 = 0x88 // KEYRETIRED8 as defined in ykpiv/ykpiv.h:132 KEYRETIRED8 = 0x89 // KEYRETIRED9 as defined in ykpiv/ykpiv.h:133 KEYRETIRED9 = 0x8a // KEYRETIRED10 as defined in ykpiv/ykpiv.h:134 KEYRETIRED10 = 0x8b // KEYRETIRED11 as defined in ykpiv/ykpiv.h:135 KEYRETIRED11 = 0x8c // KEYRETIRED12 as defined in ykpiv/ykpiv.h:136 KEYRETIRED12 = 0x8d // KEYRETIRED13 as defined in ykpiv/ykpiv.h:137 KEYRETIRED13 = 0x8e // KEYRETIRED14 as defined in ykpiv/ykpiv.h:138 KEYRETIRED14 = 0x8f // KEYRETIRED15 as defined in ykpiv/ykpiv.h:139 KEYRETIRED15 = 0x90 // KEYRETIRED16 as defined in ykpiv/ykpiv.h:140 KEYRETIRED16 = 0x91 // KEYRETIRED17 as defined in ykpiv/ykpiv.h:141 KEYRETIRED17 = 0x92 // KEYRETIRED18 as defined in ykpiv/ykpiv.h:142 KEYRETIRED18 = 0x93 // KEYRETIRED19 as defined in ykpiv/ykpiv.h:143 KEYRETIRED19 = 0x94 // KEYRETIRED20 as defined in ykpiv/ykpiv.h:144 KEYRETIRED20 = 0x95 // KEYATTESTATION as defined in ykpiv/ykpiv.h:145 KEYATTESTATION = 0xf9 // OBJCAPABILITY as defined in ykpiv/ykpiv.h:147 OBJCAPABILITY = 0x5fc107 // OBJCHUID as defined in ykpiv/ykpiv.h:148 OBJCHUID = 0x5fc102 // OBJAUTHENTICATION as defined in ykpiv/ykpiv.h:149 OBJAUTHENTICATION = 0x5fc105 // OBJFINGERPRINTS as defined in ykpiv/ykpiv.h:150 OBJFINGERPRINTS = 0x5fc103 // OBJSECURITY as defined in ykpiv/ykpiv.h:151 OBJSECURITY = 0x5fc106 // OBJFACIAL as defined in ykpiv/ykpiv.h:152 OBJFACIAL = 0x5fc108 // OBJPRINTED as defined in ykpiv/ykpiv.h:153 OBJPRINTED = 0x5fc109 // OBJSIGNATURE as defined in ykpiv/ykpiv.h:154 OBJSIGNATURE = 0x5fc10a // OBJKEYMANAGEMENT as defined in ykpiv/ykpiv.h:155 OBJKEYMANAGEMENT = 0x5fc10b // OBJCARDAUTH as defined in ykpiv/ykpiv.h:156 OBJCARDAUTH = 0x5fc101 // OBJDISCOVERY as defined in ykpiv/ykpiv.h:157 OBJDISCOVERY = 0x7e // OBJKEYHISTORY as defined in ykpiv/ykpiv.h:158 OBJKEYHISTORY = 0x5fc10c // OBJIRIS as defined in ykpiv/ykpiv.h:159 OBJIRIS = 0x5fc121 // OBJRETIRED1 as defined in ykpiv/ykpiv.h:161 OBJRETIRED1 = 0x5fc10d // OBJRETIRED2 as defined in ykpiv/ykpiv.h:162 OBJRETIRED2 = 0x5fc10e // OBJRETIRED3 as defined in ykpiv/ykpiv.h:163 OBJRETIRED3 = 0x5fc10f // OBJRETIRED4 as defined in ykpiv/ykpiv.h:164 OBJRETIRED4 = 0x5fc110 // OBJRETIRED5 as defined in ykpiv/ykpiv.h:165 OBJRETIRED5 = 0x5fc111 // OBJRETIRED6 as defined in ykpiv/ykpiv.h:166 OBJRETIRED6 = 0x5fc112 // OBJRETIRED7 as defined in ykpiv/ykpiv.h:167 OBJRETIRED7 = 0x5fc113 // OBJRETIRED8 as defined in ykpiv/ykpiv.h:168 OBJRETIRED8 = 0x5fc114 // OBJRETIRED9 as defined in ykpiv/ykpiv.h:169 OBJRETIRED9 = 0x5fc115 // OBJRETIRED10 as defined in ykpiv/ykpiv.h:170 OBJRETIRED10 = 0x5fc116 // OBJRETIRED11 as defined in ykpiv/ykpiv.h:171 OBJRETIRED11 = 0x5fc117 // OBJRETIRED12 as defined in ykpiv/ykpiv.h:172 OBJRETIRED12 = 0x5fc118 // OBJRETIRED13 as defined in ykpiv/ykpiv.h:173 OBJRETIRED13 = 0x5fc119 // OBJRETIRED14 as defined in ykpiv/ykpiv.h:174 OBJRETIRED14 = 0x5fc11a // OBJRETIRED15 as defined in ykpiv/ykpiv.h:175 OBJRETIRED15 = 0x5fc11b // OBJRETIRED16 as defined in ykpiv/ykpiv.h:176 OBJRETIRED16 = 0x5fc11c // OBJRETIRED17 as defined in ykpiv/ykpiv.h:177 OBJRETIRED17 = 0x5fc11d // OBJRETIRED18 as defined in ykpiv/ykpiv.h:178 OBJRETIRED18 = 0x5fc11e // OBJRETIRED19 as defined in ykpiv/ykpiv.h:179 OBJRETIRED19 = 0x5fc11f // OBJRETIRED20 as defined in ykpiv/ykpiv.h:180 OBJRETIRED20 = 0x5fc120 // OBJATTESTATION as defined in ykpiv/ykpiv.h:182 OBJATTESTATION = 0x5fff01 // INSVERIFY as defined in ykpiv/ykpiv.h:184 INSVERIFY = 0x20 // INSCHANGEREFERENCE as defined in ykpiv/ykpiv.h:185 INSCHANGEREFERENCE = 0x24 // INSRESETRETRY as defined in ykpiv/ykpiv.h:186 INSRESETRETRY = 0x2c // INSGENERATEASYMMETRIC as defined in ykpiv/ykpiv.h:187 INSGENERATEASYMMETRIC = 0x47 // INSAUTHENTICATE as defined in ykpiv/ykpiv.h:188 INSAUTHENTICATE = 0x87 // INSGETDATA as defined in ykpiv/ykpiv.h:189 INSGETDATA = 0xcb // INSPUTDATA as defined in ykpiv/ykpiv.h:190 INSPUTDATA = 0xdb // INSSETMGMKEY as defined in ykpiv/ykpiv.h:201 INSSETMGMKEY = 0xff // INSIMPORTKEY as defined in ykpiv/ykpiv.h:202 INSIMPORTKEY = 0xfe // INSGETVERSION as defined in ykpiv/ykpiv.h:203 INSGETVERSION = 0xfd // INSRESET as defined in ykpiv/ykpiv.h:204 INSRESET = 0xfb // INSSETPINRETRIES as defined in ykpiv/ykpiv.h:205 INSSETPINRETRIES = 0xfa // INSATTEST as defined in ykpiv/ykpiv.h:206 INSATTEST = 0xf9 // PINPOLICYTAG as defined in ykpiv/ykpiv.h:208 PINPOLICYTAG = 0xaa // PINPOLICYDEFAULT as defined in ykpiv/ykpiv.h:209 PINPOLICYDEFAULT = 0 // PINPOLICYNEVER as defined in ykpiv/ykpiv.h:210 PINPOLICYNEVER = 1 // PINPOLICYONCE as defined in ykpiv/ykpiv.h:211 PINPOLICYONCE = 2 // PINPOLICYALWAYS as defined in ykpiv/ykpiv.h:212 PINPOLICYALWAYS = 3 // TOUCHPOLICYTAG as defined in ykpiv/ykpiv.h:214 TOUCHPOLICYTAG = 0xab // TOUCHPOLICYDEFAULT as defined in ykpiv/ykpiv.h:215 TOUCHPOLICYDEFAULT = 0 // TOUCHPOLICYNEVER as defined in ykpiv/ykpiv.h:216 TOUCHPOLICYNEVER = 1 // TOUCHPOLICYALWAYS as defined in ykpiv/ykpiv.h:217 TOUCHPOLICYALWAYS = 2 // TOUCHPOLICYCACHED as defined in ykpiv/ykpiv.h:218 TOUCHPOLICYCACHED = 3 // VERSIONSTRING as defined in lib/ykpiv-version.h:46 VERSIONSTRING = "1.4.2" // VERSIONNUMBER as defined in lib/ykpiv-version.h:56 VERSIONNUMBER = 0x010402 // VERSIONMAJOR as defined in lib/ykpiv-version.h:65 VERSIONMAJOR = 1 // VERSIONMINOR as defined in lib/ykpiv-version.h:74 VERSIONMINOR = 4 // VERSIONPATCH as defined in lib/ykpiv-version.h:83 VERSIONPATCH = 2 )
Variables ¶
This section is empty.
Functions ¶
func CheckVersion ¶
CheckVersion function as declared in lib/ykpiv-version.h:85
func StrerrorName ¶
StrerrorName function as declared in ykpiv/ykpiv.h:64
Types ¶
type Rc ¶
type Rc int32
Rc as declared in ykpiv/ykpiv.h:61
const ( OK Rc = iota MEMORYERROR Rc = -1 PCSCERROR Rc = -2 SIZEERROR Rc = -3 APPLETERROR Rc = -4 AUTHENTICATIONERROR Rc = -5 RANDOMNESSERROR Rc = -6 GENERICERROR Rc = -7 KEYERROR Rc = -8 PARSEERROR Rc = -9 WRONGPIN Rc = -10 INVALIDOBJECT Rc = -11 ALGORITHMERROR Rc = -12 PINLOCKED Rc = -13 )
Rc enumeration from ykpiv/ykpiv.h:61
func Authenticate ¶
Authenticate function as declared in ykpiv/ykpiv.h:74
func ChangePin ¶
func ChangePin(state []State, currentPin string, currentPinLen uint, newPin string, newPinLen uint, tries []int32) Rc
ChangePin function as declared in ykpiv/ykpiv.h:89
func ChangePuk ¶
func ChangePuk(state []State, currentPuk string, currentPukLen uint, newPuk string, newPukLen uint, tries []int32) Rc
ChangePuk function as declared in ykpiv/ykpiv.h:92
func DecipherData ¶
func DecipherData(state []State, encIn string, inLen uint, encOut []byte, outLen []uint, algorithm byte, key byte) Rc
DecipherData function as declared in ykpiv/ykpiv.h:84
func Disconnect ¶
Disconnect function as declared in ykpiv/ykpiv.h:70
func FetchObject ¶
FetchObject function as declared in ykpiv/ykpiv.h:98
func GetVersion ¶
GetVersion function as declared in ykpiv/ykpiv.h:87
func ImportPrivateKey ¶
func ImportPrivateKey(state []State, key byte, algorithm byte, p string, pLen uint, q string, qLen uint, dp string, dpLen uint, dq string, dqLen uint, qinv string, qinvLen uint, ecData string, ecDataLen byte, pinPolicy byte, touchPolicy byte) Rc
ImportPrivateKey function as declared in ykpiv/ykpiv.h:104
func ListReaders ¶
ListReaders function as declared in ykpiv/ykpiv.h:69
func SaveObject ¶
SaveObject function as declared in ykpiv/ykpiv.h:102
func SetMgmkey2 ¶
SetMgmkey2 function as declared in ykpiv/ykpiv.h:100
func SignData ¶
func SignData(state []State, signIn string, inLen uint, signOut []byte, outLen []uint, algorithm byte, key byte) Rc
SignData function as declared in ykpiv/ykpiv.h:78
func TransferData ¶
func TransferData(state []State, templ string, inData string, inLen int, outData []byte, outLen []uint, sw []int32) Rc
TransferData function as declared in ykpiv/ykpiv.h:71
type State ¶
type State C.ykpiv_state
State as declared in ykpiv/ykpiv.h:44
func NewState ¶
func NewState() *State
NewState allocates a new C object of this type and converts the reference into a raw struct reference without wrapping.
func NewStateRef ¶
NewStateRef converts the C object reference into a raw struct reference without wrapping.
func (*State) PassRef ¶
func (x *State) PassRef() *C.ykpiv_state
PassRef returns a reference to C object as it is or allocates a new C object of this type.
func (*State) Ref ¶
func (x *State) Ref() *C.ykpiv_state
Ref returns a reference to C object as it is.
Source Files
Click to show internal directories.
Click to hide internal directories.