-
-
Notifications
You must be signed in to change notification settings - Fork 501
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hardware tokens #137
Comments
It is. Check out the "Later" section at https://age-encryption.org/v1 Author already implemented the necessary PKCS#11 handling parts for another project at https://github.com/FiloSottile/yubikey-agent. Maybe someone will contribute such code, maybe the author will add the feature when they can find time. |
This is blocking on the plugin system (currently under design), which is how we plan to support hardware tokens. I implemented an initial draft of YubiKey support in str4d/rage#25, but it's likely to be revised once reworked as an age plugin. |
That's great news! Thanks! Shall I close this, or would it be useful to keep it open? |
As far as I understand, go-piv/piv-go#79 is needed to do ECDH with Yubikeys from pure Go (EDIT: as pure as it gets, at this time). Input on the API would be welcome, I guess? Just doing a drive-by contribution... |
Related: #142 |
Heads up: I have a age-plugin-yubikey prototype that just started working right. It relies on the plugin mechanism implemented in rage v0.5.0. Next up: clean up the code base, then I'll publish it with a big "unstable format" sticker. |
@tv42 if you haven't seen it, I already have a YubiKey Rust plugin at https://github.com/str4d/age-plugin-yubikey which is working (the full impl is in this branch and I'm incrementally cleaning it up and merging to main); if you're building something in another language, we should sync to ensure you are using the same protocol. |
@str4d I read your plugin but only found the nonfunctional code on master. Will take a second look. |
@str4d My code is now format-compatible with yours, you can mix & match encryption and decryption plugins and everything works. Clean up and then publishing... |
Here's my implementation of Yubikey support as a plugin: https://github.com/tv42/yubage Nudge @str4d |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Hi there,
This isn't really a bug report.
I was wondering if there's any plan to allow the use of hardware tokens (like yubikey) with age?
I'm super-keen to ditch gpg, but I'd also like to be able to use my yubikeys!
Thanks
The text was updated successfully, but these errors were encountered: