-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support AES Management keys #109
Comments
Thanks for opening! The main issue looks like this package's signatures expect a 24 byte key:
Where as AES-128, AES-192, or AES-256 are 16, 24, and 32 bytes respectively. Out of curiosity, is there a reason DES doesn't work for you? In most threat models I've worked in, the ability to generate a new key isn't as important, since it would have to be attested to be unexportable anyway. |
Per Yubico tech :
|
Any updates on or progress on adding this? EDIT: Just saw #146 (comment) |
smallstep/crypto#114
Currently this library doesn't support AES management keys as described in https://docs.yubico.com/hardware/yubikey/yk-5/tech-manual/yk5-piv-tech-desc.html#piv-aes-management-key
The text was updated successfully, but these errors were encountered: