Skip to content

Private Keys and Provision Subjects
Compare
Choose a tag to compare
@obelisk obelisk released this 22 Jan 05:00
· 71 commits to master since this release
v0.3.3
3beecd7

Two major things in this release:

Private Key Parsing

OpenSSH has its own proprietary format for storing SSH keys. Sometimes being able to parse these keys is useful (if you need to sign something with your SSH key for example). There is now a module that will do a best effort parsing of the file format. The format contains the entire public key as well so you get that for free as a field.

Setting The Subject in Provision

Generally provision is just used to create private keys but because of a quirk of the PCSC spec (I think) we can only retrieve the public key from a slot if there is a certificate loaded in it. Provision will create this certificate just to hold the public key for us to retrieve later but this has the effect of allowing us to store data in the Subject field. You can now specify this data and it is shown in they yk-fingerprint tool.

This is used in the Rustica project to let you easily label your keys as they may all have different roles and permissions.

Assets 2
Loading