// ensures that the root is actually on the yubikey - this makes sure the
// commands are hooked up to interact with the yubikey, rather than right files
// on disk
func verifyRootKeyOnHardware(t *testing.T, rootKeyID string) {
	// do not bother verifying if there is no yubikey available
	if yubikey.YubikeyAccessible() {
		// //we're just getting keys here, so nil is fine
		s, err := yubikey.NewYubiKeyStore(nil, retriever)
		assert.NoError(t, err)
		privKey, role, err := s.GetKey(rootKeyID)
		assert.NoError(t, err)
		assert.NotNil(t, privKey)
		assert.Equal(t, data.CanonicalRootRole, role)
	}
}
Exemple #2
0
// clear out all keys
func init() {
	yubikey.SetYubikeyKeyMode(0)
	if !yubikey.YubikeyAccessible() {
		return
	}
	store, err := yubikey.NewYubiKeyStore(nil, nil)
	if err == nil {
		for k := range store.ListKeys() {
			store.RemoveKey(k)
		}
	}
}