Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot generate an identity with Yubikey 4 #84

Closed
djmoch opened this issue Dec 11, 2022 · 6 comments
Closed

Cannot generate an identity with Yubikey 4 #84

djmoch opened this issue Dec 11, 2022 · 6 comments
Milestone
0.4.0

Comments

@djmoch
Copy link

djmoch commented Dec 11, 2022
edited
Loading

Environment

  • OS: Alpine Linux 3.16.2
  • age-plugin-yubikey version: 0.3.0

What were you trying to do

Generate an identity to install to my Yubikey 4.

What happened

$ ./age-plugin-yubikey
✨ Let's get your YubiKey set up for age! ✨

This tool can create a new age identity in a free slot of your YubiKey.
It will generate an identity file that you can use with an age client,
along with the corresponding recipient. You can also do this directly
with:
    age-plugin-yubikey --generate

If you are already using a YubiKey with age, you can select an existing
slot to recreate its corresponding identity file and recipient.

When asked below to select an option, use the up/down arrow keys to
make your choice, or press [Esc] or [q] to quit.

thread 'main' panicked at 'range end index 4 out of range for slice of length 0', /home/djmoch/.cargo/registry/src/jackfan.us.kg-1ecc6299db9ec823/yubikey-0.5.0/src/transaction.rs:160:9
@djmoch
Copy link
Author

djmoch commented Dec 12, 2022
edited
Loading

Without looking into it further, I'm assuming this is an issue in the yubikey crate. I'll leave this here for feedback or until I can confirm.

@djmoch
Copy link
Author

djmoch commented Dec 16, 2022

It turns out this was not an issue with anything in the application, but with the Yubikey device itself. Are Yubikey 4 devices really supported? Here's the info on the non-functioning device.

$ ykman info
Device type: YubiKey 4
Firmware version: 4.3.3
Enabled USB interfaces: OTP, FIDO, CCID

Applications
FIDO2       	Not available	
OTP         	Enabled      	
FIDO U2F    	Enabled      	
OATH        	Enabled      	
YubiHSM Auth	Not available	
OpenPGP     	Enabled      	
PIV         	Enabled

Anyway, I ordered a Yubikey 5 and it appears to be working just fine.

@djmoch djmoch closed this as completed Dec 16, 2022
@mihaigalos
Copy link

@djmoch, there's an Alpine Docker PR in case you want to use it: #69.

@str4d
Copy link
Owner

str4d commented Dec 28, 2022

This indeed looks like a problem with the yubikey crate. Supposedly we support YubiKey 4 there; this must be an edge case we haven't seen before. I'm curious as to whether it is a problem with that specific YubiKey, or with the YubiKey 4.3.3 firmware.

@djmoch
Copy link
Author

djmoch commented Jan 5, 2023
edited
Loading

@str4d I see it works with a Yubikey 4C FIPS with firmware 4.4.5. This is conversation is probably better handled over at the yubikey.rs repo, so I'll open an issue there.

@djmoch djmoch changed the title Cannot generate an identity on Alpine Linux Cannot generate an identity with Yubikey 4 Jan 5, 2023
@djmoch djmoch mentioned this issue Jan 5, 2023
Closed
@str4d
Copy link
Owner

str4d commented Jan 30, 2023

This issue was fixed by iqlusioninc/yubikey.rs#466 which we brought into main in 9418921 (fix confirmed by #114 (comment)). The fix will be in version 0.4.0 (as it requires a new version of the yubikey crate).

@str4d str4d added this to the 0.4.0 milestone Jan 30, 2023
@str4d str4d mentioned this issue Jan 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.4.0
Development

No branches or pull requests
3 participants
@str4d @djmoch @mihaigalos