-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.go
105 lines (86 loc) · 2.2 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package main
import (
"flag"
"log"
"strings"
"github.com/go-piv/piv-go/piv"
)
func main() {
setupFlag := flag.Bool("setup", false, "setup: configure a new YubiKey")
resetFlag := flag.Bool("reset", false, "reset: reset a YubiKey")
encryptFlag := flag.Bool("encrypt", false, "encrypt: encrypt some file")
fileNameFlag := flag.String("filename", "", "filename: file to encrypt or decrypt")
decryptFlag := flag.Bool("decrypt", false, "decrypt: decrypt some file")
flag.Parse()
yk := connect()
core := &Core{}
core.YK = yk
if *setupFlag {
log.SetFlags(0)
if *resetFlag {
core.ResetPin()
}
pin := setPinPrompt()
core.Pin = pin
core.setPinToYubiKey()
core.generateKeyPair()
log.Println("Yubikey Setup Successfully")
} else {
pin := getPINPrompt()
core.Pin = pin
core.AuthenticatePin()
log.Println("Yubikey Configuration Authenticated")
core.GetECDSAPublicKey()
core.GetPrivateKey()
if err := checkObjects(core); err != nil {
log.Fatal(err)
}
}
if *encryptFlag {
if err := ensureYK(core.YK); err != nil {
log.Fatal("Need Keep YubiKey inserted")
}
if fileNameFlag == nil {
log.Fatal("Must specify a file name")
}
AESKey := core.GenerateAESKey()
filename := EncryptFile(*fileNameFlag, AESKey)
log.Println("Yubikey File Encryted Successfully")
log.Println(filename)
}
if *decryptFlag {
if err := ensureYK(core.YK); err != nil {
log.Fatal("Need Keep YubiKey inserted")
}
if fileNameFlag == nil {
log.Fatal("Must specify a file name")
}
AESKey := core.GenerateAESKey()
filename := DecryptFile(*fileNameFlag, AESKey)
log.Println("Yubikey File Decryted Successfully")
log.Println(filename)
}
}
func connect() *piv.YubiKey {
// List all smartCards connected to the system.
cards, err := piv.Cards()
if err != nil {
log.Fatalln("Failed to enumerate tokens:", err)
}
if len(cards) == 0 {
log.Fatalln("No YubiKeys detected!")
}
// Find a YubiKey and open the reader.
var yk *piv.YubiKey
for _, card := range cards {
if strings.Contains(strings.ToLower(card), "yubikey") {
if tx, err := piv.Open(card); err != nil {
log.Fatalln("Failed to connect to the YubiKey:", err)
} else {
yk = tx
}
break
}
}
return yk
}