[Feat] PIV: Manage Retired Key Slots

Yubico / yubioath-flutter

Yubico Authenticator for Desktop (Windows, macOS and Linux) and Android

https://developers.yubico.com/yubioath-flutter/

Apache License 2.0

997 stars 136 forks source link

[Feat] PIV: Manage Retired Key Slots #1587

Open zhiyan114 opened 3 months ago

zhiyan114 commented 3 months ago

It seems like PIV menu only allows the user to manage the first 4 slot. I was wondering if we can extend that to retired slot so that we can do basic management on those slot without the need to use PIV tools (which is for more advanced use case).

elibon99 commented 3 months ago

We do support Retired Key Slots Management. If the retired slots contain a certificate and/or key (i.e. are non-empty), they will be displayed and available for basic management operations such as exporting or deleting certificates, and deleting or moving keys. This feature is mainly intended for the new 5.7 firmware where you’re able to move keys between slots.

zhiyan114 commented 3 months ago

Oh, I was thinking if we could manually import keys to those retired slots for older keys without using the PIV tool.

elibon99 commented 3 months ago

Nothing we have planned for now, but we may add support for this in a future release.