Document the steps needed to enable YubiKey 5C signing support on linux

openlawlibrary / taf

The Archive Framework

GNU Affero General Public License v3.0

10 stars 10 forks source link

Document the steps needed to enable YubiKey 5C signing support on linux #527

Open n-dusan opened 2 months ago

n-dusan commented 2 months ago

Currently, signing with the YubiKey 5C does not work on linux. When attempting to sign, the stacktrace is:

  File "/home/dnikolic/taf/taf/repository_tool.py", line 170, in yubikey_signature_provider
    signature = yk.sign_piv_rsa_pkcs1v15(data, pin)
  File "/home/dnikolic/taf/taf/yubikey.py", line 89, in decorator
    raise YubikeyError(err_msg) from e
taf.exceptions.YubikeyError: Cannot sign data. Reason: (ApduError) APDU error: SW=0x6a80

renatav commented 2 months ago

Not necessarily a simple issue, but it does not require a lot of domain knowledge. An intern or a volunteer could work on this, as long as we can give them a yk. I'm going to add a good first issue label for that reason.