docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move yubikey import role check to avoid excessive passphrase prompting 

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy 2016-02-24 14:29:40 -08:00
parent e692e5d69e
commit d69d0188a4
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
trustmanager/yubikey/yubikeystore.go
View File

@ -765,15 +765,15 @@ func (s *YubiKeyStore) ExportKey(keyID string) ([]byte, error) {
// ImportKey imports a root key into a Yubikey // ImportKey imports a root key into a Yubikey
func (s *YubiKeyStore) ImportKey(pemBytes []byte, keyPath string) error { func (s *YubiKeyStore) ImportKey(pemBytes []byte, keyPath string) error {
logrus.Debugf("Attempting to import: %s key inside of YubiKeyStore", keyPath) logrus.Debugf("Attempting to import: %s key inside of YubiKeyStore", keyPath)
if keyPath != data.CanonicalRootRole {
return fmt.Errorf("yubikey only supports storing root keys")
}
privKey, _, err := trustmanager.GetPasswdDecryptBytes( privKey, _, err := trustmanager.GetPasswdDecryptBytes(
s.passRetriever, pemBytes, "", "imported root") s.passRetriever, pemBytes, "", "imported root")
if err != nil { if err != nil {
logrus.Debugf("Failed to get and retrieve a key from: %s", keyPath) logrus.Debugf("Failed to get and retrieve a key from: %s", keyPath)
return err return err
} }
if keyPath != data.CanonicalRootRole {
return fmt.Errorf("yubikey only supports storing root keys")
}
_, err = s.addKey(privKey.ID(), "root", privKey) _, err = s.addKey(privKey.ID(), "root", privKey)
return err return err
} }