From 677e99793e9f338cffca4a15f798524cc2375ce5 Mon Sep 17 00:00:00 2001 From: Mariano Cano Date: Thu, 7 May 2020 18:35:10 -0700 Subject: [PATCH] Create alternative yubikey file when cgo is not enabled. This yubikey will always fail. --- kms/yubikey/yubikey.go | 2 ++ kms/yubikey/yubikey_no_cgo.go | 52 +++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 kms/yubikey/yubikey_no_cgo.go diff --git a/kms/yubikey/yubikey.go b/kms/yubikey/yubikey.go index c435f676..f97a677c 100644 --- a/kms/yubikey/yubikey.go +++ b/kms/yubikey/yubikey.go @@ -1,3 +1,5 @@ +// +build cgo + package yubikey import ( diff --git a/kms/yubikey/yubikey_no_cgo.go b/kms/yubikey/yubikey_no_cgo.go new file mode 100644 index 00000000..2d6f7bfa --- /dev/null +++ b/kms/yubikey/yubikey_no_cgo.go @@ -0,0 +1,52 @@ +// +build !cgo + +package yubikey + +import ( + "context" + "crypto" + "crypto/x509" + + "github.com/pkg/errors" + "github.com/smallstep/certificates/kms/apiv1" +) + +// +build !cgo + +// YubiKey implements the KMS interface on a YubiKey. +type YubiKey struct{} + +// New always fails without CGO. +func New(ctx context.Context, opts apiv1.Options) (*YubiKey, error) { + return nil, errors.New("YubiKey is not supported without cgo") +} + +// LoadCertificate always fails without CGO. +func (k *YubiKey) LoadCertificate(req *apiv1.LoadCertificateRequest) (*x509.Certificate, error) { + return nil, errors.New("YubiKey is not supported without cgo") +} + +// StoreCertificate always fails without CGO. +func (k *YubiKey) StoreCertificate(req *apiv1.StoreCertificateRequest) error { + return errors.New("YubiKey is not supported without cgo") +} + +// GetPublicKey always fails without CGO. +func (k *YubiKey) GetPublicKey(req *apiv1.GetPublicKeyRequest) (crypto.PublicKey, error) { + return nil, errors.New("YubiKey is not supported without cgo") +} + +// CreateKey always fails without CGO. +func (k *YubiKey) CreateKey(req *apiv1.CreateKeyRequest) (*apiv1.CreateKeyResponse, error) { + return nil, errors.New("YubiKey is not supported without cgo") +} + +// CreateSigner always fails without CGO. +func (k *YubiKey) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer, error) { + return nil, errors.New("YubiKey is not supported without cgo") +} + +// Close always fails without CGO. +func (k *YubiKey) Close() error { + return errors.New("YubiKey is not supported without cgo") +}