Added destroy authkey command

Yubico · Nov 4, 2021 · dd16407 · dd16407
1 parent f42da92
commit dd16407
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 0 deletions.
diff --git a/src/commands.c b/src/commands.c
@@ -2098,6 +2098,29 @@ int yh_com_put_authentication_ex(yubihsm_context *ctx, Argument *argv,
   return 0;
 }
 
+// NOTE: Delete a persistent authentication key
+// argc = 1
+// arg 0: s:key_name
+int yh_com_destroy_authentication_ex(yubihsm_context *ctx, Argument *argv,
+                                     cmd_format in_fmt, cmd_format fmt) {
+
+  UNUSED(ctx);
+  UNUSED(argv);
+  UNUSED(in_fmt);
+  UNUSED(fmt);
+
+  yh_rc yrc = yh_util_destroy_auth_key(argv[0].s);
+
+  if (yrc != YHR_SUCCESS) {
+    fprintf(stderr, "Failed to delete persistent authkey: %s\n",
+            yh_strerror(yrc));
+    return -1;
+  }
+
+  fprintf(stderr, "Deleted Persistent Authentication key 0x%04x\n", argv[1].w);
+  return 0;
+}
+
 #ifdef USE_ASYMMETRIC_AUTH
 // NOTE: Store an asymmetric authentication key
 // argc = 7

diff --git a/src/commands.h b/src/commands.h
@@ -149,6 +149,8 @@ int yh_com_put_authentication(yubihsm_context *ctx, Argument *argv,
                               cmd_format in_fmt, cmd_format fmt);
 int yh_com_put_authentication_ex(yubihsm_context *ctx, Argument *argv,
                                  cmd_format in_fmt, cmd_format fmt);
+int yh_com_destroy_authentication_ex(yubihsm_context *ctx, Argument *argv,
+                                     cmd_format in_fmt, cmd_format fmt);
 #ifdef USE_ASYMMETRIC_AUTH
 int yh_com_put_authentication_asym(yubihsm_context *ctx, Argument *argv,
                                    cmd_format in_fmt, cmd_format fmt);

diff --git a/src/main.c b/src/main.c
@@ -684,6 +684,14 @@ static void create_command_list(CommandList *c) {
                                     NULL, NULL});
 #endif
 
+  *c = register_command(*c, (Command){"destroy", yh_com_noop, NULL, fmt_nofmt,
+                                      fmt_nofmt, "destroy persistent objects",
+                                      NULL, NULL});
+  register_subcommand(*c, (Command){"authkey", yh_com_destroy_authentication_ex,
+                                    "s:key_name", fmt_nofmt, fmt_nofmt,
+                                    "Delete a persisten authentication key",
+                                    NULL, NULL});
+
   *c = msort_list(*c);
 
   for (Command *t = *c; t != NULL; t = t->next) {