Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Add support for development signing using Yubikey 4 on macOS
See ukf/ukf-meta#221.
Showing
2 changed files
with
31 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,26 +1,43 @@ | ||
| # | ||
| # macosx.properties | ||
| # | ||
| # Properties for Mac OS X builds. Properties defined here override | ||
| # Properties for macOS builds. Properties defined here override | ||
| # those defined in default.properties, but may be overridden by | ||
| # properties defined in a machine-specific build.properties file. | ||
| # | ||
|
|
||
| # As most use cases for macOS builds are for development purposes, | ||
| # you should normally add overriding properties to build.properties | ||
| # rather than editing this file. Examples are provided below. | ||
| # | ||
| # Location of the PKCS#11 configuration file for OpenSC on Mac OS X. | ||
|
|
||
| # | ||
| # This varies depending on which version of OpenSC is installed. | ||
| # Location of the PKCS#11 configuration file for OpenSC on macOS. | ||
| # | ||
| # If the standard installer was used: | ||
| # This varies depending on which token you are using. The default | ||
| # configuration assumes an OpenSC-supported token such as the Nitrokey HSM | ||
| # accessed through a version of OpenSC installed using the standard installer: | ||
| # | ||
| sign.uk.pkcs11Config = ${basedir}/mdx/uk/opensc-mac.cfg | ||
| # | ||
| # If the MacPorts system was used, override this by placing the following | ||
| # For an OpenSC-supported token accessed through a MacPorts-installed | ||
| # version of OpenSC, override this by placing the following | ||
| # definition in the local build.properties file: | ||
| # | ||
| #sign.uk.pkcs11Config = ${basedir}/mdx/uk/opensc-mac-macports.cfg | ||
| # | ||
| # For a Yubikey, use this override in build.properties: | ||
| # | ||
| #sign.uk.pkcs11Config = ${basedir}/mdx/uk/yubikey-mac.cfg | ||
|
|
||
| # | ||
| # Signing key alias within the keystore. | ||
| # | ||
| # Default is suitable for something like the Nitrokey HSM: | ||
| # | ||
| sign.uk.keyAlias = key10 | ||
| # | ||
| # For a PIV token such as the Yubikey 4, override this by | ||
| # adding an override in build.properties. The following, for | ||
| # example, corresponds to PIV slot 82: | ||
| # | ||
| #sign.uk.keyAlias = X.509 Certificate for Retired Key 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| # | ||
| # PKCS#11 provider configuration for Yubikey 4 running under Mac OS X. | ||
| # | ||
| # This assumes a copy of the yubico-piv-tool-2.0.0-mac package unpacked and | ||
| # manually moved under /usr/local. | ||
| # | ||
| name = Yubikey | ||
| library = /usr/local/yubico-piv-tool/lib/libykcs11.dylib |