Jack Grigg
45f6580be4
Request PIN before certificate generation if PIN policy is "always"
...
We also correctly ask for a PIN touch after the key is generated (which
does not need it) but before certificate generation (which does if the
touch policy is not "none").
Closes str4d/age-plugin-yubikey#101 .
2023-01-03 02:20:51 +00:00
Jack Grigg
00ab2c756e
Don't re-request a cached PIN for identities with PIN policy "once"
2023-01-02 19:06:37 +00:00
Jack Grigg
9418921dab
Disconnect without resetting YubiKeys if it is safe to do so
...
This enables the PIN caches to be preserved across age-plugin-yubikey
processes, allowing PIN policies of "once" to become meaningful.
2023-01-02 19:06:37 +00:00
vlkrs
9ac72cd66f
Add recommendations for {Open,Free}BSD when pcscd isn't running.
2023-01-01 15:30:40 +01:00
Jack Grigg
a6a5ad109e
Fix clippy lints
2023-01-01 14:07:23 +00:00
Jack Grigg
25fcd353f3
dialoguer 0.10
2023-01-01 14:07:22 +00:00
Jack Grigg
d8ab6e373e
base64 0.20
2023-01-01 14:06:35 +00:00
Jack Grigg
f45ff653b8
Bump cryptographic dependencies
...
- age-plugin 0.4
- bech32 0.9
- p256 0.11
- sha2 0.10
- x509-parser 0.14
- yubikey 0.7
2023-01-01 14:06:34 +00:00
Jack Grigg
1dfadc7e27
Clean up key::filter_connected
2023-01-01 13:29:30 +00:00
Jack Grigg
fc66d9f6fd
Add helper methods for filtering available keys
2023-01-01 13:27:10 +00:00
Jack Grigg
d8eb198e97
Move certificate parsing into Metadata::extract
2023-01-01 13:27:10 +00:00
str4d
c8f9df1b45
Merge pull request #95 from str4d/94-yubikey-agent-sighup
...
Extend "sharing violation" logic to send SIGHUP to `yubikey-agent` processes
2023-01-01 13:24:57 +00:00
Jack Grigg
3597d96332
Correctly hunt agents in plugin mode
2023-01-01 13:18:41 +00:00
Jack Grigg
1913838f8e
Hunt for yubikey-agent
2023-01-01 12:52:17 +00:00
Jack Grigg
6e47448560
Generalise code for hunting agents that may be holding YubiKeys
2023-01-01 12:52:17 +00:00
Jack Grigg
ac7b04a61d
Add keyword argument support to fl! and wlnfl! macros
2022-12-31 14:31:25 +00:00
Jack Grigg
493479344c
De-duplicate parsing recipients from SubjectPublicKeyInfo
2022-12-31 12:49:44 +00:00
Jack Grigg
e4ef700263
Give guidance on reconfiguring YubiKeys with unprotected management keys
...
Closes str4d/age-plugin-yubikey#21 .
2022-12-30 10:18:17 +00:00
Jack Grigg
15c53e42df
Stop scdaemon if it is holding exclusive access to a YubiKey
...
Closes str4d/age-plugin-yubikey#82 .
2022-12-30 09:28:24 +00:00
Jack Grigg
d38743a2fc
Inform users when pcscd is required
...
Closes str4d/age-plugin-yubikey#83 .
2022-12-29 05:09:47 +00:00
Jack Grigg
fb5a1060bd
Check the length of the bytes passed to Stub::from_bytes
...
This will be zero-length when the client uses `-j yubikey`.
Closes str4d/age-plugin-yubikey#48 .
2022-05-01 17:59:24 +00:00
Jack Grigg
f8314c5d6d
Enable users to skip YubiKeys at plugging-in time
...
This requires the `confirm` plugin command to be supported by the age
client; otherwise we fall back to the previous message-plus-timer
method.
2022-05-01 15:14:36 +00:00
Jack Grigg
345c155bb4
Don't print message if YubiKey is waiting for touch
...
The user call-to-action will instead be implemented on the client side,
where it can be done in a more forgiving way (allowing the user some
time to react before prompting them that it is waiting on the plugin).
2022-05-01 14:47:55 +00:00
Jack Grigg
a92a843e14
Tag all strings for translation
2022-05-01 14:40:05 +00:00
Jack Grigg
c4fe3f6b1a
Add support for translations
2022-05-01 11:49:06 +00:00
Jack Grigg
5afec288c9
Forbid unsafe code
2022-03-20 16:53:39 +00:00
Jack Grigg
7d2e3a6829
Remove trait imports that are in the 2021 edition prelude
2022-03-20 16:53:39 +00:00
str4d
f1bb46d274
Merge pull request #46 from str4d/37-ignore-otp-string
...
Detect invalid PIN lengths and ask the user again
2022-03-20 14:57:48 +00:00
Jack Grigg
2fc2dcd1c3
Unify the touch request messages
...
This is also a good test for sending emojis through the age plugin IPC
protocol.
2021-12-20 03:22:25 +00:00
Jack Grigg
68ac19017e
Detect invalid PIN lengths and ask the user again
...
We also detect the specific case where the PIN returned by the user is
likely a YubiKey OTP, generated by the user touching it early.
Closes str4d/age-plugin-yubikey#37 .
2021-12-19 01:31:54 +00:00
Jack Grigg
e5bdffa5cc
Print message if YubiKey is waiting for touch
...
Closes str4d/age-plugin-yubikey#44 .
2021-12-19 00:28:27 +00:00
Jack Grigg
822a10f8f6
yubikey 0.5
2021-11-21 15:51:54 +00:00
Jack Grigg
f2237ed2a7
yubikey 0.4
2021-10-18 21:11:42 +01:00
Jack Grigg
399f0b4c11
Rename crate::yubikey to crate::key
...
So that it doesn't conflict with the renamed `yubikey` crate.
2021-10-18 21:07:23 +01:00
Jack Grigg
77bd7aa3a3
age-plugin 0.2
2021-10-18 20:37:28 +01:00
Jack Grigg
f5f140d172
Fix various clippy lints
2021-08-20 16:22:22 +01:00
Jack Grigg
2c90195f99
Check PIN policy before requesting PIN
...
Closes str4d/age-plugin-yubikey#34 .
2021-08-20 15:11:39 +01:00
Jack Grigg
30f4d00902
Move verify_pin after Stub::connect
...
If all we want is to determine the recipient, we don't need to verify
the PIN.
Closes str4d/age-plugin-yubikey#30 .
2021-08-20 15:08:14 +01:00
Jack Grigg
7f43d15942
Use CLI error type to render errors from yubikey.verify_pin()
...
This ensures that the attempts-before-blocked counter is displayed to
users during the plugin protocol.
2021-08-20 13:18:11 +01:00
Jack Grigg
d36da3fe2d
Prevent --force from being used with the TUI or unexpected commands
...
We may want to use --force with some of these later, so we shouldn't
allow it to be a no-op at present.
2021-05-02 09:43:19 +12:00
Jack Grigg
65082edf22
Prevent --slot from being used with --list-all
2021-05-02 09:31:35 +12:00
Jack Grigg
bf58ee9b82
TUI: Remove redundant example
2021-05-02 09:24:31 +12:00
Jack Grigg
9276725a9a
TUI: Ensure that identity file data is written
2021-05-02 09:24:16 +12:00
Jack Grigg
ba3ccda8ce
TUI: Use rage binary in example commands if installed
2021-05-02 09:23:58 +12:00
Jack Grigg
458a09125f
Make --list{-all} and --identity behave the same way
...
- Both commands print all slots from all connected YubiKeys by default.
- If --serial is specified (without --slot) then print all slots in that
YubiKey.
- If --slot is specified then then instead print a single slot (requiring
--serial if necessary to select a single YubiKey).
Closes str4d/age-plugin-yubikey#26 .
2021-05-02 08:48:05 +12:00
Jack Grigg
2a013fc018
Add example commands to end of TUI
...
Closes str4d/age-plugin-yubikey#25 .
2021-05-02 08:48:05 +12:00
Jack Grigg
c230d93726
TUI: Write identity to file
...
Closes str4d/age-plugin-yubikey#23 .
2021-05-02 08:48:05 +12:00
Jack Grigg
acdbb79083
Use non-short flags as defaults for TUI
...
Closes str4d/age-plugin-yubikey#27 .
2021-05-02 08:48:05 +12:00
Jack Grigg
d9b4fba546
Collect flag-parsing logic into PluginFlags struct
2021-05-02 08:48:05 +12:00
Jack Grigg
d4eae4d631
Add name field to TUI
...
Closes str4d/age-plugin-yubikey#28 .
2021-05-02 08:48:05 +12:00