Jack Grigg
ac04615219
Ignore smart cards that don't have a PIV applet
...
Closes str4d/age-plugin-yubikey#78 .
2023-03-23 14:33:13 +09:00
Jack Grigg
e86cd8113c
Intercept PIN errors and replace with PUK errors as necessary
...
Once iqlusioninc/yubikey.rs#479 is part of a `yubikey` release we
can migrate to, this will mean that users get correctly notified
of incorrect PUK entry, instead of being told it is an incorrect
PIN issue.
2023-02-12 20:47:58 +00:00
str4d
bf437663af
Merge pull request #116 from str4d/avoid-resetting-unused-yubikeys
...
Avoid resetting unused YubiKeys
2023-02-11 04:57:23 +00:00
Jack Grigg
665aedbbba
Merge branch 'version-0.3.3' back into main
2023-02-11 04:51:58 +00:00
Jack Grigg
d2132b4ac2
Prevent changing the default PIN to itself
...
Closes str4d/age-plugin-yubikey#120 .
2023-02-11 02:47:55 +00:00
Jack Grigg
ff3e8e37c9
Treat pcsc::Error::NoSmartcard as a "YubiKey disconnected" error
...
Some SmartCard readers report this error when no SmartCard is inserted,
so we need to check for it when filtering for connected YubiKeys (along
with `pcsc::Error::RemovedCard` which some _other_ SmartCard readers
report instead).
Closes str4d/age-plugin-yubikey#81 .
2023-01-30 00:39:08 +00:00
Jack Grigg
b1710e8d69
Enforce correct PIN lengths during YubiKey setup
...
The behaviour of `age-plugin-yubikey` during setup now matches its
behaviour during plugin usage.
2023-01-29 23:00:46 +00:00
Jack Grigg
55bfa5dafb
Avoid resetting YubiKeys that don't match the desired serial
...
If multiple YubiKeys were connected, and the one we needed for plugin
encryption or decryption was not first in the list of readers, any
YubiKeys before it were being reset upon drop. We now explicitly
disconnect without resetting, since we only access these YubiKeys as a
side-effect of finding the one we need.
2023-01-29 14:16:35 +00:00
Jack Grigg
90b61682bd
Don't reset tested YubiKeys in key::filter_connected
...
This method only connects to YubiKeys in order to confirm it can do so
(i.e. as a side-effect). We therefore want to explicitly disconnect
without resetting the YubiKeys, to avoid clearing PIN caches.
2023-01-29 14:16:35 +00:00
Jack Grigg
00ab2c756e
Don't re-request a cached PIN for identities with PIN policy "once"
2023-01-02 19:06:37 +00:00
Jack Grigg
9418921dab
Disconnect without resetting YubiKeys if it is safe to do so
...
This enables the PIN caches to be preserved across age-plugin-yubikey
processes, allowing PIN policies of "once" to become meaningful.
2023-01-02 19:06:37 +00:00
Jack Grigg
25fcd353f3
dialoguer 0.10
2023-01-01 14:07:22 +00:00
Jack Grigg
1dfadc7e27
Clean up key::filter_connected
2023-01-01 13:29:30 +00:00
Jack Grigg
fc66d9f6fd
Add helper methods for filtering available keys
2023-01-01 13:27:10 +00:00
Jack Grigg
d8eb198e97
Move certificate parsing into Metadata::extract
2023-01-01 13:27:10 +00:00
str4d
c8f9df1b45
Merge pull request #95 from str4d/94-yubikey-agent-sighup
...
Extend "sharing violation" logic to send SIGHUP to `yubikey-agent` processes
2023-01-01 13:24:57 +00:00
Jack Grigg
3597d96332
Correctly hunt agents in plugin mode
2023-01-01 13:18:41 +00:00
Jack Grigg
1913838f8e
Hunt for yubikey-agent
2023-01-01 12:52:17 +00:00
Jack Grigg
6e47448560
Generalise code for hunting agents that may be holding YubiKeys
2023-01-01 12:52:17 +00:00
Jack Grigg
ac7b04a61d
Add keyword argument support to fl! and wlnfl! macros
2022-12-31 14:31:25 +00:00
Jack Grigg
493479344c
De-duplicate parsing recipients from SubjectPublicKeyInfo
2022-12-31 12:49:44 +00:00
Jack Grigg
15c53e42df
Stop scdaemon if it is holding exclusive access to a YubiKey
...
Closes str4d/age-plugin-yubikey#82 .
2022-12-30 09:28:24 +00:00
Jack Grigg
fb5a1060bd
Check the length of the bytes passed to Stub::from_bytes
...
This will be zero-length when the client uses `-j yubikey`.
Closes str4d/age-plugin-yubikey#48 .
2022-05-01 17:59:24 +00:00
Jack Grigg
f8314c5d6d
Enable users to skip YubiKeys at plugging-in time
...
This requires the `confirm` plugin command to be supported by the age
client; otherwise we fall back to the previous message-plus-timer
method.
2022-05-01 15:14:36 +00:00
Jack Grigg
345c155bb4
Don't print message if YubiKey is waiting for touch
...
The user call-to-action will instead be implemented on the client side,
where it can be done in a more forgiving way (allowing the user some
time to react before prompting them that it is waiting on the plugin).
2022-05-01 14:47:55 +00:00
Jack Grigg
a92a843e14
Tag all strings for translation
2022-05-01 14:40:05 +00:00
Jack Grigg
7d2e3a6829
Remove trait imports that are in the 2021 edition prelude
2022-03-20 16:53:39 +00:00
str4d
f1bb46d274
Merge pull request #46 from str4d/37-ignore-otp-string
...
Detect invalid PIN lengths and ask the user again
2022-03-20 14:57:48 +00:00
Jack Grigg
2fc2dcd1c3
Unify the touch request messages
...
This is also a good test for sending emojis through the age plugin IPC
protocol.
2021-12-20 03:22:25 +00:00
Jack Grigg
68ac19017e
Detect invalid PIN lengths and ask the user again
...
We also detect the specific case where the PIN returned by the user is
likely a YubiKey OTP, generated by the user touching it early.
Closes str4d/age-plugin-yubikey#37 .
2021-12-19 01:31:54 +00:00
Jack Grigg
e5bdffa5cc
Print message if YubiKey is waiting for touch
...
Closes str4d/age-plugin-yubikey#44 .
2021-12-19 00:28:27 +00:00
Jack Grigg
f2237ed2a7
yubikey 0.4
2021-10-18 21:11:42 +01:00
Jack Grigg
399f0b4c11
Rename crate::yubikey to crate::key
...
So that it doesn't conflict with the renamed `yubikey` crate.
2021-10-18 21:07:23 +01:00