Commit Graph

48 Commits

Author SHA1 Message Date
Jack Grigg c57ae544a6 Merge branch 'main' into detect-critical-extensions 2026-04-08 04:31:34 +01:00
Jack Grigg ac22ae1df1 Merge tag 'v0.5.0' into detect-critical-extensions 2026-04-08 04:21:39 +01:00
Jack Grigg eb945b2849 Merge tag 'v0.4.0' into detect-critical-extensions 2026-04-08 04:16:00 +01:00
Jack Grigg 9503f406ae Reject identities with unrecognised critical extensions
We don't know how to correctly use these identities. In particular, some
identities store parts of their private key material in certificate
extensions to work around hardware limitations. Not understanding these
extensions could lead to encrypting with the wrong protocol and
violating security assumptions.
2026-04-08 04:12:35 +01:00
Jack Grigg 0068b1f343 Change default recipient type to p256tag
Identities generated with older versions of `age-plugin-yubikey` show
their legacy recipient in comments; newer identities only show the new
recipient.
2026-04-07 23:44:51 +01:00
Jack Grigg 971d63957c Change recipient type for identity encryption to p256tag
Encrypting to an identity requires the plugin binary, and there is a
reasonable expectation that the same (or a later) plugin binary version
will be used to decrypt, so we can assume support for the preferred
recipient type.
2026-04-07 23:44:51 +01:00
Jack Grigg 0057a1825e Add support for p256tag 2026-04-07 23:44:03 +01:00
Jack Grigg 2a4d129548 Migrate to latest revision of age-core and age-plugin 2026-04-07 18:05:54 +01:00
Jack Grigg 5b44faec44 Refactors for reusability across supported recipients 2025-12-21 11:15:40 +00:00
Jack Grigg 1f1f257ede Rename crate::format to crate::piv_p256 2025-12-21 10:44:35 +00:00
Jack Grigg 144d3088b6 Refactor piv-p256-specific stanza unwrapping onto RecipientLine 2025-12-21 10:44:35 +00:00
Jack Grigg 68e634c04e Migrate to age-plugin 0.6 2025-12-08 00:10:49 +00:00
Jack Grigg 34011088a0 Fix 1.67 clippy lints 2024-07-30 05:42:54 +00:00
Jack Grigg d6729e99ba dialoguer 0.11 2024-07-30 05:27:06 +00:00
Jack Grigg 62f237f859 Provide a better error message when management key authentication fails
We now indicate to the user that AES management key algorithms are not
yet supported, and tell them how to change their management key to use
TDES.

Closes str4d/age-plugin-yubikey#135.
2023-04-09 06:53:25 +00:00
Jack Grigg ac04615219 Ignore smart cards that don't have a PIV applet
Closes str4d/age-plugin-yubikey#78.
2023-03-23 14:33:13 +09:00
Jack Grigg e86cd8113c Intercept PIN errors and replace with PUK errors as necessary
Once iqlusioninc/yubikey.rs#479 is part of a `yubikey` release we
can migrate to, this will mean that users get correctly notified
of incorrect PUK entry, instead of being told it is an incorrect
PIN issue.
2023-02-12 20:47:58 +00:00
str4d bf437663af Merge pull request #116 from str4d/avoid-resetting-unused-yubikeys
Avoid resetting unused YubiKeys
2023-02-11 04:57:23 +00:00
Jack Grigg 665aedbbba Merge branch 'version-0.3.3' back into main 2023-02-11 04:51:58 +00:00
Jack Grigg d2132b4ac2 Prevent changing the default PIN to itself
Closes str4d/age-plugin-yubikey#120.
2023-02-11 02:47:55 +00:00
Jack Grigg ff3e8e37c9 Treat pcsc::Error::NoSmartcard as a "YubiKey disconnected" error
Some SmartCard readers report this error when no SmartCard is inserted,
so we need to check for it when filtering for connected YubiKeys (along
with `pcsc::Error::RemovedCard` which some _other_ SmartCard readers
report instead).

Closes str4d/age-plugin-yubikey#81.
2023-01-30 00:39:08 +00:00
Jack Grigg b1710e8d69 Enforce correct PIN lengths during YubiKey setup
The behaviour of `age-plugin-yubikey` during setup now matches its
behaviour during plugin usage.
2023-01-29 23:00:46 +00:00
Jack Grigg 55bfa5dafb Avoid resetting YubiKeys that don't match the desired serial
If multiple YubiKeys were connected, and the one we needed for plugin
encryption or decryption was not first in the list of readers, any
YubiKeys before it were being reset upon drop. We now explicitly
disconnect without resetting, since we only access these YubiKeys as a
side-effect of finding the one we need.
2023-01-29 14:16:35 +00:00
Jack Grigg 90b61682bd Don't reset tested YubiKeys in key::filter_connected
This method only connects to YubiKeys in order to confirm it can do so
(i.e. as a side-effect). We therefore want to explicitly disconnect
without resetting the YubiKeys, to avoid clearing PIN caches.
2023-01-29 14:16:35 +00:00
Jack Grigg 00ab2c756e Don't re-request a cached PIN for identities with PIN policy "once" 2023-01-02 19:06:37 +00:00
Jack Grigg 9418921dab Disconnect without resetting YubiKeys if it is safe to do so
This enables the PIN caches to be preserved across age-plugin-yubikey
processes, allowing PIN policies of "once" to become meaningful.
2023-01-02 19:06:37 +00:00
Jack Grigg 25fcd353f3 dialoguer 0.10 2023-01-01 14:07:22 +00:00
Jack Grigg 1dfadc7e27 Clean up key::filter_connected 2023-01-01 13:29:30 +00:00
Jack Grigg fc66d9f6fd Add helper methods for filtering available keys 2023-01-01 13:27:10 +00:00
Jack Grigg d8eb198e97 Move certificate parsing into Metadata::extract 2023-01-01 13:27:10 +00:00
str4d c8f9df1b45 Merge pull request #95 from str4d/94-yubikey-agent-sighup
Extend "sharing violation" logic to send SIGHUP to `yubikey-agent` processes
2023-01-01 13:24:57 +00:00
Jack Grigg 3597d96332 Correctly hunt agents in plugin mode 2023-01-01 13:18:41 +00:00
Jack Grigg 1913838f8e Hunt for yubikey-agent 2023-01-01 12:52:17 +00:00
Jack Grigg 6e47448560 Generalise code for hunting agents that may be holding YubiKeys 2023-01-01 12:52:17 +00:00
Jack Grigg ac7b04a61d Add keyword argument support to fl! and wlnfl! macros 2022-12-31 14:31:25 +00:00
Jack Grigg 493479344c De-duplicate parsing recipients from SubjectPublicKeyInfo 2022-12-31 12:49:44 +00:00
Jack Grigg 15c53e42df Stop scdaemon if it is holding exclusive access to a YubiKey
Closes str4d/age-plugin-yubikey#82.
2022-12-30 09:28:24 +00:00
Jack Grigg fb5a1060bd Check the length of the bytes passed to Stub::from_bytes
This will be zero-length when the client uses `-j yubikey`.

Closes str4d/age-plugin-yubikey#48.
2022-05-01 17:59:24 +00:00
Jack Grigg f8314c5d6d Enable users to skip YubiKeys at plugging-in time
This requires the `confirm` plugin command to be supported by the age
client; otherwise we fall back to the previous message-plus-timer
method.
2022-05-01 15:14:36 +00:00
Jack Grigg 345c155bb4 Don't print message if YubiKey is waiting for touch
The user call-to-action will instead be implemented on the client side,
where it can be done in a more forgiving way (allowing the user some
time to react before prompting them that it is waiting on the plugin).
2022-05-01 14:47:55 +00:00
Jack Grigg a92a843e14 Tag all strings for translation 2022-05-01 14:40:05 +00:00
Jack Grigg 7d2e3a6829 Remove trait imports that are in the 2021 edition prelude 2022-03-20 16:53:39 +00:00
str4d f1bb46d274 Merge pull request #46 from str4d/37-ignore-otp-string
Detect invalid PIN lengths and ask the user again
2022-03-20 14:57:48 +00:00
Jack Grigg 2fc2dcd1c3 Unify the touch request messages
This is also a good test for sending emojis through the age plugin IPC
protocol.
2021-12-20 03:22:25 +00:00
Jack Grigg 68ac19017e Detect invalid PIN lengths and ask the user again
We also detect the specific case where the PIN returned by the user is
likely a YubiKey OTP, generated by the user touching it early.

Closes str4d/age-plugin-yubikey#37.
2021-12-19 01:31:54 +00:00
Jack Grigg e5bdffa5cc Print message if YubiKey is waiting for touch
Closes str4d/age-plugin-yubikey#44.
2021-12-19 00:28:27 +00:00
Jack Grigg f2237ed2a7 yubikey 0.4 2021-10-18 21:11:42 +01:00
Jack Grigg 399f0b4c11 Rename crate::yubikey to crate::key
So that it doesn't conflict with the renamed `yubikey` crate.
2021-10-18 21:07:23 +01:00