Commit Graph

90 Commits

Author SHA1 Message Date
Jack Grigg 30f4d00902 Move verify_pin after Stub::connect
If all we want is to determine the recipient, we don't need to verify
the PIN.

Closes str4d/age-plugin-yubikey#30.
2021-08-20 15:08:14 +01:00
Jack Grigg 7f43d15942 Use CLI error type to render errors from yubikey.verify_pin()
This ensures that the attempts-before-blocked counter is displayed to
users during the plugin protocol.
2021-08-20 13:18:11 +01:00
Jack Grigg d36da3fe2d Prevent --force from being used with the TUI or unexpected commands
We may want to use --force with some of these later, so we shouldn't
allow it to be a no-op at present.
2021-05-02 09:43:19 +12:00
Jack Grigg 65082edf22 Prevent --slot from being used with --list-all 2021-05-02 09:31:35 +12:00
Jack Grigg bf58ee9b82 TUI: Remove redundant example 2021-05-02 09:24:31 +12:00
Jack Grigg 9276725a9a TUI: Ensure that identity file data is written 2021-05-02 09:24:16 +12:00
Jack Grigg ba3ccda8ce TUI: Use rage binary in example commands if installed 2021-05-02 09:23:58 +12:00
Jack Grigg 458a09125f Make --list{-all} and --identity behave the same way
- Both commands print all slots from all connected YubiKeys by default.
- If --serial is specified (without --slot) then print all slots in that
  YubiKey.
- If --slot is specified then then instead print a single slot (requiring
  --serial if necessary to select a single YubiKey).

Closes str4d/age-plugin-yubikey#26.
2021-05-02 08:48:05 +12:00
Jack Grigg 2a013fc018 Add example commands to end of TUI
Closes str4d/age-plugin-yubikey#25.
2021-05-02 08:48:05 +12:00
Jack Grigg c230d93726 TUI: Write identity to file
Closes str4d/age-plugin-yubikey#23.
2021-05-02 08:48:05 +12:00
Jack Grigg acdbb79083 Use non-short flags as defaults for TUI
Closes str4d/age-plugin-yubikey#27.
2021-05-02 08:48:05 +12:00
Jack Grigg d9b4fba546 Collect flag-parsing logic into PluginFlags struct 2021-05-02 08:48:05 +12:00
Jack Grigg d4eae4d631 Add name field to TUI
Closes str4d/age-plugin-yubikey#28.
2021-05-02 08:48:05 +12:00
Jack Grigg 64b0ab4e16 Add --list comments to identity output
This improves the output of --generate and --identity, as well as the
interactive TUI.

Closes str4d/age-plugin-yubikey#24.
2021-04-25 12:10:35 +12:00
Jack Grigg 72c5278de0 Hash public key directly for stanza tag
Closes str4d/age-plugin-yubikey#32.
2021-04-23 23:01:08 +12:00
Jack Grigg 6da29e7125 Remove URL prefix from HKDF label
Closes str4d/age-plugin-yubikey#31.
2021-04-23 22:56:43 +12:00
Jack Grigg f05c635d7b clippy fixes 2021-04-15 22:33:33 +12:00
Jack Grigg b1249982de Add direct command flags to pretty CLI interface text 2021-04-15 22:14:13 +12:00
Jack Grigg 9fb8cd5f86 Add version flag 2021-04-15 21:52:43 +12:00
Jack Grigg dd8589811b Improve UI messages for YubiKey management
In particular, we now print out the candidate management key if setting
it as the PIN-protected management key fails.
2021-04-14 00:51:45 +12:00
Jack Grigg 50b873c89f Reliably ignore PIV devices that are not connected
This is primarily to ignore smart card readers that don't have cards
plugged in.
2021-04-14 00:51:45 +12:00
Jack Grigg 33ab757025 Migrate to new age-plugin API 2021-04-13 20:41:34 +12:00
Jack Grigg 63c8d6c303 Rename PLUGIN_NAME to BINARY_NAME 2021-04-12 22:31:46 +12:00
Jack Grigg 771cad885a Always use created date from YubiKey certificate 2021-04-12 18:22:54 +12:00
Jack Grigg 5a85a15341 YubiKey plugin protocol 2021-04-05 23:08:07 +12:00
Jack Grigg f74dd2ec4b Fix clippy lints 2021-04-04 16:55:34 +12:00
Jack Grigg 3ea2463c3c Remove direct dependency on elliptic-curve crate
Using the re-export from p256 ensures we always use the correct version.
2021-04-04 16:48:12 +12:00
Jack Grigg c7f173b43e Rework Recipient to wrap p256::PublicKey 2021-04-04 16:13:57 +12:00
Jack Grigg c5a2b7ee5a Implement no-command pretty CLI 2021-03-29 21:19:20 +13:00
Jack Grigg 4ea8506e49 Extract slot UI indexing into util functions 2021-03-29 21:09:02 +13:00
Jack Grigg 850f96cd2c Implement --generate command
Includes logic to help users manage their keys:

- If the key is using a default PIN, we require the user to change it.
- We set the PUK equal to the PIN so the user doesn't need to remember
  them separately.
- We migrate the default management key to a new PIN-protected key.
2021-03-29 19:02:32 +13:00
Jack Grigg acac62660c list: Ignore PIV devices we can't read from 2021-03-29 18:51:21 +13:00
Jack Grigg b6d70ba1f0 Use env_logger to enable logging
Log output is disabled by default.
2021-03-29 18:43:16 +13:00
Jack Grigg 0f7095a60a Bump to latest age-plugin 2021-03-29 11:00:42 +13:00
Jack Grigg 50e4fee48c bech32 0.8 2021-03-29 10:43:57 +13:00
Jack Grigg 7a527b2be6 Implement --identity command 2021-01-12 02:29:57 +00:00
Jack Grigg babe64da42 Implement --list and --list-all commands
Requires a MSRV of 1.44 due to the transitive dependency on bitvec 0.19.
2021-01-12 02:29:30 +00:00
Jack Grigg 259947386a Add skeleton of administration commands 2020-12-31 23:01:22 +00:00
Jack Grigg 0052d91aad Set up plugin structure 2020-12-31 23:01:22 +00:00
Jack Grigg 61c1460635 Empty age-plugin-yubikey binary crate 2020-08-30 21:39:48 +01:00