libykpiv/piv-tool 1.6.3

lib: promote get_serial to base API
lib: add ykpiv_get_serial to external API
tool: add serial number/version to status command
build: fix msvc build of case insensitive-reader (missing strncasecmp and cast warnings)
lib: consolidate neo/yk4 + yk5 serial number routines
lib: fix GCC 8 compilier warnings
lib: reimplement deauthenticate to select mgmt aid
build: disable -Waggregate-return
lib: fix warning differences between gcc and msvc
lib: add option to disable implicit card transactions
lib: remove application reselect prior to crypt operations
build: fix msvc warnings wrt length checking logic fixes
lib: fix error condition logic in untransacted internal functions
lib: create internal transactionless ykpiv_transfer_data
This commit is contained in:
Dave Pate
2018-09-14 14:29:39 -07:00
parent 311ba9b30c
commit cbd5ba5122
8 changed files with 396 additions and 163 deletions
+16 -3
View File
@@ -304,8 +304,11 @@ des_rc des_encrypt(des_key* key, const unsigned char* in, const size_t inlen, un
#else
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
/* openssl returns void */
DES_ecb3_encrypt((const_DES_cblock *)in, (DES_cblock*)out, &(key->ks1), &(key->ks2), &(key->ks3), 1);
#pragma GCC diagnostic pop
#endif
@@ -336,8 +339,11 @@ des_rc des_decrypt(des_key* key, const unsigned char* in, const size_t inlen, un
#else
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
/* openssl returns void */
DES_ecb3_encrypt((const_DES_cblock*)in, (DES_cblock*)out, &(key->ks1), &(key->ks2), &(key->ks3), 0);
#pragma GCC diagnostic pop
#endif
@@ -400,7 +406,12 @@ bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key) {
return false;
#else
(void)cb_key; /* unused */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
return DES_is_weak_key((const_DES_cblock *)key);
#pragma GCC diagnostic pop
#endif
}
@@ -431,7 +442,7 @@ prng_rc _ykpiv_prng_generate(unsigned char *buffer, const size_t cb_req) {
return rc;
}
pkcs5_rc pkcs5_pbkdf2_sha1(const unsigned char* password, const size_t cb_password, const unsigned char* salt, const size_t cb_salt, unsigned long long iterations, unsigned char* key, const size_t cb_key) {
pkcs5_rc pkcs5_pbkdf2_sha1(const uint8_t* password, const size_t cb_password, const uint8_t* salt, const size_t cb_salt, uint64_t iterations, const uint8_t* key, const size_t cb_key) {
pkcs5_rc rc = PKCS5_OK;
#ifdef _WINDOWS
@@ -459,8 +470,11 @@ pkcs5_rc pkcs5_pbkdf2_sha1(const unsigned char* password, const size_t cb_passwo
#else
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wcast-qual"
/* for some reason openssl always returns 1 for PBKDF2 */
PKCS5_PBKDF2_HMAC_SHA1((const char*)password, cb_password, salt, cb_salt, iterations, cb_key, key);
PKCS5_PBKDF2_HMAC_SHA1((const char*)password, cb_password, salt, cb_salt, iterations, cb_key, (unsigned char*)key);
#pragma GCC diagnostic pop
#endif
@@ -491,7 +505,6 @@ setting_bool_t _get_bool_config(const char *sz_setting) {
#ifdef _WIN32
HKEY hKey = 0;
DWORD dwErr = 0;
DWORD dwValue = 0;
DWORD dwType = 0;
DWORD cbValue = sizeof(dwValue);