Document project status in README.md and lib.rs
This commit adds quite a bit of documentation about the current status of the project, including links to GitHub issues for the different Rust modules which map to specific pieces of functionality. The intent is to track the current status of the project in the README.md as that's more up-to-date than the docs.rs documentation (which depends on a crate release to get updated).
This commit is contained in:
@@ -10,7 +10,7 @@
|
||||
[![Build Status][build-image]][build-link]
|
||||
[![Gitter Chat][gitter-image]][gitter-link]
|
||||
|
||||
Pure Rust host-side YubiKey [Personal Identity Verification (PIV)][1] driver
|
||||
Pure Rust host-side YubiKey [Personal Identity Verification (PIV)][PIV] driver
|
||||
with general-purpose public-key encryption and signing support.
|
||||
|
||||
[Documentation][docs-link]
|
||||
@@ -22,21 +22,29 @@ to store a number of RSA (2048/1024) and ECC (NIST P-256/P-384) private keys
|
||||
with configurable access control policies. Both the signing (RSASSA/ECDSA) and
|
||||
encryption (PKCS#1v1.5/ECIES) use cases are supported for either key type.
|
||||
|
||||
See [Yubico's guide to PIV-enabled YubiKeys][2] for more information
|
||||
See [Yubico's guide to PIV-enabled YubiKeys][yk-guide] for more information
|
||||
on which devices support PIV and the available functionality.
|
||||
|
||||
If you've been wanting to use Rust to sign and/or encrypt stuff using a
|
||||
private key generated and stored on a Yubikey (with option PIN-based access),
|
||||
this is the crate you've been after!
|
||||
|
||||
One small problem, it's not done yet... 😫
|
||||
|
||||
But it might be close?
|
||||
Note that while this project started as a fork of a [Yubico] project,
|
||||
this fork is **NOT** an official Yubico project and is in no way supported or
|
||||
endorsed by Yubico.
|
||||
|
||||
## Minimum Supported Rust Version
|
||||
|
||||
- Rust **1.39+**
|
||||
|
||||
## Supported YubiKeys
|
||||
|
||||
- [YubiKey NEO] series (may be dropped in the future, see [#18])
|
||||
- [YubiKey 4] series
|
||||
- [YubiKey 5] series
|
||||
|
||||
NOTE: Nano and USB-C variants of the above are also supported
|
||||
|
||||
## Security Warning
|
||||
|
||||
No security audits of this crate have ever been performed. Presently it is in
|
||||
@@ -44,16 +52,36 @@ an experimental stage and may still contain high-severity issues.
|
||||
|
||||
USE AT YOUR OWN RISK!
|
||||
|
||||
## History
|
||||
## Status
|
||||
|
||||
This library is a Rust translation of the [yubico-piv-tool][3] utility by
|
||||
Yubico, which was originally written in C. It was mechanically translated
|
||||
from C into Rust using [Corrode][4], and then subsequently heavily
|
||||
refactored into safer, more idiomatic Rust.
|
||||
This project is a largely incomplete work-in-progress. So far the only
|
||||
functionality which has actually been tested is connecting to Yubikeys.
|
||||
|
||||
Note that while this project started as a fork of a [Yubico][5] project,
|
||||
this fork is **NOT** an official Yubico project and is in no way supported or
|
||||
endorsed by Yubico.
|
||||
If you're interested helping test functionality, the table below documents
|
||||
the current status of the project and relevant GitHub issues for various
|
||||
functions of the YubiKey:
|
||||
|
||||
| | Module | Issue | Description |
|
||||
|----|---------------|-------|-------------|
|
||||
| 🚧 | `yubikey` | [#20] | Core functionality: auth, keys, PIN/PUK, encrypt, sign, attest |
|
||||
| ⚠️ | `cccid` | [#21] | Cardholder Capability Container (CCC) IDs |
|
||||
| ⚠️ | `certificate` | [#22] | Certificates for stored keys |
|
||||
| ⚠️ | `chuid` | [#23] | Cardholder Unique Identifier (CHUID) |
|
||||
| ⚠️ | `config` | [#24] | Support for reading on-key configuration |
|
||||
| ⚠️ | `container` | [#25] | MS Container Map Records |
|
||||
| ⚠️ | `key` | [#26] | Crypto key management: list, generate, import |
|
||||
| ⚠️ | `mgm` | [#26] | Management Key (MGM) support: set, get, derive
|
||||
| ⚠️ | `msroots` | [#28] | `msroots` file: PKCS#7 formatted certificate store for enterprise trusted roots |
|
||||
|
||||
Legend:
|
||||
|
||||
| | Description |
|
||||
|----|------------------------------------|
|
||||
| 🚧 | Testing and validation in progress |
|
||||
| ⚠️ | Untested support |
|
||||
|
||||
NOTE: Commands marked ⚠️ have not been properly tested and may contain bugs or
|
||||
not work at all.
|
||||
|
||||
## Testing
|
||||
|
||||
@@ -96,17 +124,24 @@ test connect ... ok
|
||||
APDU messages labeled `>>>` are being sent to the YubiKey's internal SmartCard,
|
||||
and ones labeled `<<<` are the responses.
|
||||
|
||||
## History
|
||||
|
||||
This library is a Rust translation of the [yubico-piv-tool] utility by
|
||||
Yubico, which was originally written in C. It was mechanically translated
|
||||
from C into Rust using [Corrode], and then subsequently heavily
|
||||
refactored into safer, more idiomatic Rust.
|
||||
|
||||
## Code of Conduct
|
||||
|
||||
We abide by the [Contributor Covenant][6] and ask that you do as well.
|
||||
We abide by the [Contributor Covenant][cc-md] and ask that you do as well.
|
||||
|
||||
For more information, please see [CODE_OF_CONDUCT.md][7].
|
||||
For more information, please see [CODE_OF_CONDUCT.md][cc-md].
|
||||
|
||||
## License
|
||||
|
||||
**yubikey-piv.rs** is a fork of and originally a mechanical translation from
|
||||
Yubico's [`yubico-piv-tool`][3], a C library/CLI program. The original library
|
||||
was licensed under a [2-Clause BSD License][8], which this library inherits
|
||||
Yubico's [yubico-piv-tool], a C library/CLI program. The original library
|
||||
was licensed under a [2-Clause BSD License][BSDL], which this library inherits
|
||||
as a derived work.
|
||||
|
||||
Copyright (c) 2014-2019 Yubico AB, Tony Arcieri
|
||||
@@ -140,7 +175,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
Unless you explicitly state otherwise, any contribution intentionally
|
||||
submitted for inclusion in the work by you shall be licensed under the
|
||||
[2-Clause BSD License][8] as shown above, without any additional terms
|
||||
[2-Clause BSD License][BSDL] as shown above, without any additional terms
|
||||
or conditions.
|
||||
|
||||
[//]: # (badges)
|
||||
@@ -159,11 +194,27 @@ or conditions.
|
||||
|
||||
[//]: # (general links)
|
||||
|
||||
[1]: https://piv.idmanagement.gov/
|
||||
[2]: https://developers.yubico.com/PIV/Introduction/YubiKey_and_PIV.html
|
||||
[3]: https://github.com/Yubico/yubico-piv-tool/
|
||||
[4]: https://github.com/jameysharp/corrode
|
||||
[5]: https://www.yubico.com/
|
||||
[6]: https://contributor-covenant.org/
|
||||
[7]: https://github.com/tarcieri/yubikey-piv.rs/blob/develop/CODE_OF_CONDUCT.md
|
||||
[8]: https://opensource.org/licenses/BSD-2-Clause
|
||||
[PIV]: https://piv.idmanagement.gov/
|
||||
[yk-guide]: https://developers.yubico.com/PIV/Introduction/YubiKey_and_PIV.html
|
||||
[Yubico]: https://www.yubico.com/
|
||||
[YubiKey NEO]: https://support.yubico.com/support/solutions/articles/15000006494-yubikey-neo
|
||||
[YubiKey 4]: https://support.yubico.com/support/solutions/articles/15000006486-yubikey-4
|
||||
[YubiKey 5]: https://www.yubico.com/products/yubikey-5-overview/
|
||||
[yubico-piv-tool]: https://github.com/Yubico/yubico-piv-tool/
|
||||
[Corrode]: https://github.com/jameysharp/corrode
|
||||
[cc-web]: https://contributor-covenant.org/
|
||||
[cc-md]: https://github.com/tarcieri/yubikey-piv.rs/blob/develop/CODE_OF_CONDUCT.md
|
||||
[BSDL]: https://opensource.org/licenses/BSD-2-Clause
|
||||
|
||||
[//]: # (github issues)
|
||||
|
||||
[#18]: https://github.com/tarcieri/yubikey-piv.rs/issues/18
|
||||
[#20]: https://github.com/tarcieri/yubikey-piv.rs/issues/20
|
||||
[#21]: https://github.com/tarcieri/yubikey-piv.rs/issues/21
|
||||
[#22]: https://github.com/tarcieri/yubikey-piv.rs/issues/22
|
||||
[#23]: https://github.com/tarcieri/yubikey-piv.rs/issues/23
|
||||
[#24]: https://github.com/tarcieri/yubikey-piv.rs/issues/24
|
||||
[#25]: https://github.com/tarcieri/yubikey-piv.rs/issues/25
|
||||
[#26]: https://github.com/tarcieri/yubikey-piv.rs/issues/26
|
||||
[#27]: https://github.com/tarcieri/yubikey-piv.rs/issues/27
|
||||
[#28]: https://github.com/tarcieri/yubikey-piv.rs/issues/28
|
||||
|
||||
Reference in New Issue
Block a user