Merge branch 'attestation2'
This commit is contained in:
+3
-2
@@ -873,7 +873,7 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
|
||||
if (key == YKPIV_KEY_CARDMGM ||
|
||||
key < YKPIV_KEY_RETIRED1 ||
|
||||
(key > YKPIV_KEY_RETIRED20 && key < YKPIV_KEY_AUTHENTICATION) ||
|
||||
key > YKPIV_KEY_CARDAUTH) {
|
||||
(key > YKPIV_KEY_CARDAUTH && key != YKPIV_KEY_ATTESTATION)) {
|
||||
return YKPIV_KEY_ERROR;
|
||||
}
|
||||
|
||||
@@ -885,7 +885,8 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
|
||||
|
||||
if (touch_policy != YKPIV_TOUCHPOLICY_DEFAULT &&
|
||||
touch_policy != YKPIV_TOUCHPOLICY_NEVER &&
|
||||
touch_policy != YKPIV_TOUCHPOLICY_ALWAYS)
|
||||
touch_policy != YKPIV_TOUCHPOLICY_ALWAYS &&
|
||||
touch_policy != YKPIV_TOUCHPOLICY_CACHED)
|
||||
return YKPIV_GENERIC_ERROR;
|
||||
|
||||
if (algorithm == YKPIV_ALGO_RSA1024 || algorithm == YKPIV_ALGO_RSA2048) {
|
||||
|
||||
@@ -141,6 +141,7 @@ extern "C"
|
||||
#define YKPIV_KEY_RETIRED18 0x93
|
||||
#define YKPIV_KEY_RETIRED19 0x94
|
||||
#define YKPIV_KEY_RETIRED20 0x95
|
||||
#define YKPIV_KEY_ATTESTATION 0xf9
|
||||
|
||||
#define YKPIV_OBJ_CAPABILITY 0x5fc107
|
||||
#define YKPIV_OBJ_CHUID 0x5fc102
|
||||
@@ -177,6 +178,8 @@ extern "C"
|
||||
#define YKPIV_OBJ_RETIRED19 0x5fc11f
|
||||
#define YKPIV_OBJ_RETIRED20 0x5fc120
|
||||
|
||||
#define YKPIV_OBJ_ATTESTATION 0x5fff01
|
||||
|
||||
#define YKPIV_INS_VERIFY 0x20
|
||||
#define YKPIV_INS_CHANGE_REFERENCE 0x24
|
||||
#define YKPIV_INS_RESET_RETRY 0x2c
|
||||
@@ -191,6 +194,7 @@ extern "C"
|
||||
#define YKPIV_INS_GET_VERSION 0xfd
|
||||
#define YKPIV_INS_RESET 0xfb
|
||||
#define YKPIV_INS_SET_PIN_RETRIES 0xfa
|
||||
#define YKPIV_INS_ATTEST 0xf9
|
||||
|
||||
#define YKPIV_PINPOLICY_TAG 0xaa
|
||||
#define YKPIV_PINPOLICY_DEFAULT 0
|
||||
@@ -202,6 +206,7 @@ extern "C"
|
||||
#define YKPIV_TOUCHPOLICY_DEFAULT 0
|
||||
#define YKPIV_TOUCHPOLICY_NEVER 1
|
||||
#define YKPIV_TOUCHPOLICY_ALWAYS 2
|
||||
#define YKPIV_TOUCHPOLICY_CACHED 3
|
||||
|
||||
#define YKPIV_IS_EC(a) ((a == YKPIV_ALGO_ECCP256 || a == YKPIV_ALGO_ECCP384))
|
||||
#define YKPIV_IS_RSA(a) ((a == YKPIV_ALGO_RSA1024 || a == YKPIV_ALGO_RSA2048))
|
||||
|
||||
Reference in New Issue
Block a user