Arnaud
0e244e16f0
Fix docstring for Certificate::generate_self_signed ( #632 )
CI / check (push) Has been cancelled
CI / test (sudo apt-get install libpcsclite-dev, ubuntu-latest, 1.85.0) (push) Has been cancelled
CI / test (sudo apt-get install libpcsclite-dev, ubuntu-latest, stable) (push) Has been cancelled
CI / test (true, macos-latest, 1.85.0) (push) Has been cancelled
CI / test (true, macos-latest, stable) (push) Has been cancelled
CI / test (true, windows-latest, 1.85.0) (push) Has been cancelled
CI / test (true, windows-latest, stable) (push) Has been cancelled
CI / rustfmt (push) Has been cancelled
CI / clippy (push) Has been cancelled
2026-05-11 12:37:50 -06:00
Robin Lambertz
ba51f6ad16
Implement PrehashSigner on yubikey::Signer. ( #656 )
...
Co-authored-by: roblabla <robin@harfanglab.fr >
2026-05-11 12:37:15 -06:00
Andrew Lubawy
872ba35f54
Add Curve25519 support ( #577 )
...
Supported in PIV applet since firmware 5.7.X
2026-02-18 17:27:43 -07:00
Joost van Dijk
0d8096f50d
add support for rsa3072 and rsa4096 ( #598 )
2025-02-12 14:48:29 -07:00
Tony Arcieri (iqlusion)
d204051912
clippy fixes ( #585 )
...
Runs `cargo clippy --fix` against both crates in the repo
(including `cli`)
2025-01-02 12:55:36 -07:00
Jack Grigg
626ac3bffd
Migrate to current pre-release revisions of dependencies ( #583 )
...
The CHANGELOG lists the specific versions currently pinned; it will
be modified to instead reference the public releases once they exist
and this crate uses them.
2025-01-02 12:39:52 -07:00
Tony Arcieri (iqlusion)
78313360a1
Add clippy::unwrap_used lint ( #515 )
...
Lints for usages of `unwrap()` in the `yubikey` crate (not CLI yet).
Replaces them with `?` or `expect()` as the situation warrants.
2023-08-15 18:02:25 -06:00
Tony Arcieri (iqlusion)
d226209ea4
Use doc_auto_cfg ( #514 )
...
Removes manual feature annotations for docs.rs
2023-08-15 16:39:29 -06:00
Arthur Gautier
6a1e1603ef
Use x509-cert certificate builder ( #495 )
...
Co-authored-by: Carl Wallace <carl@redhoundsoftware.com >
2023-08-14 18:31:39 -06:00
Arthur Gautier
8cf18d2986
Bump rsa to 0.9.0 ( #502 )
2023-05-03 06:22:45 -06:00
Ferdinand Linnenberg
0071566097
feat: fixed incorrect issuer for certificates & added x509 prints ( #437 )
2022-11-14 10:42:07 -08:00
Tony Arcieri (iqlusion)
4310cc0f9a
Fix build and clippy warnings ( #433 )
2022-11-12 13:15:42 -08:00
Tony Arcieri (iqlusion)
3463d109b2
Bump der-parser to v8; x509-parser to v0.14 ( #402 )
2022-08-10 15:19:21 -07:00
Tony Arcieri (iqlusion)
935fea0868
Bump p256 => v0.10; p384 => v0.9 ( #344 )
2022-01-17 15:08:48 -08:00
Tony Arcieri (iqlusion)
dd4b1c60a4
2021 edition upgrade; MSRV 1.56 ( #343 )
...
Changes the `edition` to 2021 in both the `yubikey` and `yubikey-cli`
crates.
Removes `TryFrom`/`TryInto` imports, now that they're in the prelude.
2022-01-17 14:54:01 -08:00
Shella Stephens
74a50f0f0c
Bump dependencies & fix security audit ( #340 )
...
* Bump dependencies & fix security audit
* allow dead code for issuer field #[allow(dead_code)] in Certificates struct
2022-01-10 08:40:58 -07:00
str4d
52107281df
nom 7 ( #322 )
2021-10-19 06:38:38 -07:00
Benno Rice
54ce90d51d
Update dependencies ( #315 )
...
* Update rsa dependency to 0.5
* Update pbkdf dependency to 0.9
* Update x509-parser dependency to 0.11
* Update crypto-bigint subdepdendency to 0.2.6
2021-09-10 10:44:59 -07:00
Tony Arcieri (iqlusion)
563f6f9ccc
Extract consts module ( #282 )
...
Extracts miscellaneous constants that were floating around in the
toplevel into their own module.
2021-07-12 12:54:54 -07:00
Tony Arcieri (iqlusion)
5f418bbd1d
Doc improvements and minor cleanups ( #281 )
2021-07-12 11:57:42 -07:00
Tony Arcieri (iqlusion)
e6cea2eca6
Rename key module to piv ( #277 )
...
Now that the crate is named `yubikey` rather than `yubikey-piv`, it
makes more sense to call this module out as PIV-related functionality.
2021-07-12 10:42:55 -07:00
Tony Arcieri (iqlusion)
1765e11bc0
Flatten API ( #274 )
...
Re-exports types from the toplevel instead of placing them in individual
modules (often which only contain one type).
This makes the API easier for users to navigate, while still retaining
the same module structure internally.
Additionally, this commit uses the `uuid` crate for modeling UUIDs.
2021-07-12 08:40:31 -07:00
Tony Arcieri (iqlusion)
de51b0cc46
Add Result alias ( #271 )
...
Adds a `yubikey::Result` alias with `yubikey::Error` as the error type.
Since we only have one `Error` type, this simplifies the return types
where a `Result` is returned.
2021-07-11 09:44:08 -07:00
Shella Stephens
d33e80faea
Update rsa to v0.4.0 & fix cargo audit ( #246 )
...
* Bump rsa to v0.4.0
2021-03-29 09:12:33 -07:00
str4d
24b035008c
Improve self-signed certificates ( #207 )
...
Adds support for:
- A hierarchical SubjectName field.
- Certificate extensions.
2021-01-11 07:49:15 -08:00
Shella Stephens
08185c5ec9
Bump der-parser, nom, x509-parser ( #194 )
...
* Bump der-parser from 4.1.0 to 5.0.0
Bumps [der-parser](https://github.com/rusticata/der-parser ) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/rusticata/der-parser/releases )
- [Changelog](https://github.com/rusticata/der-parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rusticata/der-parser/compare/der-parser-4.1.0...der-parser-5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* Bump der-parser, nom, x509-parser
* clippy
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 07:20:58 -08:00
Tony Arcieri
cbe60413cb
Bump p256 to v0.5; p384 to v0.4; MSRV 1.44+
2020-10-17 13:54:40 -07:00
Shella Stephens
860c163eb9
Update rsa to v0.3 & other dependencies ( #142 )
...
* Update rsa to v0.3 & other dependencies
2020-06-15 16:40:33 -07:00
BlackHoleFox
556b9cb671
Remove dependency on regular num-bigint
2020-06-09 18:42:56 -05:00
Tony Arcieri
27504890d7
Bump elliptic-curve from 0.2.0 to 0.3.0
2020-01-07 15:11:27 -05:00
Jack Grigg
985b1d272c
Add a serial number wrapper struct with Into conversions
2019-12-15 17:50:25 +00:00
Jack Grigg
58acfe6330
Simplify issuer and subject stringification
2019-12-15 17:42:47 +00:00
Jack Grigg
1a95a5f921
Fix PKCS#1 v1.5 signature generation
2019-12-15 17:09:09 +00:00
Jack Grigg
8ac78cafb8
Certificate::generate_self_signed
2019-12-15 10:59:50 +00:00
Jack Grigg
5e8a014be2
Expose certificate serial and issuer
2019-12-15 10:35:22 +00:00
Jack Grigg
d44a32453c
Write certificate TLVs into correct offsets
2019-12-15 10:33:01 +00:00
Jack Grigg
d113c1f4b9
impl<'a> TryFrom<&'a [u8]> for Certificate
2019-12-11 02:44:40 +00:00
Jack Grigg
41b10d1f23
Convert certificate info into an enum
2019-12-11 02:21:49 +00:00
Jack Grigg
e73607e662
Rename Certificate::new to Certificate::from_bytes
2019-12-11 00:30:39 +00:00
Jack Grigg
363bdc4351
Extract TLV writing into serialization::Tlv
2019-12-10 13:17:01 +00:00
Jack Grigg
da828abe3c
Extract TLV parsing into serialization::Tlv
2019-12-10 13:14:39 +00:00
Tony Arcieri
31efd4e78c
Finish eliminating consts module
...
Either moves constants into their relevant modules, or puts the
remaining ones into `lib.rs`
2019-12-08 09:32:57 -08:00
Tony Arcieri
104020d518
consts: Whittle down to the essentials
...
This factors the junk drawer of constants into the relevant files.
There are still a few "global" ones left but they can be addressed in a
followup commit.
2019-12-08 08:39:21 -08:00
Tony Arcieri
f6915ce5df
Drop YubiKey NEO support ( closes #18 )
...
YubiKey NEOs are legacy YubiKey devices, most of which contain
unpatchable security vulnerabilities.
They have smaller buffer sizes than YK4 and YK5, which necessitates a
whole bunch of conditional gating and buffer size calculations.
Getting rid of them simplifies this logic and allows us to assume
consistent buffer sizes everywhere.
We never tested on NEOs anyway, and looking at the deleted code it seems
it may have been miscalculating the NEO's buffer size!
If someone *really* wants to support NEOs, it shouldn't be that hard to
restore, but the codebase is definitely cleaner without it.
2019-12-07 11:22:51 -08:00
Tony Arcieri
d1d384d304
Test Key::list
...
Adds a live-against-the-device test which ensures keys can be
successfully listed.
2019-12-07 10:09:56 -08:00
Jack Grigg
0551263286
Switch to elliptic-curve crate
2019-12-07 15:47:24 +00:00
Jack Grigg
cd704c28d7
Extract OID strings as constants
2019-12-01 18:42:12 +00:00
Jack Grigg
3a283aca40
Use ecdsa crate for EC point representations
2019-12-01 18:23:57 +00:00
Jack Grigg
e72ee5c60e
Parse EC public keys within certificates
2019-12-01 16:54:22 +00:00
Jack Grigg
9ee1494c6f
Parse RSA public keys within certificates
2019-12-01 16:09:59 +00:00