This factors the junk drawer of constants into the relevant files.
There are still a few "global" ones left but they can be addressed in a
followup commit.
YubiKey NEOs are legacy YubiKey devices, most of which contain
unpatchable security vulnerabilities.
They have smaller buffer sizes than YK4 and YK5, which necessitates a
whole bunch of conditional gating and buffer size calculations.
Getting rid of them simplifies this logic and allows us to assume
consistent buffer sizes everywhere.
We never tested on NEOs anyway, and looking at the deleted code it seems
it may have been miscalculating the NEO's buffer size!
If someone *really* wants to support NEOs, it shouldn't be that hard to
restore, but the codebase is definitely cleaner without it.
Adds a `yubikey-cli` crate to the workspace, with a `yubikey` binary,
which presently provides a `list` command for listing detected readers.
Dependencies:
- `env_logger`: logging
- `gumdrop`: argument parsing
- `termcolor`: colored terminal output
As this repo now contains a binary, it also checks in `Cargo.lock`.
Adds a `yubikey_piv::Readers` type which opens a PC/SC context and can
enumerate detected PC/SC readers with a slightly more ergonomic API than
what's provided in the upstream crate.
Does not support actually instantiating a `YubiKey` from a `Reader<'_>`
yet, but ideally all connections to YubiKeys should go through this API.
- Forbids unsafe code
- Adds a "Safety Dance" badge
- Fixes the GitHub Actions status badge
- Fixes up links that changed with the move to `iqlusioninc` org
This commit merges the `apdu` and `response` modules: the responses are
APDU responses, and so the two are related.
This also moves the `trace` logging into the APDU type, which allows it
to display `Debug` output for APDUs and responses, which makes it easier
to understand what's going on (and will be even better once instructions
are converted into an enum so you can actually see what's happening).
This adds an `untested` feature to any functions which have not yet been
tested live against a YubiKey device (which is presently pretty much
everything).
This sets a clear expectation of what is presently supported, and
additionally documents the status in the README (and a series of GitHub
issues).
Adds a `cargo build --all-features` to GitHub Actions' `test` step in
order to make sure that `untested` functionality still compiles.
This commit adds quite a bit of documentation about the current status
of the project, including links to GitHub issues for the different Rust
modules which map to specific pieces of functionality.
The intent is to track the current status of the project in the
README.md as that's more up-to-date than the docs.rs documentation
(which depends on a crate release to get updated).
Adds an extremely basic initial test to ensure that we are able to
connect to a YubiKey.
The test is marked `#[ignore]` in the hope that we can eventually start
adding tests which run in CI, e.g. against a mock card.
This also includes a fix for calculating the APDU size, since the ones
we were sending originally were overly long.
This commit contains a "big bang" refactor/rewrite which does the
following:
- Replaces all `SCard*` FFI calls with the `pcsc` crate, which provides
a safe, portable PC/SC API across Windows, macOS, and Linux
- Refactors the `util` module into modules representing the various
device functions and concepts, e.g. `certificate`, `key`, `mgm`
- Replaces all usage of `libc` with `std` functionality, and in many
places rewriting functionality to use safe code.
- Removes `ykpiv_` from all function names, and `Piv*` from type names.
In 20/20 hindsight I wish I had done this commit more incrementally so
as to make it easier to review. Que sera sera.
However, realistically we need to test all functionality on the device
to ensure that it actually works. Going forward I would like to put
pretty much all of the current code behind an `untested` cargo feature,
and then remove it for each bit of functionality we test.
This commit gets the Rust code to compile! 🎉
Additionally, it fixes all of the commented out code that was failing
translation from C due to the use of unions, namely around the APDU
messages.
It does a fair amount of reformatting around branches, with the net
result hopefully being something actually a bit closer to the C code,
and a straightforward list of `if` statements.
It also removes all of the remaining externs that aren't supposed to be
externs, replacing them with a more straightforward usage of the module
system.
Finally it fixes all errors and warnings (relating to e.g. usage of
uninitialized memory), in addition to most clippy lints! (some have
been explicitly disabled)
All that said, it still doesn't do anything: it needs to be wired up to
a PCSC library first before that will be possible. But hey, it compiles!
This commit contains a multitude of fixes and some initial translation
work so the first rustc pass compiles.
It removes `unsafe extern "C"` declarations, so now there are a number
of errors about invocations of unsafe functions that need to be
addressed. They should each be scoped to an `unsafe` block so as to aid
in an eventual safe translation.
Some of the functions are now using the module system rather than
`extern "C"` bindings, but the translation is not complete.
This either fixes or adds "FIXME" notes for any parts of the code that
corrode had trouble translating.
Namely there are a number of places members of the APDU struct(?) were
accessed which corrode failed to translate.
- Adds initial `Cargo.toml` (and `Cargo.lock` to `.gitignore`)
- Deletes `tool` (it seems hard to `corrode`)
- Moves `lib/tests` => `tests` (we should figure out how to translate them)
- Moves `lib` => `src` to match Rust conventions
- Renames `lib/ykpiv.rs` => `src/lib.rs` to match Rust conventions
- Adds copyright from `ykpiv.h` to the top of all `*.rs` files