Alessio Di Mauro
94cd489efd
YKCS11: allow key generation for retired keys slots.
2015-12-03 10:24:02 -08:00
Alessio Di Mauro
abc94bc62a
Refactor yubico-piv-tool to use import_private_key from libykpiv.
2015-11-20 11:49:30 +01:00
Klas Lindfors
b770155cbb
Merge branch 'devel/p384' into ykcs11
...
Conflicts:
NEWS
configure.ac
lib/ykpiv.c
lib/ykpiv.h
tool/util.c
tool/util.h
2015-09-07 14:32:37 +02:00
Klas Lindfors
aabe4fb20e
Merge branch 'master' into ykcs11
...
Conflicts:
lib/ykpiv.c
lib/ykpiv.h
2015-08-20 09:30:49 +02:00
Steffan Karger
723fe2f405
Query for PIN/PUK/mgmt-key if not supplied on command line
...
Do not force a user to specify the PIN/PUK/mgmt-key on the command line.
Instead, query the user to supply them through stdin when required for
the requested operation. This is both more user friendly and more
secure, since the secrets do not end up in the shell history and/or
visible to shoulder-surfers on the terminal.
Signed-off-by: Steffan Karger <steffan@karger.me >
2015-08-12 23:05:44 +02:00
Alessio Di Mauro
bf56cd8f30
Added certificate import on key generation.
2015-08-11 14:12:34 +02:00
Klas Lindfors
2e91cd0f5b
Merge branch 'master' into devel/p384
2015-07-08 15:09:11 +02:00
Klas Lindfors
3b080dca45
relicense to 2-clause BSD license
2015-07-01 16:34:20 +02:00
Klas Lindfors
ca6a355b5d
add touch tlv for generate and import-key
2015-06-25 12:04:05 +02:00
Klas Lindfors
be8f37924d
pin policy code for generate and import-key
2015-06-24 15:25:59 +02:00
Klas Lindfors
a73d708c25
add support for retired key objects
...
slots 82-95
2015-06-24 13:06:01 +02:00
Klas Lindfors
d06852959c
add sha384 hash and refactor some common patterns
2015-06-24 13:06:00 +02:00
Klas Lindfors
f17d09f19c
start adding secp384r1
2015-06-24 13:06:00 +02:00
Klas Lindfors
9db6d3d45a
replace EVP_MD_CTX_verify() stuff with RSA_verify()/ECDSA_verify()
...
since the EVP_MD_CTX stuff doesn't seem to exist on osx at all.
2015-03-20 14:04:26 +01:00
Klas Lindfors
0f26a7c1e3
refactor dump_hex to drop some redundant code
2015-03-18 15:09:32 +01:00
Klas Lindfors
f86ded25bf
rip input_ready() and call isatty() instead
...
should be more portable (work on windows)
relates to #12
2015-01-12 21:20:15 +01:00
Klas Lindfors
b1a673b1f9
try to discover if there is input waiting on stdin
...
otherwise give the user a hint
resolves #12
2015-01-12 16:27:13 +01:00
Klas Lindfors
36468219c2
check length of private key components before setting
...
the card functions only accepts key components of correct size
so here we add 0 before if they're shorter (usually one byte shorter)
thus fixing the issue where the card returned 6f00
2014-11-12 14:08:11 +01:00
Klas Lindfors
a7d5eb9d1c
start implementing signer
2014-09-26 16:00:18 +02:00
Klas Lindfors
c4d8492682
make get_length() take a const buffer
2014-06-25 15:10:56 +02:00
Klas Lindfors
d5222c10b7
add macros for piv objects
2014-06-24 14:07:15 +02:00
Klas Lindfors
33c71344de
let util.h include cmdline.h
...
since it's using declarations from it..
2014-06-24 10:42:50 +02:00
Klas Lindfors
81ddeb047f
let parse_name() take a const char* instead
2014-06-24 10:28:45 +02:00
Klas Lindfors
92db159c4f
change internal.h to util.h
2014-06-24 10:28:45 +02:00
Klas Lindfors
ab3083dc1b
split out util functions from yubico-piv-tool.c
2014-06-24 09:43:27 +02:00