Klas Lindfors
53667a22b0
Move asking for PKCS12 password outside of import_key()
...
also restructure a bit when deciding to do authentication
relates #66
2016-02-15 09:24:36 +01:00
Klas Lindfors
d3a75cc6ee
Merge pull request #65 from mattmoyer/add-self-signed-cert-options
...
Add options for configuring self-signed certs.
2016-02-15 08:48:19 +01:00
Klas Lindfors
a233ff53ae
if the password supplied for PKCS12 doesn't verify ask for a new one
...
or if it's NULL and the mac doesn't verify with that either..
fixes #66
2016-02-15 08:43:45 +01:00
Matt Moyer
d39b697d49
Drop const from these these int parameters.
2016-02-12 09:01:12 -06:00
Matt Moyer
f91cf3379a
Add a --serial parameter to yubico-piv-tool.
...
Allows the serial number of self signed certificates to be configured.
2016-02-10 17:40:12 -06:00
Matt Moyer
98f843e7e7
Add a --valid-days parameter to yubico-piv-tool.
...
Allows the expiration date (notAfter) value of self signed certificates to be configured.
2016-02-10 17:35:21 -06:00
Alessio Di Mauro
b08de95597
Remove some clutter.
2015-12-24 10:50:36 +01:00
Alessio Di Mauro
ecfc71fab0
Print CCC with status action. Relates to #57 .
2015-12-24 10:50:05 +01:00
Klas Lindfors
abcce21353
Merge remote-tracking branch 'origin/generic_objects'
2015-12-21 10:42:38 +01:00
Klas Lindfors
ab68b53b5c
rework dump_data() to keep an internal buffer
...
and only fprintf() once
2015-12-17 14:11:02 +01:00
Klas Lindfors
d8bda22cdd
rework inout test to use pipes for emulating files
2015-12-17 10:18:01 +01:00
Klas Lindfors
73585f2416
use unsigned long for len
2015-12-17 09:55:20 +01:00
Klas Lindfors
3f874dd147
don't use tmpfile(), it's broken on windows
2015-12-17 09:54:52 +01:00
Klas Lindfors
e2f8ad21aa
add a simple test case for the dump/read data functions
2015-12-17 09:27:20 +01:00
Klas Lindfors
c89387e8fc
add libykpiv as a dependency for libpiv_util
2015-12-15 10:43:29 +01:00
Klas Lindfors
a143c6d67d
remove the util function dump_hex() in favor of dump_data()
2015-12-15 10:27:54 +01:00
Klas Lindfors
30cc13aaff
add format for read/write object as hex/base64/binary
...
relates #31
2015-12-15 10:22:11 +01:00
Klas Lindfors
e71c3b5337
util depends on stdbool
2015-12-15 09:28:42 +01:00
Klas Lindfors
24d9569f65
more work on automake dependencies to rebuild things correctly
...
relates #53
2015-12-15 09:23:04 +01:00
Klas Lindfors
1c2d98b16d
use top_builddir for relations between dirs
2015-12-14 12:54:25 +01:00
Klas Lindfors
fc4443aca7
add configure.ac as a dependency of the yubico-piv-tool binary
...
since if version number changes it should be rebuilt
relates #53
2015-12-14 12:53:18 +01:00
Klas Lindfors
a4ee5725b8
add generic write and read object actions for the tool
...
this take in/out hex dump of the data
2015-12-14 10:55:32 +01:00
Mikhail Denisenko
6042a2140e
Implemented C_SetPIN
2015-12-11 13:23:38 -05:00
Klas Lindfors
e7d53ceb45
fix an old overflow bug
...
we need to do 8 - new_len, not 16 - new_len which overflows the indata
buffer
2015-12-08 14:12:29 +01:00
Klas Lindfors
a1d6007375
increase buffer sizes when building the status view
...
otherwise data buffer will be to small after loading a big certificate
2015-12-07 19:53:43 +01:00
Klas Lindfors
ebbb002068
don't overfill the buffer on cert import
2015-12-07 09:24:19 +01:00
Alessio Di Mauro
94cd489efd
YKCS11: allow key generation for retired keys slots.
2015-12-03 10:24:02 -08:00
Klas Lindfors
baae5fa464
difference between CHUID and CCC in success message.
2015-12-03 14:53:10 +01:00
Klas Lindfors
70e181a860
add a new action set-ccc
...
change aroudn so set_chuid() becomes set_dataobject() and a bit more
generic
fixes #33
2015-12-03 08:18:27 +01:00
Alessio Di Mauro
0a93217dbc
Minor fix.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
4849e494be
Add retired key definitions to libykpiv.
...
Include retired keys in import_key's check.
2015-11-20 15:44:19 +01:00
Alessio Di Mauro
3b81112aeb
Change behavior of yubico-piv-tool -a status.
...
Status only prints information from populated slots. Additionally,
it is possible to explicitly choose a single slot and only print
information reagarding it.
2015-11-20 15:44:19 +01:00
Klas Lindfors
ed38b96fe4
raise buffer sizes and remove a miss-leading error
2015-11-20 13:14:55 +01:00
Alessio Di Mauro
113c3e0b98
Whitespace cleanup.
2015-11-20 12:03:02 +01:00
Alessio Di Mauro
abc94bc62a
Refactor yubico-piv-tool to use import_private_key from libykpiv.
2015-11-20 11:49:30 +01:00
Alessio Di Mauro
f5b1081f00
Replace YubiKey NEO with YubiKey.
2015-11-06 13:39:21 +01:00
Alessio Di Mauro
d38df01c6c
Change applet to application.
2015-11-06 13:14:52 +01:00
Klas Lindfors
f46a4713bd
Merge branch 'master' into development
2015-10-28 16:08:00 +01:00
Klas Lindfors
f558983577
add an error print for failing set-pin-retries
2015-10-28 16:07:18 +01:00
Klas Lindfors
e4059a5995
Merge branch 'master' into development
...
Conflicts:
NEWS
configure.ac
2015-10-20 20:48:57 +02:00
Klas Lindfors
777b40b3c2
read key from stdin if no key is given as argument
2015-10-09 11:14:58 +02:00
Klas Lindfors
69326b868d
actually run valgrind for the tests
2015-10-09 10:40:59 +02:00
Alessio Di Mauro
17ebced2e6
Mask more one pin change.
2015-09-24 14:20:25 +02:00
Klas Lindfors
809e0ebdb7
use in, not signinput to actually sign anything in the ecc case
2015-09-18 11:05:15 +02:00
Klas Lindfors
d30f6fc781
unblock-pin shouldn't tell you new puk
2015-09-16 14:32:30 +02:00
Klas Lindfors
49eab7dbfa
drop ykpiv_sign_data2() and change ykpiv_sign_data() to not pad
2015-09-08 15:29:10 +02:00
Klas Lindfors
8eb7595d42
add list-readers action to tool
...
also refactor ykpiv_list_readers() a bit
2015-09-08 12:26:42 +02:00
Klas Lindfors
b770155cbb
Merge branch 'devel/p384' into ykcs11
...
Conflicts:
NEWS
configure.ac
lib/ykpiv.c
lib/ykpiv.h
tool/util.c
tool/util.h
2015-09-07 14:32:37 +02:00
Klas Lindfors
aabe4fb20e
Merge branch 'master' into ykcs11
...
Conflicts:
lib/ykpiv.c
lib/ykpiv.h
2015-08-20 09:30:49 +02:00
Steffan Karger
723fe2f405
Query for PIN/PUK/mgmt-key if not supplied on command line
...
Do not force a user to specify the PIN/PUK/mgmt-key on the command line.
Instead, query the user to supply them through stdin when required for
the requested operation. This is both more user friendly and more
secure, since the secrets do not end up in the shell history and/or
visible to shoulder-surfers on the terminal.
Signed-off-by: Steffan Karger <steffan@karger.me >
2015-08-12 23:05:44 +02:00