Commit Graph

577 Commits

Author SHA1 Message Date
Klas Lindfors 36468219c2 check length of private key components before setting
the card functions only accepts key components of correct size
so here we add 0 before if they're shorter (usually one byte shorter)
thus fixing the issue where the card returned 6f00
2014-11-12 14:08:11 +01:00
Klas Lindfors d0cef2f469 bump versions after release 2014-11-10 11:00:16 +01:00
Klas Lindfors 7d34d9e2b0 dist the docs, and check that all docs are included 2014-11-10 10:47:06 +01:00
Klas Lindfors 5ef6f885d9 move to .txt for consistency 2014-11-10 10:35:03 +01:00
Klas Lindfors fad5df8e36 NEWS for 0.1.1 2014-11-10 10:31:29 +01:00
Klas Lindfors cd4fdef2f7 cast cert_len to size_t shouldn't be negative here.
gets rid of warnings about int/size_t combinations
2014-11-10 10:12:01 +01:00
Klas Lindfors c14f53dfad check that stat completes correctly 2014-11-10 10:07:35 +01:00
Klas Lindfors 4fd1cf953e Merge branch 'master' of ssh://github.com/dwmw2/yubico-piv-tool 2014-11-10 09:54:09 +01:00
Klas Lindfors 7e0fdd8f9d correct offs for CHUID_GUID_OFFS and change verbose print to CHUID
CHUID_GUID_OFFS was 28 instead of 29, leading to invalid CHUID
verbose print said "setting GUID.." changing to CHUID

patch from Doug Engert
fixes #9
2014-11-10 09:49:54 +01:00
David Woodhouse 3dce5b06e0 Add support for compressed certificates
This could be more sophisticated — it could automatically compress
certificates if they are too large, instead of expecting the user to do
so manually. But this is a good start.
2014-11-07 19:55:08 +00:00
Klas Lindfors d10d5da6c0 newer openssl, install fewer things and use curl 2014-10-30 14:26:13 +01:00
Klas Lindfors a4235e9575 don't use AC_LIB_HAVE_LINKFLAGS
it seems to be from gnulib or such, not always available
fixes #7
2014-10-30 14:10:27 +01:00
Klas Lindfors ccf9d01027 fix broken unblock-pin action
the unblock pin action misstakenly used pin reference 0x81 (unblock)
instead of 0x80 (pin)
2014-10-29 08:09:17 +01:00
Klas Lindfors 146fa881f2 add an error message for wrong key length 2014-10-28 08:37:53 +01:00
Daniel Barnes 61b0284c6d Check if new keys being set are the correct length, since longer or shorter keys yield inconsistant results 2014-10-28 08:36:37 +01:00
Simon Josefsson d1308434aa Fix. 2014-10-07 10:22:38 +02:00
Simon Josefsson 8d13aa3037 Merge branch 'master' of github.com:Yubico/yubico-piv-tool 2014-10-07 09:34:03 +02:00
Klas Lindfors b16dce294d use EVP_MD_size() instead of EVP_MD_block_size()
actually gives correct size for the digest
2014-10-02 13:28:02 +02:00
Klas Lindfors 4bc0c95c4c give errors when sign fails 2014-10-02 13:27:52 +02:00
Klas Lindfors ad335d5d0a a bit of verbosity for authentication needs 2014-10-02 13:21:43 +02:00
Klas Lindfors c8aaf1a65e don't change the action_arg pointer, add to it in place instead
this effectively reverses 931d224485
2014-10-02 13:21:08 +02:00
Klas Lindfors cfebc30f76 refactor to let request-cert and selfsign-cert use different hashes
namely sha1 and sha512 as well with sha256 as default
2014-10-02 13:15:40 +02:00
Klas Lindfors 931d224485 use temporary args_info for parsing if auth is needed 2014-10-02 13:15:39 +02:00
Klas Lindfors 7d28857388 move the signer into the standard tool
as a hidden option to discourage use
2014-10-02 13:15:39 +02:00
Simon Josefsson 7a07385ee4 mark basic constraints as critical 2014-10-01 21:26:31 +02:00
Simon Josefsson 83e6e4e58c key usages 2014-10-01 16:07:32 +02:00
Simon Josefsson 8ab77aa89f Merge branch 'master' of github.com:Yubico/yubico-piv-tool 2014-10-01 15:33:55 +02:00
Simon Josefsson 675839362a Typo 2014-10-01 14:45:00 +02:00
Klas Lindfors 98cd75f08b only authenticate with the applet if needed 2014-10-01 14:33:57 +02:00
Klas Lindfors c970c0a22c drop \n in man file, gives warnings 2014-10-01 14:33:57 +02:00
Simon Josefsson 056baee5c2 Fix. 2014-10-01 14:27:50 +02:00
Simon Josefsson 3052bc4bd6 Typo. 2014-10-01 14:26:01 +02:00
Simon Josefsson c310969973 Add. 2014-10-01 14:21:25 +02:00
Simon Josefsson f534abc249 Fix. 2014-10-01 14:20:51 +02:00
Simon Josefsson 17f4a04601 Add. 2014-10-01 13:18:08 +02:00
Klas Lindfors a90dbba4bf add the length of the padding when checking RSA length 2014-09-29 15:49:58 +02:00
Klas Lindfors 382a4fad98 better error message 2014-09-29 15:49:49 +02:00
Klas Lindfors 7e5ffd254f add a success message for signer 2014-09-29 15:42:08 +02:00
Klas Lindfors 28b5fe688f check the return value of the signing operation 2014-09-29 14:04:06 +02:00
Klas Lindfors 5346cf4652 add SHA512 for signing 2014-09-29 14:03:57 +02:00
Klas Lindfors ffbf0f2607 add cmdline-signer to sources properly 2014-09-29 13:29:40 +02:00
Klas Lindfors 6721fb777b for rsa let it sign a correct DigestInfo structure
which has to have the digest OID, with a NULL parameter
and then the hash.
2014-09-29 12:50:25 +02:00
Klas Lindfors 3b15949969 let the signer sign 2014-09-26 16:23:03 +02:00
Klas Lindfors a7d5eb9d1c start implementing signer 2014-09-26 16:00:18 +02:00
Klas Lindfors 293120f56a ignore 2014-09-26 15:23:04 +02:00
Klas Lindfors 86d4adfeeb start on yubico-piv-signer 2014-09-26 15:22:40 +02:00
Klas Lindfors 8d8257583e make util.h header more self-contained 2014-09-26 15:18:40 +02:00
Klas Lindfors feccc45917 fix mac build 2014-09-11 10:43:10 +02:00
Klas Lindfors 052194c0ff use PACKAGE_VERSION to obtain version instead
seems to work more reliably?
2014-08-26 13:18:07 +02:00
Klas Lindfors 9a1b46d5a5 set the signature algorithm again in the cert 2014-08-25 15:31:01 +02:00