Tony Arcieri (iqlusion)
1e1fe34734
mgm: Generalize TDES logic to enable other algorithms ( #625 )
...
Co-authored-by: Jack Grigg <thestr4d@gmail.com >
Co-authored-by: Greg Bowyer <gbowyer@fastmail.co.uk >
2025-08-22 09:37:41 -06:00
Tony Arcieri (iqlusion)
7eb7a31a28
mgm: remove untested gating from tested methods ( #623 )
...
Removes the `#[cfg(feature = "untested")]` gating from all methods
tested in `tests/integration.rs` and their dependent codepaths.
2025-08-18 13:05:23 -06:00
Nazar Serhiichuk
1fc807fdcb
Handle reference data not found in metadata command ( #558 )
2025-08-14 07:37:57 -06:00
Tony Arcieri (iqlusion)
b4be1bb216
mgm: use TdesEde3::weak_key_test ( #621 )
...
Replaces the vendored weak key test with the upstream one from the `des`
crate which was added in RustCrypto/block-ciphers#465
2025-08-13 15:36:53 -06:00
Arthur Gautier
7f2b423713
chore(deps): bump nom from 7.1.3 to 8.0.0 ( #614 )
2025-07-21 20:20:45 -06:00
Arthur Gautier
f0dbf9425c
bump dependencies to latest rc, bump MSRV to 1.85 ( #612 )
2025-07-21 15:49:31 -06:00
Joost van Dijk
0d8096f50d
add support for rsa3072 and rsa4096 ( #598 )
2025-02-12 14:48:29 -07:00
Arthur Gautier
13bdf9a585
Applets management ( #568 )
2025-02-11 19:13:01 -07:00
Jack Grigg
235eb6215e
Clean up some of the management key code ( #584 )
...
* mgm: Move TDES weak key checking code into a submodule
* piv: Extract management key algorithm into a separate enum
* mgm: Check management key algorithm when fetching from Yubikey
2025-02-11 12:19:53 -07:00
Tony Arcieri (iqlusion)
d204051912
clippy fixes ( #585 )
...
Runs `cargo clippy --fix` against both crates in the repo
(including `cli`)
2025-01-02 12:55:36 -07:00
Jack Grigg
626ac3bffd
Migrate to current pre-release revisions of dependencies ( #583 )
...
The CHANGELOG lists the specific versions currently pinned; it will
be modified to instead reference the public releases once they exist
and this crate uses them.
2025-01-02 12:39:52 -07:00
Jack Grigg
32cd92af50
Bump MSRV to 1.81 ( #582 )
...
This is required due to the `hybrid-array` crate, which has become a
transitive dependency of the majority of our dependencies and will be
required in the very near future.
2024-11-25 11:58:24 -07:00
Carl Wallace
c0f3a2f841
add length check to get_version ( #545 )
2023-12-20 07:42:27 -07:00
Tony Arcieri (iqlusion)
45915e5e5a
Make RsaKeyData::new fallible ( #517 )
...
Replaces unwraps with `Error::AlgorithmError`
2023-08-15 18:33:30 -06:00
Tony Arcieri (iqlusion)
78313360a1
Add clippy::unwrap_used lint ( #515 )
...
Lints for usages of `unwrap()` in the `yubikey` crate (not CLI yet).
Replaces them with `?` or `expect()` as the situation warrants.
2023-08-15 18:02:25 -06:00
Tony Arcieri (iqlusion)
d226209ea4
Use doc_auto_cfg ( #514 )
...
Removes manual feature annotations for docs.rs
2023-08-15 16:39:29 -06:00
Tony Arcieri (iqlusion)
de142256d0
Bump clippy to use Rust 1.71 ( #513 )
2023-08-15 16:31:13 -06:00
hko-s
485d49a6c8
Make YubiKey::open() more robust ( #504 )
...
On systems with a physical card-reader, the previous implementation falsely
reports "multiple YubiKeys detected!", even if only one YubiKey is connected.
This change attempts to actually open each reader as a YubiKey, and only
reports "multiple YubiKeys" if it can actually open more than one.
Additionally, this change avoids resetting the YubiKeys in case we find more
than one.
2023-08-15 16:20:04 -06:00
Arthur Gautier
6a1e1603ef
Use x509-cert certificate builder ( #495 )
...
Co-authored-by: Carl Wallace <carl@redhoundsoftware.com >
2023-08-14 18:31:39 -06:00
Arthur Gautier
8cf18d2986
Bump rsa to 0.9.0 ( #502 )
2023-05-03 06:22:45 -06:00
Tony Arcieri (iqlusion)
0c7441a81e
Bump asymmetric crypto dependencies; MSRV 1.65 ( #490 )
...
Bumps the following dependencies to the latest versions:
- `elliptic-curve` v0.13
- `k256` v0.13
- `p256` v0.13
- `p384` v0.13
- `pbkdf2` v0.12
- `rsa` v0.9.0-pre.0
- `signature` v2
2023-03-14 11:53:00 -06:00
str4d
a50addc15b
Fix StatusWords::code output for StatusWords::VerifyFailError ( #479 )
...
* Fix `StatusWords::code` output for `StatusWords::VerifyFailError`
Closes iqlusioninc/yubikey.rs#473 .
* Refactor `Transaction::transfer_data` to match on `StatusWords`
This makes the code more reliable, such that it would have avoided
the bug in iqlusioninc/yubikey.rs#473 .
2023-02-12 12:02:22 -07:00
str4d
0809f300b7
Return errors from YubiKey::open_by_serial that indicate a key may exist ( #477 )
...
* Return errors from `YubiKey::open_by_serial` that indicate a key may exist
The only such error at the moment is `pcsc::Error::SharingViolation`, which
indicates a transient failure to access a specific reader that could have
been the one we needed (and so a future retry might succeed).
Closes iqlusioninc/yubikey.rs#458 .
* Avoid resetting unused devices in YubiKey::open_by_serial
We only connect to readers so that we can determine their serial. We
now try to ensure that the order in which we connect to them doesn't
have an effect on their state after we are done.
2023-02-12 10:22:05 -07:00
str4d
d55079f9a6
Enable library users to detect if a smart card doesn't support PIV ( #476 )
...
* Enable library users to detect if a smart card doesn't support PIV
Closes iqlusioninc/yubikey.rs#456 .
* Avoid resetting the card if we fail to select PIV or fetch version/serial
2023-02-12 10:20:34 -07:00
str4d
10241230b3
Raise minimum pcsc version to remove workaround ( #478 )
...
In iqlusioninc/yubikey.rs#88 we added a workaround for what turned out
to be a bug in `pcsc`, where an error was returned if no readers were
available, instead of returning an empty iterator. `pcsc 2.3.1` was
published in 2019, so we can safely rely on it.
2023-02-12 10:18:55 -07:00
Tony Arcieri (iqlusion)
0c2633ab31
transaction: comment cleanup in get_serial ( #467 )
...
Moves comments about each YubiKey version number above the arms of the
`match` expression
2023-01-07 13:35:52 -08:00
Tony Arcieri (iqlusion)
f49c617a9d
Improve parsing of serial numbers ( #466 )
...
Checks the length of the data returned when querying the serial number,
returning an error if it's longer than 4 bytes, and left-padding with
zeroes if it's too short.
This fixes some potential panics due to incorrect slice lengths as were
experienced in #465
2023-01-07 08:35:37 -08:00
str4d
18eb4bf4f4
Add YubiKey::disconnect ( #462 )
...
This exposes `pcsc::Card::disconnect` to allow alternate disposition
methods.
2023-01-02 10:15:31 -08:00
str4d
10941bfb5b
Add partial Debug impls for Context and YubiKey ( #457 )
...
This enables `yubikey::Result<T>` to be debug-formatted, for example
when wrapping the output of an API method in `dbg!()`.
2023-01-01 11:16:10 -07:00
Tony Arcieri (iqlusion)
d880faaefa
yubikey v0.7.0 ( #444 )
2022-11-14 15:53:00 -08:00
Tony Arcieri (iqlusion)
cc00a10c2f
img: add logo-sq.png ( #445 )
...
Square logo for use with rustdoc
2022-11-14 15:15:19 -08:00
Tony Arcieri (iqlusion)
0a2e798894
Switch from subtle-encoding to base16ct ( #443 )
2022-11-14 14:26:07 -08:00
Ferdinand Linnenberg
0071566097
feat: fixed incorrect issuer for certificates & added x509 prints ( #437 )
2022-11-14 10:42:07 -08:00
Tony Arcieri (iqlusion)
603b102932
Followups from #371 ( #435 )
...
Implements the changes I suggested in that PR, which are related to
naming conventions and documentation.
2022-11-12 15:41:58 -08:00
Tony Arcieri (iqlusion)
4310cc0f9a
Fix build and clippy warnings ( #433 )
2022-11-12 13:15:42 -08:00
Arthur Gautier
87ed7b2338
Adds support for metadata command ( #371 )
...
On firmware 5.4.3, yubikey introduced a metadata command. This returns
the policy attached to as slot as well as the public key of the pair in
the slot.
https://docs.yubico.com/yesdk/users-manual/application-piv/apdu/metadata.html
2022-11-12 11:12:10 -08:00
william light
bbb186f95e
Display inner PC/SC errors ( #420 )
2022-10-31 15:00:21 -07:00
Tony Arcieri (iqlusion)
3463d109b2
Bump der-parser to v8; x509-parser to v0.14 ( #402 )
2022-08-10 15:19:21 -07:00
vdods
498de4c10d
Adding some common traits for certain enum types to support maps. ( #372 )
2022-08-10 14:34:58 -07:00
Tony Arcieri (iqlusion)
9e20ecfe55
RustCrypto crate upgrades; MSRV 1.57 ( #378 )
...
Updates all of the RustCrypto dependencies to the latest versions:
- `des` v0.8
- `elliptic-curve` v0.12
- `hmac` v0.12
- `num-bigint-dig` v0.8
- `pbkdf2` v0.11
- `p256` v0.11
- `p384` v0.10
- `rsa` v0.6
- `sha1` v0.10 (replacing `sha-1`)
- `sha2` v0.10
2022-05-23 20:04:12 -07:00
Ferdinand Linnenberg
83de59983f
Add Display formatter to SlotId ( #353 )
2022-02-11 13:10:53 -08:00
Tony Arcieri (iqlusion)
935fea0868
Bump p256 => v0.10; p384 => v0.9 ( #344 )
2022-01-17 15:08:48 -08:00
Tony Arcieri (iqlusion)
dd4b1c60a4
2021 edition upgrade; MSRV 1.56 ( #343 )
...
Changes the `edition` to 2021 in both the `yubikey` and `yubikey-cli`
crates.
Removes `TryFrom`/`TryInto` imports, now that they're in the prelude.
2022-01-17 14:54:01 -08:00
Shella Stephens
74a50f0f0c
Bump dependencies & fix security audit ( #340 )
...
* Bump dependencies & fix security audit
* allow dead code for issuer field #[allow(dead_code)] in Certificates struct
2022-01-10 08:40:58 -07:00
Tony Arcieri (iqlusion)
edf74871ba
yubikey v0.5.0 ( #327 )
2021-11-21 07:42:39 -08:00
str4d
52107281df
nom 7 ( #322 )
2021-10-19 06:38:38 -07:00
Benno Rice
54ce90d51d
Update dependencies ( #315 )
...
* Update rsa dependency to 0.5
* Update pbkdf dependency to 0.9
* Update x509-parser dependency to 0.11
* Update crypto-bigint subdepdendency to 0.2.6
2021-09-10 10:44:59 -07:00
Tony Arcieri (iqlusion)
ac72797d1f
yubikey v0.4.2 ( #291 )
2021-07-13 06:35:53 -07:00
Tony Arcieri (iqlusion)
fdd3b8730a
Make yubikey::Buffer a pub type ( #290 )
2021-07-13 06:05:24 -07:00
Tony Arcieri (iqlusion)
d51ec0a225
Have YubiKey::block_puk take &mut self as argument ( #289 )
...
This is effectively the same signature; it just uses `self` instead of a
named argument.
2021-07-13 05:55:24 -07:00