Commit Graph

980 Commits

Author SHA1 Message Date
Jakub Jelen 13f542c1f8 Use the new OpenSSL 1.1.0 API also in the HW tests 2017-11-14 10:29:34 +01:00
Jakub Jelen a2715f0a4a Use OpenSSL 1.1.0 API 2017-11-13 17:43:06 +01:00
Jakub Jelen 4a847677cc WIP:Use RSA/EC_KEY METHOD to provide X509 signatures using high-level OpenSSL API 2017-11-13 17:39:34 +01:00
Jakub Jelen d2ffc41a6c RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0 2017-11-13 17:39:34 +01:00
Jakub Jelen ad4e93a462 Few more OpenSSL 1.1.0 incompatibilities 2017-11-13 17:39:34 +01:00
Jakub Jelen bd351261ec Initial idea of openssl-1.1.0 compatibility (still missing some magic around certificates) 2017-11-13 17:39:34 +01:00
Trevor Bentley aa3b69926b Doxygen documentation for ykpiv_util_* API. 2017-11-08 11:38:27 +01:00
Trevor Bentley 3ce4f0ccae Clean up typos, warnings, and incorrect libtool age. 2017-11-08 11:11:45 +01:00
Trevor Bentley c7549ac9cc Update .gitignore 2017-11-03 16:29:17 +01:00
Trevor Bentley 366de02ab1 Organize ykpiv.h, update NEWS file for 1.5.0 2017-11-03 16:15:13 +01:00
Trevor Bentley c6abe7ac6d Add integration test for PIN cache 2017-11-03 13:39:23 +01:00
Trevor Bentley 7818b49e7d Skip unusable integration tests when testing a NEO 2017-10-31 15:40:51 +01:00
Trevor Bentley c939cff518 Allow changing libykpiv compile-time ifdefs from CFLAGS 2017-10-31 12:34:15 +01:00
Trevor Bentley 252226220a Disable ensure_application_selected() by default, since it breaks PIN policy. 2017-10-31 12:29:16 +01:00
Trevor Bentley 4eb6f1b193 Fix build on Linux
Signed-off-by: Trevor Bentley <trevor@yubico.com>
2017-10-26 17:03:35 +02:00
Dave Pate 999312e6b5 api: use uintptr_t for architecture specific handle sizes 2017-10-26 14:09:09 +02:00
Trevor Bentley a7eb0657f1 Fix compile time warnings about -no-install on Darwin/clang 2017-10-26 12:37:05 +02:00
Trevor Bentley 05ac49abbb Suppress sscanf_s error on Windows 2017-10-25 16:19:13 +02:00
Trevor Bentley edda816abe Remove accidental printf 2017-10-25 16:18:53 +02:00
Trevor Bentley c2f86d0a0f Move YK4 insecure on-chip key generation prevention from yubico-piv-tool to libykpiv 2017-10-24 15:59:44 +02:00
Trevor Bentley 15f533d7de Move hardware tests to "make hwtest", with one warning for all test suites.
- "make check" will mark destructive tests as skipped
- "make hwtest" will ask once for user confirmation
2017-10-24 15:10:45 +02:00
Trevor Bentley 4c9004feeb Remove artifact from rebase (bad local variable) 2017-10-23 16:28:57 +02:00
Trevor Bentley 4dffc0fa6a Bump libykpiv version to 1.5.0 2017-10-23 16:27:09 +02:00
Trevor Bentley b3cbfb5560 Some documentation and cleanup of ykpiv.h 2017-10-23 16:26:25 +02:00
Trevor Bentley 58abe404f3 Generate Doxygen docs for libykpiv if doxygen is available. 2017-10-23 16:26:23 +02:00
Trevor Bentley 935e05485a Use openssl implementation of DES_is_weak_key on non-Windows, and add unit test. 2017-10-23 16:26:20 +02:00
Trevor Bentley 27933eaff8 Fix applet selection for whole public API. 2017-10-23 16:26:17 +02:00
Trevor Bentley c07355fefb Fix unit tests for NEO: use ECCP256 and detect attestation errors 2017-10-23 16:26:14 +02:00
Trevor Bentley 7177ceda74 Extra attempts for PIN/PUK block in unit test 2017-10-23 16:26:11 +02:00
Trevor Bentley aa293dcc31 Fix PIN length handling in ykpiv_verify*() 2017-10-23 16:26:08 +02:00
Trevor Bentley de065ae36e Rename util.c test suite to api.c 2017-10-23 16:26:05 +02:00
Trevor Bentley f903a432e3 Backport minidriver changes
* Port ykpiv_auth_getchallenge and ykpiv_auth_verifyresponse
 - Commit 8fde607b50b19c57a662c53c6b276b54a78606d8
 - Commit 6046b98e477cfef59a590ce2177336d694813e7e
 - Commit 422cea11745dc67d15039e242ed21ecb5208ae55
 - Commit 1d31647e5a27bd2df6bda76512c7d673980f0bec
* Rename connect2() and done2() to connect_with_external_card(), etc.
* Select applet in ykpiv_change_pin, change_puk, and unblock_pin
2017-10-23 16:26:02 +02:00
Trevor Bentley ef81054dc2 Add automated tests for yubico-piv-tool CLI (hw-tests only) 2017-10-23 16:25:59 +02:00
Trevor Bentley 9a7ccf48fa Fix all clang scan-build warnings 2017-10-23 16:25:56 +02:00
Trevor Bentley 90209997cc Unit test for ykpiv_attest() 2017-10-23 16:25:53 +02:00
Trevor Bentley 5291bc4a63 Fix issue #123 - specify text/binary mode for open files 2017-10-23 16:25:50 +02:00
Trevor Bentley 79464a3d3e Use slot enum consistently. Move slot->object translation into libykpiv. 2017-10-23 16:25:47 +02:00
Trevor Bentley 2e818dd914 Add ykpiv_util_(get/set)_cccid(), and use in yubico-piv-tool 2017-10-23 16:25:44 +02:00
Trevor Bentley 13e02f998d Fix ykpiv_attest slot argument name 2017-10-23 16:25:41 +02:00
Trevor Bentley f6b817f056 Add ykpiv_attest() and use it in yubico-piv-tool 2017-10-23 16:25:38 +02:00
Trevor Bentley 248980fe27 yubico-piv-tool: use ykpiv_util_read_cert 2017-10-23 16:25:35 +02:00
Trevor Bentley 3bca63c39c yubico-piv-tool: use ykpiv_util_delete_cert 2017-10-23 16:25:32 +02:00
Trevor Bentley ded78751a0 Add gzip support to ykpiv_util_import_certificate(), and use in yubico-piv-tool 2017-10-23 16:25:20 +02:00
Trevor Bentley 8135a55200 yubico-piv-tool: Switch to ykpiv_set_pin_retries() 2017-10-23 16:25:17 +02:00
Trevor Bentley ec8e2786e6 yubico-piv-tool: use ykpiv_util_reset() 2017-10-23 16:25:13 +02:00
Trevor Bentley 12f35b8884 yubico-piv-tool: use util function for key generation 2017-10-23 16:25:10 +02:00
Trevor Bentley 48c2b8e99c Move shared functionality from util.c to internal.h 2017-10-23 16:22:34 +02:00
Trevor Bentley dfd2a9ef92 Cleanup compiler warnings, and switch to cross-platform data types 2017-10-23 16:22:31 +02:00
Trevor Bentley 97ecb75dd4 Cleanup function names. Make PIN cache optional. 2017-10-23 16:22:27 +02:00
Trevor Bentley a8b2c2c1c4 Fix DES bugs in Linux. Windows+Linux both pass unit tests. 2017-10-23 16:22:24 +02:00