Tony Arcieri
8e1469cff6
Merge pull request #51 from iqlusioninc/readers
...
readers: Initial `Readers` enumerator for detecting YubiKeys
2019-12-02 10:20:04 -08:00
Tony Arcieri
9ce2ffe938
readers: Use Reader to connect to YubiKey
...
Removes the legacy API inherited from `yubico-piv-tool` and uses
the `reader` module exclusively for selecting and opening the PC/SC
reader.
2019-12-02 10:11:58 -08:00
Tony Arcieri
589ca3de12
readers: Initial Readers enumerator for detecting YubiKeys
...
Adds a `yubikey_piv::Readers` type which opens a PC/SC context and can
enumerate detected PC/SC readers with a slightly more ergonomic API than
what's provided in the upstream crate.
Does not support actually instantiating a `YubiKey` from a `Reader<'_>`
yet, but ideally all connections to YubiKeys should go through this API.
2019-12-02 09:32:42 -08:00
Tony Arcieri
ae071e706c
Merge pull request #45 from str4d/certificate-parsing
...
Certificate parsing
2019-12-01 11:17:49 -08:00
Jack Grigg
cd704c28d7
Extract OID strings as constants
2019-12-01 18:42:12 +00:00
Jack Grigg
3a283aca40
Use ecdsa crate for EC point representations
2019-12-01 18:23:57 +00:00
Jack Grigg
e72ee5c60e
Parse EC public keys within certificates
2019-12-01 16:54:22 +00:00
Jack Grigg
9ee1494c6f
Parse RSA public keys within certificates
2019-12-01 16:09:59 +00:00
Jack Grigg
d3e565ef55
Derive PartialEq for SlotId
2019-12-01 15:35:00 +00:00
Tony Arcieri
2bdeca0069
Merge pull request #44 from str4d/more-enums
...
Convert SlotId and AlgorithmId into enums
2019-11-30 14:28:36 -08:00
Jack Grigg
bc95d8b7b9
Delete unnecessary commented-out code
...
We will handle the CardManagement slot separately.
2019-11-30 22:18:31 +00:00
Jack Grigg
11c93d6421
Inline SlotId constants
2019-11-30 22:01:22 +00:00
Jack Grigg
afca0fec0a
Convert AlgorithmId into an enum
...
3DES also has an algorithm ID, but it is completely disjoint from the
key algorithms, and can be handled separately later.
2019-11-30 20:47:37 +00:00
Tony Arcieri
c8837d485f
Merge pull request #43 from iqlusioninc/pin-secrecy
...
Use `secrecy` crate for storing `CachedPin`
2019-11-30 12:39:33 -08:00
Jack Grigg
12b5bd1e3c
Convert SlotId into an enum
2019-11-30 20:15:16 +00:00
Jack Grigg
c3698dcffb
Key::list: Skip Certificate::new for empty buffers
...
This matches the C code behaviour.
2019-11-30 20:15:12 +00:00
Tony Arcieri
6a16c59567
Use secrecy crate for storing CachedPin
...
The `SecretVec` type automatically handles zeroing and may prevent
accidental exposure of the cached PIN via `Debug`.
2019-11-30 12:11:53 -08:00
Tony Arcieri
8e38cf6c4e
Merge pull request #42 from carl-wallace/develop
...
Change CHUID struct to hold complete CHUID value. Add getters for sub components. Add additional consts to support this. Modified CCCID struct to be public (as prelude to similar treatment).
2019-11-30 11:44:51 -08:00
Tony Arcieri
ac665f9ec9
Merge pull request #40 from str4d/pin-fixups
...
PIN fixups
2019-11-30 11:43:35 -08:00
Carl Wallace
77302af21e
address formatting per cargo fmt
2019-11-30 14:22:33 -05:00
Carl Wallace
78288b4200
address formatting and documentation issues flagged by clippy
2019-11-30 14:13:34 -05:00
Jack Grigg
a61a6fd94b
Define more YubiKey-recognized status words
...
Recognized values sourced from https://github.com/Yubico/yubikey-manager
NotFoundError and NoSpaceError are specified in SP 800-73-4 Table 6.
2019-11-30 15:39:11 +00:00
Jack Grigg
cfef291ad9
Use u16 for raw StatusWords
2019-11-30 15:39:10 +00:00
Jack Grigg
4b5cd8dd45
Make PIN verification failure a StatusWord case
...
Retry count is now u8, as it cannot exceed 16 (being returned in the
lower half of SW2).
2019-11-30 15:39:09 +00:00
Jack Grigg
9fe363661e
verify_pin: Don't set APDU data for empty PIN
2019-11-30 15:16:15 +00:00
Tony Arcieri
4af95edc74
Merge pull request #39 from iqlusioninc/safety-dance-and-other-readme-badge-fixups
...
Add #![forbid(unsafe_code)]; fix up README.md badges and links
2019-11-29 10:18:25 -08:00
Tony Arcieri
7f3d821df2
Add #![forbid(unsafe_code)]; fix up README.md badges and links
...
- Forbids unsafe code
- Adds a "Safety Dance" badge
- Fixes the GitHub Actions status badge
- Fixes up links that changed with the move to `iqlusioninc` org
2019-11-29 10:06:52 -08:00
Tony Arcieri
2f963a15d0
Merge pull request #37 from str4d/safety-rails
...
Safety rails
2019-11-29 09:56:54 -08:00
Carl Wallace
4210571da3
Change CHUID struct to hold complete CHUID value. Add getters for subcomponents. Add additional consts to support this. Modified CCCID struct to be public (as prelude to similar treatment).
2019-11-29 09:31:24 -05:00
Jack Grigg
1db929c10f
Mark excluded nested match branches as unreachable
2019-11-29 00:09:08 +00:00
Jack Grigg
8240575bb4
Rewrite YubiKey::import_private_key without unsafe
2019-11-28 23:44:16 +00:00
Jack Grigg
1935216cf3
Rewrite MsRoots::read without unsafe
2019-11-28 23:43:02 +00:00
Jack Grigg
7c08674fac
Use slice::copy_within in metadata::read
2019-11-28 23:43:01 +00:00
Jack Grigg
8b86a0f578
Rewrite metadata::get_item without unsafe
2019-11-28 23:42:55 +00:00
Jack Grigg
bd5669d9ef
Rewrite metadata::set_item without unsafe
...
Also re-introduces some comments that were lost during corrosion.
2019-11-28 23:06:09 +00:00
Jack Grigg
afb6a9479e
Use slice::copy_within in read_certificate
2019-11-28 23:03:11 +00:00
Jack Grigg
48d0a2ab04
Use slice::copy_from_slice in Transaction::change_pin
2019-11-28 23:02:33 +00:00
Tony Arcieri
82b4bbb35d
Merge pull request #36 from carl-wallace/develop
...
Make anonymous CHUID struct public, remove spurious subtraction of two bytes in transfer_data
2019-11-27 12:37:06 -08:00
Carl Wallace
13b350f822
change length comparison to is_empty check per clippy
2019-11-27 15:26:13 -05:00
Carl Wallace
0f1ef2f519
Make anonymous field of CHUID struct public. Remove spurious -2 instances inside Transaction::transfer_data (the Response object is already eating the status words)
2019-11-27 15:09:53 -05:00
Tony Arcieri
d799e9c35b
Merge pull request #34 from tarcieri/have-encrypt-sign-return-buffer
...
Have `sign_data` and `decrypt_data` return a `Buffer`
2019-11-26 11:21:38 -08:00
Tony Arcieri
5bf27f5422
Have sign_data and decrypt_data return a Buffer
2019-11-26 11:06:11 -08:00
Tony Arcieri
ecea0081b5
Merge pull request #33 from tarcieri/ins-enum
...
`Ins` (APDU instruction codes) enum
2019-11-26 10:05:35 -08:00
Tony Arcieri
debde6e765
Ins (APDU instruction codes) enum
...
Converts a bag of constant values (`YKPIV_INS_*`) into an enum
representing APDU instruction codes (a.k.a. `ins`).
Among other things, this makes the `Debug` output for `APDU` more human
meaningful, since it can print a text label for the instruction rather
than a code number, which is helpful in trace debugging.
2019-11-26 09:52:19 -08:00
Tony Arcieri
3fa5555943
Merge pull request #32 from tarcieri/factor-responses-into-apdu-module
...
Factor `Response` into `apdu` module; improved debugging
2019-11-26 09:26:55 -08:00
Tony Arcieri
d3af2f2d80
Factor Response into apdu module; improved debugging
...
This commit merges the `apdu` and `response` modules: the responses are
APDU responses, and so the two are related.
This also moves the `trace` logging into the APDU type, which allows it
to display `Debug` output for APDUs and responses, which makes it easier
to understand what's going on (and will be even better once instructions
are converted into an enum so you can actually see what's happening).
2019-11-26 09:15:48 -08:00
Tony Arcieri
5fab09e54d
Merge pull request #31 from tarcieri/v0.0.2
...
v0.0.2
2019-11-25 16:59:02 -08:00
Tony Arcieri
77d9dd6e97
v0.0.2
yubikey-piv/v0.0.2
2019-11-25 15:27:04 -08:00
Tony Arcieri
aeb4e6c3fc
Merge pull request #30 from tarcieri/untested-feature
...
Add `untested` Cargo feature for untested functionality
2019-11-25 15:16:56 -08:00
Tony Arcieri
a23af7dc31
Add untested Cargo feature for untested functionality
...
This adds an `untested` feature to any functions which have not yet been
tested live against a YubiKey device (which is presently pretty much
everything).
This sets a clear expectation of what is presently supported, and
additionally documents the status in the README (and a series of GitHub
issues).
Adds a `cargo build --all-features` to GitHub Actions' `test` step in
order to make sure that `untested` functionality still compiles.
2019-11-25 15:04:32 -08:00