Dave Pate
a10ab1ace5
lib: correct zero memory defines, correct overflow checks in _write_certificate
2019-04-03 09:46:27 +02:00
Dave Pate
28189201a4
lib: use secure zero memory platform functions
2019-04-03 09:45:49 +02:00
Dave Pate
2e72c8f85c
lib: resolves potential reads of uninitialized data
2019-04-03 09:45:44 +02:00
Stacey Sheldon
811ddbb22d
CHUID: fix the encoding of the FASC-N data element in the CHUID
...
This is the hard-coded FASC-N field being used by yubico-piv-tool
[9999-9999-999999-0-1-0000000000300001]
S9999F9999F999999F0F1F0000000000300001E
It should be encoded as this sequence of 5-bit values
11010 (SS)
10011 10011 10011 10011 (9999)
10110 (FS)
10011 10011 10011 10011 (9999)
10110 (FS)
10011 10011 10011 10011 10011 10011 (999999)
10110 (FS)
00001 (0)
10110 (FS)
10000 (1)
10110 (FS)
00001 00001 00001 00001 00001 00001 00001 00001 00001 00001 (0000000000)
11001 (3)
00001 00001 00001 00001 (0000)
10000 (1)
11111 (ES)
01011 (LRC)
This packs into this 25-byte (200-bit) sequence of hex bytes:
d4 e7 39 da 73 9c ed 39 ce 73 9d 83 68 58 21 08
42 10 84 21 c8 42 10 c3 eb
2019-01-01 01:43:51 -05:00
Dave Pate
cbd5ba5122
libykpiv/piv-tool 1.6.3
...
lib: promote get_serial to base API
lib: add ykpiv_get_serial to external API
tool: add serial number/version to status command
build: fix msvc build of case insensitive-reader (missing strncasecmp and cast warnings)
lib: consolidate neo/yk4 + yk5 serial number routines
lib: fix GCC 8 compilier warnings
lib: reimplement deauthenticate to select mgmt aid
build: disable -Waggregate-return
lib: fix warning differences between gcc and msvc
lib: add option to disable implicit card transactions
lib: remove application reselect prior to crypt operations
build: fix msvc warnings wrt length checking logic fixes
lib: fix error condition logic in untransacted internal functions
lib: create internal transactionless ykpiv_transfer_data
2018-09-14 14:29:39 -07:00
Jakub Jelen
d613b42b0c
Avoid unused variables and warnings when building against OpenSSL 1.1
2018-08-08 16:12:25 +02:00
Dave Pate
775eaacc9f
Merge upstream master commits
2018-03-05 11:32:25 -08:00
Jakub Jelen
dfca8e2e55
Remove unused variables
2018-02-27 15:40:31 +01:00
Dave Pate
289896ac61
Add syslog/windows event log output
...
Read multistage configuration
Update ROCA mitigation check and warnings
2018-02-09 08:28:51 -08:00
Trevor Bentley
3ce4f0ccae
Clean up typos, warnings, and incorrect libtool age.
2017-11-08 11:11:45 +01:00
Trevor Bentley
252226220a
Disable ensure_application_selected() by default, since it breaks PIN policy.
2017-10-31 12:29:16 +01:00
Trevor Bentley
05ac49abbb
Suppress sscanf_s error on Windows
2017-10-25 16:19:13 +02:00
Trevor Bentley
edda816abe
Remove accidental printf
2017-10-25 16:18:53 +02:00
Trevor Bentley
c2f86d0a0f
Move YK4 insecure on-chip key generation prevention from yubico-piv-tool to libykpiv
2017-10-24 15:59:44 +02:00
Trevor Bentley
27933eaff8
Fix applet selection for whole public API.
2017-10-23 16:26:17 +02:00
Trevor Bentley
f903a432e3
Backport minidriver changes
...
* Port ykpiv_auth_getchallenge and ykpiv_auth_verifyresponse
- Commit 8fde607b50b19c57a662c53c6b276b54a78606d8
- Commit 6046b98e477cfef59a590ce2177336d694813e7e
- Commit 422cea11745dc67d15039e242ed21ecb5208ae55
- Commit 1d31647e5a27bd2df6bda76512c7d673980f0bec
* Rename connect2() and done2() to connect_with_external_card(), etc.
* Select applet in ykpiv_change_pin, change_puk, and unblock_pin
2017-10-23 16:26:02 +02:00
Trevor Bentley
79464a3d3e
Use slot enum consistently. Move slot->object translation into libykpiv.
2017-10-23 16:25:47 +02:00
Trevor Bentley
2e818dd914
Add ykpiv_util_(get/set)_cccid(), and use in yubico-piv-tool
2017-10-23 16:25:44 +02:00
Trevor Bentley
ded78751a0
Add gzip support to ykpiv_util_import_certificate(), and use in yubico-piv-tool
2017-10-23 16:25:20 +02:00
Trevor Bentley
48c2b8e99c
Move shared functionality from util.c to internal.h
2017-10-23 16:22:34 +02:00
Trevor Bentley
dfd2a9ef92
Cleanup compiler warnings, and switch to cross-platform data types
2017-10-23 16:22:31 +02:00
Trevor Bentley
a8b2c2c1c4
Fix DES bugs in Linux. Windows+Linux both pass unit tests.
2017-10-23 16:22:24 +02:00
Trevor Bentley
fb00baf672
Backport from minidriver:
...
commit 90020fea0ac34b2f98b68a5798fa85cb5ad12175 (tag: 3.2)
Author: Dave Pate <dpate@yubico.com >
Date: Thu Jul 27 00:31:54 2017 -0700
Release 3.2
Adds automatic PUK blocking
Adds feature to turn automatic PUK blocking off
Miscellaneous fixes with metadata handling
2017-10-23 16:22:21 +02:00
Trevor Bentley
06f2e777ba
Backport from minidriver: 11788a4a36bf83a01104700f171774336086e9b4
...
commit 11788a4a36bf83a01104700f171774336086e9b4
Author: Dave Pate <dpate@yubico.com >
Date: Tue Jul 18 18:28:48 2017 -0700
Fixes #114 - jump to cleanup section in ykpiv_util_write_mscmap on invalid size
2017-10-23 16:22:18 +02:00
Trevor Bentley
2ea0e4cbdd
Port custom allocator from minidriver, and add test case for it.
2017-10-23 16:22:08 +02:00
Trevor Bentley
bfafb926a3
Added tests for authenticate and reset. Fixed bug in reset (always returned success).
2017-10-23 16:22:04 +02:00
Trevor Bentley
6c5d5545bf
WIP port minidriver ykpiv_util_* functions
2017-10-23 16:21:57 +02:00