Klas Lindfors
73585f2416
use unsigned long for len
2015-12-17 09:55:20 +01:00
Klas Lindfors
a143c6d67d
remove the util function dump_hex() in favor of dump_data()
2015-12-15 10:27:54 +01:00
Klas Lindfors
30cc13aaff
add format for read/write object as hex/base64/binary
...
relates #31
2015-12-15 10:22:11 +01:00
Klas Lindfors
a4ee5725b8
add generic write and read object actions for the tool
...
this take in/out hex dump of the data
2015-12-14 10:55:32 +01:00
Mikhail Denisenko
6042a2140e
Implemented C_SetPIN
2015-12-11 13:23:38 -05:00
Klas Lindfors
e7d53ceb45
fix an old overflow bug
...
we need to do 8 - new_len, not 16 - new_len which overflows the indata
buffer
2015-12-08 14:12:29 +01:00
Klas Lindfors
a1d6007375
increase buffer sizes when building the status view
...
otherwise data buffer will be to small after loading a big certificate
2015-12-07 19:53:43 +01:00
Klas Lindfors
ebbb002068
don't overfill the buffer on cert import
2015-12-07 09:24:19 +01:00
Klas Lindfors
baae5fa464
difference between CHUID and CCC in success message.
2015-12-03 14:53:10 +01:00
Klas Lindfors
70e181a860
add a new action set-ccc
...
change aroudn so set_chuid() becomes set_dataobject() and a bit more
generic
fixes #33
2015-12-03 08:18:27 +01:00
Alessio Di Mauro
0a93217dbc
Minor fix.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
4849e494be
Add retired key definitions to libykpiv.
...
Include retired keys in import_key's check.
2015-11-20 15:44:19 +01:00
Alessio Di Mauro
3b81112aeb
Change behavior of yubico-piv-tool -a status.
...
Status only prints information from populated slots. Additionally,
it is possible to explicitly choose a single slot and only print
information reagarding it.
2015-11-20 15:44:19 +01:00
Klas Lindfors
ed38b96fe4
raise buffer sizes and remove a miss-leading error
2015-11-20 13:14:55 +01:00
Alessio Di Mauro
113c3e0b98
Whitespace cleanup.
2015-11-20 12:03:02 +01:00
Alessio Di Mauro
abc94bc62a
Refactor yubico-piv-tool to use import_private_key from libykpiv.
2015-11-20 11:49:30 +01:00
Alessio Di Mauro
d38df01c6c
Change applet to application.
2015-11-06 13:14:52 +01:00
Klas Lindfors
f46a4713bd
Merge branch 'master' into development
2015-10-28 16:08:00 +01:00
Klas Lindfors
f558983577
add an error print for failing set-pin-retries
2015-10-28 16:07:18 +01:00
Klas Lindfors
e4059a5995
Merge branch 'master' into development
...
Conflicts:
NEWS
configure.ac
2015-10-20 20:48:57 +02:00
Klas Lindfors
777b40b3c2
read key from stdin if no key is given as argument
2015-10-09 11:14:58 +02:00
Alessio Di Mauro
17ebced2e6
Mask more one pin change.
2015-09-24 14:20:25 +02:00
Klas Lindfors
809e0ebdb7
use in, not signinput to actually sign anything in the ecc case
2015-09-18 11:05:15 +02:00
Klas Lindfors
d30f6fc781
unblock-pin shouldn't tell you new puk
2015-09-16 14:32:30 +02:00
Klas Lindfors
49eab7dbfa
drop ykpiv_sign_data2() and change ykpiv_sign_data() to not pad
2015-09-08 15:29:10 +02:00
Klas Lindfors
8eb7595d42
add list-readers action to tool
...
also refactor ykpiv_list_readers() a bit
2015-09-08 12:26:42 +02:00
Klas Lindfors
b770155cbb
Merge branch 'devel/p384' into ykcs11
...
Conflicts:
NEWS
configure.ac
lib/ykpiv.c
lib/ykpiv.h
tool/util.c
tool/util.h
2015-09-07 14:32:37 +02:00
Steffan Karger
723fe2f405
Query for PIN/PUK/mgmt-key if not supplied on command line
...
Do not force a user to specify the PIN/PUK/mgmt-key on the command line.
Instead, query the user to supply them through stdin when required for
the requested operation. This is both more user friendly and more
secure, since the secrets do not end up in the shell history and/or
visible to shoulder-surfers on the terminal.
Signed-off-by: Steffan Karger <steffan@karger.me >
2015-08-12 23:05:44 +02:00
Klas Lindfors
8ece5ed26e
drop unused variable
...
found with clang scan-build
2015-07-09 11:03:11 +02:00
Klas Lindfors
2e91cd0f5b
Merge branch 'master' into devel/p384
2015-07-08 15:09:11 +02:00
Klas Lindfors
3b080dca45
relicense to 2-clause BSD license
2015-07-01 16:34:20 +02:00
Klas Lindfors
80e6fe525a
change IS_XXKEY macros to be YKPIV_IS_XX
2015-06-30 07:33:39 +02:00
Klas Lindfors
f43c5781b9
fix indentation
2015-06-26 13:00:21 +02:00
Klas Lindfors
6f5870d884
better errors for fail on pin-policy and touch-policy
2015-06-25 12:37:06 +02:00
Klas Lindfors
600b302c1d
add touch for set-mgm-key
2015-06-25 12:32:01 +02:00
Klas Lindfors
ca6a355b5d
add touch tlv for generate and import-key
2015-06-25 12:04:05 +02:00
Klas Lindfors
be8f37924d
pin policy code for generate and import-key
2015-06-24 15:25:59 +02:00
Klas Lindfors
bc27d98bf7
better errors for generate on non-supported algorithm or slot
2015-06-24 13:22:02 +02:00
Klas Lindfors
c2621960a9
use IS_RSAKEY and IS_ECKEY macros, fix minor stuff for ECCP384
2015-06-24 13:06:00 +02:00
Klas Lindfors
d06852959c
add sha384 hash and refactor some common patterns
2015-06-24 13:06:00 +02:00
Klas Lindfors
f17d09f19c
start adding secp384r1
2015-06-24 13:06:00 +02:00
Klas Lindfors
6b4b3001c4
verify that e is 0x10001 on import
...
fixes #13
2015-06-23 14:28:44 +02:00
Klas Lindfors
18e057e58c
let RSA_public_encrypt() do the PKCS1 padding
...
noteworthy is that it will do pkcs1 type 2 padding
2015-05-19 15:11:30 +02:00
Klas Lindfors
3d0ff7b969
add a test-decipher command
...
test-decipher will for rsa do public encrypt on a random string and let
the key decrypt
for ec it will generate a new ec key and do ecdh and confirm it gets the
same answer back
2015-05-19 14:22:26 +02:00
Klas Lindfors
8ce4ab4997
add newline at end of output
2015-05-08 13:49:32 +02:00
Klas Lindfors
a9c8cb9fd3
drop openssl/err.h again
2015-03-20 14:17:51 +01:00
Klas Lindfors
9db6d3d45a
replace EVP_MD_CTX_verify() stuff with RSA_verify()/ECDSA_verify()
...
since the EVP_MD_CTX stuff doesn't seem to exist on osx at all.
2015-03-20 14:04:26 +01:00
Klas Lindfors
f204987941
add a test-signature action
...
that takes a certificate in and does a signature with the given slot,
then verifying that signature with the given certificate.
2015-03-20 10:04:58 +01:00
Klas Lindfors
b1cda2ffce
add missing }
...
that's why you should always build before push..
2015-03-19 15:52:20 +01:00
Klas Lindfors
da1f61f23a
move up validation of pin-retries parameters
2015-03-19 14:54:23 +01:00