Jack Grigg
d44a32453c
Write certificate TLVs into correct offsets
2019-12-15 10:33:01 +00:00
Carl Wallace
220c045dcb
move print cert info into new CLI project
2019-12-14 13:27:54 -05:00
Tony Arcieri
6174b62a77
Merge pull request #78 from iqlusioninc/dependabot/cargo/secrecy-0.6.0
...
Bump secrecy from 0.5.1 to 0.6.0
2019-12-13 06:02:56 -08:00
dependabot-preview[bot]
36408ac658
Bump secrecy from 0.5.1 to 0.6.0
...
Bumps [secrecy](https://github.com/iqlusioninc/crates ) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/iqlusioninc/crates/releases )
- [Commits](https://github.com/iqlusioninc/crates/compare/secrecy/v0.5.1...secrecy/v0.6.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-13 13:45:51 +00:00
Tony Arcieri
16a9a1a2c6
Merge pull request #77 from iqlusioninc/dependabot/cargo/elliptic-curve-0.2.0
...
Bump elliptic-curve from 0.1.0 to 0.2.0
2019-12-12 06:25:10 -08:00
dependabot-preview[bot]
cee7f1cef8
Bump elliptic-curve from 0.1.0 to 0.2.0
...
Bumps [elliptic-curve](https://github.com/RustCrypto/signatures ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/RustCrypto/signatures/releases )
- [Commits](https://github.com/RustCrypto/signatures/compare/elliptic-curve/v0.1.0...elliptic-curve/v0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-12 13:49:12 +00:00
Tony Arcieri
cb104f3df6
Merge pull request #76 from iqlusioninc/dependabot/cargo/rsa-0.2.0
...
Bump rsa from 0.1.4 to 0.2.0
2019-12-11 05:43:08 -08:00
dependabot-preview[bot]
ac338cf17a
Bump rsa from 0.1.4 to 0.2.0
...
Bumps [rsa](https://github.com/RustCrypto/RSA ) from 0.1.4 to 0.2.0.
- [Release notes](https://github.com/RustCrypto/RSA/releases )
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/release.toml )
- [Commits](https://github.com/RustCrypto/RSA/compare/0.1.4...0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-11 13:34:30 +00:00
Tony Arcieri
a8ea3ec8b7
Merge pull request #75 from str4d/cert-gen-prep
...
Preparatory work for certificate generation
2019-12-10 18:57:25 -08:00
Jack Grigg
d113c1f4b9
impl<'a> TryFrom<&'a [u8]> for Certificate
2019-12-11 02:44:40 +00:00
Jack Grigg
2eff313064
Fix bug in key::generate and document weirdness
...
Bug was introduced in #73 when starting offsets were overlooked. Digging
into why they were there led to uncovering the weird not-quite-ASN.1
format that the YubiKey returns generated pubkeys in.
2019-12-11 02:26:23 +00:00
Jack Grigg
41b10d1f23
Convert certificate info into an enum
2019-12-11 02:21:49 +00:00
Jack Grigg
4c2ecea721
Replace GeneratedKey with PublicKeyInfo
2019-12-11 00:31:31 +00:00
Jack Grigg
e73607e662
Rename Certificate::new to Certificate::from_bytes
2019-12-11 00:30:39 +00:00
Tony Arcieri
17839da94f
Merge pull request #74 from iqlusioninc/cli/reader-name
...
cli: print reader name as part of `status` command
2019-12-10 09:20:50 -08:00
Tony Arcieri
08897ec7c9
cli: print reader name as part of status command
2019-12-10 08:43:33 -08:00
Tony Arcieri
26c777b6ec
Merge pull request #73 from str4d/tlv-extraction
...
TLV extraction
2019-12-10 08:21:42 -08:00
Jack Grigg
1bf3b13e52
Add missing untested feature gates
2019-12-10 13:31:48 +00:00
Jack Grigg
8385dda201
Check buffer length in set_length
2019-12-10 13:22:21 +00:00
Jack Grigg
363bdc4351
Extract TLV writing into serialization::Tlv
2019-12-10 13:17:01 +00:00
Jack Grigg
da828abe3c
Extract TLV parsing into serialization::Tlv
2019-12-10 13:14:39 +00:00
Tony Arcieri
339fb69e30
Merge pull request #72 from iqlusioninc/status-command
...
cli: add `status` command
2019-12-09 19:29:07 -08:00
Tony Arcieri
78d5f33695
cli: add status command
...
Provides equivalent functionality to `yubico-piv-tool`
2019-12-09 18:00:34 -08:00
Tony Arcieri
283e6fe363
Merge pull request #71 from iqlusioninc/cli/rename-list-to-readers-improve-usage
...
cli: rename 'list' command to 'readers'; improve usage
2019-12-09 09:51:34 -08:00
Tony Arcieri
55d077dd80
cli: rename 'list' command to 'readers'; improve usage
...
There are going to be several `list` commands (e.g. `yubikey keys list`)
so this is a confusing name.
If we need more than one `readers` subcommand we can change this to be
`readers list` eventually.
Separately (in what probably should've been its own commit, mea culpa)
this adds slightly better usage.
2019-12-09 09:39:24 -08:00
Tony Arcieri
fd77ba6e74
Merge pull request #70 from carl-wallace/develop
...
add try_from String for SlotIds in support of CLI
2019-12-09 07:55:02 -08:00
Carl Wallace
855f2ecb24
add try_from String for SlotIds in support of CLI
2019-12-08 19:25:27 -05:00
Tony Arcieri
6436d9afcb
Merge pull request #69 from iqlusioninc/open-by-serial
...
yubikey: add `open_by_serial` method
2019-12-08 12:58:40 -08:00
Tony Arcieri
4663cffb96
yubikey: add open_by_serial method
...
Support for opening a `YubiKey` with a specific serial number.
2019-12-08 12:12:03 -08:00
Tony Arcieri
fb7e95e6d1
Merge pull request #68 from iqlusioninc/rename-container-module-to-mscmap
...
Rename `container` module to `mscmap`
2019-12-08 10:40:01 -08:00
Tony Arcieri
0a100acdd2
Rename container module to mscmap
...
Better reflects what it actually is.
2019-12-08 10:01:00 -08:00
Tony Arcieri
39a81fc300
Merge pull request #67 from iqlusioninc/eliminate-consts-module
...
Finish eliminating `consts` module
2019-12-08 09:43:11 -08:00
Tony Arcieri
31efd4e78c
Finish eliminating consts module
...
Either moves constants into their relevant modules, or puts the
remaining ones into `lib.rs`
2019-12-08 09:32:57 -08:00
Tony Arcieri
86b8c6a6db
Merge pull request #66 from iqlusioninc/tame-consts
...
consts: Whittle down to the essentials
2019-12-08 08:51:51 -08:00
Tony Arcieri
104020d518
consts: Whittle down to the essentials
...
This factors the junk drawer of constants into the relevant files.
There are still a few "global" ones left but they can be addressed in a
followup commit.
2019-12-08 08:39:21 -08:00
Tony Arcieri
4dfac56753
Merge pull request #65 from iqlusioninc/cccid-chuid-tests-and-cleanups
...
CCCID/CHUID tests and cleanups
2019-12-07 13:33:28 -08:00
Tony Arcieri
9482ae62ab
CCCID/CHUID: add basic tests and do some cleanups
...
- Adds tests for CCCID/CHUID, allowing not found (is that ok?)
- Move constants under their respective modules and remove `YKPIV_`
2019-12-07 13:09:38 -08:00
Tony Arcieri
2587a4ac1e
CCCID/CHUID refactoring
...
- Move generate methods to the appropriate static types
- Remove redundant name prefixes (Rust [RFC#356])
[RFC#356]: https://github.com/rust-lang/rfcs/pull/356
2019-12-07 12:39:52 -08:00
Tony Arcieri
3cf3c0867f
Merge pull request #49 from carl-wallace/develop
...
change ccid handling to target entire CCC object
2019-12-07 12:10:44 -08:00
Tony Arcieri
b2f11f5058
Merge pull request #64 from iqlusioninc/config-tests
...
Test `Config::get`
2019-12-07 12:10:24 -08:00
Tony Arcieri
cdecfd92dd
Test Config::get
...
Tests reading configuration from a live device:
Config { protected_data_available: false, puk_blocked: false, puk_noblock_on_upgrade: false, pin_last_changed: 0, mgm_type: Manual }
2019-12-07 11:47:07 -08:00
Tony Arcieri
509c438330
Merge pull request #63 from iqlusioninc/drop-neo-support
...
Drop YubiKey NEO support (closes #18 )
2019-12-07 11:32:10 -08:00
Tony Arcieri
f6915ce5df
Drop YubiKey NEO support ( closes #18 )
...
YubiKey NEOs are legacy YubiKey devices, most of which contain
unpatchable security vulnerabilities.
They have smaller buffer sizes than YK4 and YK5, which necessitates a
whole bunch of conditional gating and buffer size calculations.
Getting rid of them simplifies this logic and allows us to assume
consistent buffer sizes everywhere.
We never tested on NEOs anyway, and looking at the deleted code it seems
it may have been miscalculating the NEO's buffer size!
If someone *really* wants to support NEOs, it shouldn't be that hard to
restore, but the codebase is definitely cleaner without it.
2019-12-07 11:22:51 -08:00
Tony Arcieri
962089dbf8
Merge pull request #62 from iqlusioninc/keys/move-import-and-attest
...
Move `import` and `attest` to the `key` module
2019-12-07 10:47:44 -08:00
Tony Arcieri
d6cd0130d3
Move sign/decrypt/import/attest to the key module
...
These are crypto key-related functions and are better factored under
this module.
2019-12-07 10:39:02 -08:00
Tony Arcieri
7d01dba11d
Merge pull request #61 from iqlusioninc/test-listing-keys
...
Test `Key::list`
2019-12-07 10:19:43 -08:00
Tony Arcieri
d1d384d304
Test Key::list
...
Adds a live-against-the-device test which ensures keys can be
successfully listed.
2019-12-07 10:09:56 -08:00
Tony Arcieri
cb9d5221b2
Merge pull request #60 from iqlusioninc/test-verify-pin
...
Test YubiKey::verify_pin (--ignored)
2019-12-07 08:52:09 -08:00
Tony Arcieri
c30cf5b83a
Test YubiKey::verify_pin (--ignored)
...
Adds an off-by-default test that the `YubiKey::verify_pin` function
works, and removes it from `untested` gating.
2019-12-07 08:44:12 -08:00
Tony Arcieri
3c88f1be13
Merge pull request #59 from str4d/elliptic-curve
...
Switch to elliptic-curve crate
2019-12-07 08:03:07 -08:00