Commit Graph

53 Commits

Author SHA1 Message Date
Klas Lindfors 36468219c2 check length of private key components before setting
the card functions only accepts key components of correct size
so here we add 0 before if they're shorter (usually one byte shorter)
thus fixing the issue where the card returned 6f00
2014-11-12 14:08:11 +01:00
Klas Lindfors cd4fdef2f7 cast cert_len to size_t shouldn't be negative here.
gets rid of warnings about int/size_t combinations
2014-11-10 10:12:01 +01:00
Klas Lindfors c14f53dfad check that stat completes correctly 2014-11-10 10:07:35 +01:00
Klas Lindfors 4fd1cf953e Merge branch 'master' of ssh://github.com/dwmw2/yubico-piv-tool 2014-11-10 09:54:09 +01:00
Klas Lindfors 7e0fdd8f9d correct offs for CHUID_GUID_OFFS and change verbose print to CHUID
CHUID_GUID_OFFS was 28 instead of 29, leading to invalid CHUID
verbose print said "setting GUID.." changing to CHUID

patch from Doug Engert
fixes #9
2014-11-10 09:49:54 +01:00
David Woodhouse 3dce5b06e0 Add support for compressed certificates
This could be more sophisticated — it could automatically compress
certificates if they are too large, instead of expecting the user to do
so manually. But this is a good start.
2014-11-07 19:55:08 +00:00
Klas Lindfors ccf9d01027 fix broken unblock-pin action
the unblock pin action misstakenly used pin reference 0x81 (unblock)
instead of 0x80 (pin)
2014-10-29 08:09:17 +01:00
Klas Lindfors 146fa881f2 add an error message for wrong key length 2014-10-28 08:37:53 +01:00
Daniel Barnes 61b0284c6d Check if new keys being set are the correct length, since longer or shorter keys yield inconsistant results 2014-10-28 08:36:37 +01:00
Klas Lindfors b16dce294d use EVP_MD_size() instead of EVP_MD_block_size()
actually gives correct size for the digest
2014-10-02 13:28:02 +02:00
Klas Lindfors 4bc0c95c4c give errors when sign fails 2014-10-02 13:27:52 +02:00
Klas Lindfors ad335d5d0a a bit of verbosity for authentication needs 2014-10-02 13:21:43 +02:00
Klas Lindfors c8aaf1a65e don't change the action_arg pointer, add to it in place instead
this effectively reverses 931d224485
2014-10-02 13:21:08 +02:00
Klas Lindfors cfebc30f76 refactor to let request-cert and selfsign-cert use different hashes
namely sha1 and sha512 as well with sha256 as default
2014-10-02 13:15:40 +02:00
Klas Lindfors 931d224485 use temporary args_info for parsing if auth is needed 2014-10-02 13:15:39 +02:00
Klas Lindfors 7d28857388 move the signer into the standard tool
as a hidden option to discourage use
2014-10-02 13:15:39 +02:00
Klas Lindfors 98cd75f08b only authenticate with the applet if needed 2014-10-01 14:33:57 +02:00
Klas Lindfors a7d5eb9d1c start implementing signer 2014-09-26 16:00:18 +02:00
Klas Lindfors 9a1b46d5a5 set the signature algorithm again in the cert 2014-08-25 15:31:01 +02:00
Klas Lindfors b66f81b324 replace ykpiv_parse_key() with ykpiv_hex_decode() 2014-06-27 15:06:44 +02:00
Klas Lindfors ac79b0809d refactor delete action to use ykpiv_save_object() 2014-06-26 08:24:34 +02:00
Klas Lindfors 75a5cf74d2 refactor set_chuid() to use ykpiv_save_object() 2014-06-26 08:08:59 +02:00
Klas Lindfors a1c2e4e8d1 refactor writing object to it's own library function
ykpiv_save_object(), use that for writing certs
2014-06-26 08:02:44 +02:00
Klas Lindfors 1f567f62eb drop unused code from delete_cert 2014-06-25 15:44:00 +02:00
Klas Lindfors b8ecc6cda2 refactor so ykpiv_sign_data() takes size_t input 2014-06-25 15:41:20 +02:00
Klas Lindfors b0ff83ac9c refactor change_pin() to use ykpiv_transfer_data() 2014-06-25 15:36:33 +02:00
Klas Lindfors b508f8bfea refactor to ykpiv_transfer_data() for chuid setting 2014-06-25 15:28:44 +02:00
Klas Lindfors a60096addf refactor pin-retries to use ykpiv_transfer_data() 2014-06-25 15:24:40 +02:00
Klas Lindfors 28ab285d92 refactor reset to use ykpiv_transfer_data() instead 2014-06-25 15:22:04 +02:00
Klas Lindfors 1ded0f6496 set version on the selfsigned cert 2014-06-25 14:14:23 +02:00
Klas Lindfors 9b5ede8530 change around and let ykpiv_sign_data() pad 2014-06-25 10:47:32 +02:00
Klas Lindfors c5696d4b45 rework some stuff to size_t 2014-06-24 15:02:26 +02:00
Klas Lindfors a46cbc55b6 fix indentation 2014-06-24 13:58:47 +02:00
Klas Lindfors 33c71344de let util.h include cmdline.h
since it's using declarations from it..
2014-06-24 10:42:50 +02:00
Klas Lindfors 92db159c4f change internal.h to util.h 2014-06-24 10:28:45 +02:00
Klas Lindfors ab3083dc1b split out util functions from yubico-piv-tool.c 2014-06-24 09:43:27 +02:00
Klas Lindfors 31d9d0d680 add ykpiv_verify to the library 2014-06-23 09:57:10 +02:00
Klas Lindfors 052b80830a make constants for more instructions 2014-06-18 13:28:28 +02:00
Klas Lindfors 3c557ebbea use constants for algorithm ids 2014-06-18 13:21:05 +02:00
Klas Lindfors a97010d5e3 add ykpiv_get_version() function 2014-06-17 15:26:48 +02:00
Klas Lindfors 880c8a0061 move sign_data() function to library 2014-06-17 15:11:02 +02:00
Klas Lindfors 7b2fecb8fd include windows.h on windows 2014-06-17 14:28:16 +02:00
Klas Lindfors d1b2062721 add ykpiv_parse_key() 2014-06-17 10:07:49 +02:00
Klas Lindfors 01c844905a add ykpiv_set_mgmkey() 2014-06-17 09:58:55 +02:00
Klas Lindfors cb60c782f5 move authenticate to library as ykpiv_authenticate() 2014-06-17 09:34:52 +02:00
Klas Lindfors 6dcb6798e6 let the ykpiv_connect() function select as well 2014-06-17 09:34:52 +02:00
Klas Lindfors 9eb5c7fda1 drop direct PCSC dependency for the tool 2014-06-17 09:24:56 +02:00
Klas Lindfors 56bee46ed3 call ykpiv_done() before exiting 2014-06-17 09:24:56 +02:00
Klas Lindfors 7f80de659a drop verbose parameter to alot of functions
since it's stored in state now
2014-06-17 09:24:56 +02:00
Klas Lindfors fc0fac1730 drop the connect_reader() function 2014-06-17 09:24:56 +02:00