Commit Graph

159 Commits

Author SHA1 Message Date
Trevor Bentley ec8e2786e6 yubico-piv-tool: use ykpiv_util_reset() 2017-10-23 16:25:13 +02:00
Trevor Bentley 12f35b8884 yubico-piv-tool: use util function for key generation 2017-10-23 16:25:10 +02:00
Klas Lindfors cd11196535 disable rsa keygen for yubikey4 before 4.3.5
point at https://yubi.co/ysa201701/
2017-10-16 15:32:25 +02:00
Klas Lindfors e6a7517050 add a new hidden flag --stdin-input for straight stdin input 2017-04-18 13:05:27 +02:00
Klas Lindfors 621bad8acd make sure to return RSA keys with ASN1_NULL as parameter 2016-08-17 10:32:04 +02:00
Simon Josefsson 89bec1260a Improve license headers. 2016-08-12 15:30:06 +02:00
Klas Lindfors b052250a1b make certificate serial number random by default 2016-08-10 10:12:32 +02:00
Alessio Di Mauro 3f4cb12702 Add SSH export for RSA public key 2016-07-12 13:54:22 +02:00
Michael Scherer 24534bcfcf Replace magic number for status word by constants
Most come from NIST special publication 800-73-4, section 5.6,
except one which I assume to be a custom one for yubikey.
2016-05-09 09:38:37 +02:00
Klas Lindfors bbde9f91f9 Merge branch 'fix_typo' of ssh://github.com/mscherer/yubico-piv-tool into mscherer-fix_typo 2016-05-09 09:01:28 +02:00
Klas Lindfors fc5e1536ef Merge pull request #74 from mscherer/fix_constant_name
Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC
2016-05-09 08:58:39 +02:00
Klas Lindfors b712600727 Merge pull request #71 from mscherer/small_cleanup
Do not repeat the size of certdata
2016-05-09 08:57:22 +02:00
Michael Scherer ff67119447 Do not repeat the size of certdata 2016-05-05 01:11:46 +02:00
Michael Scherer 099c55e90a Fix various errors messages 2016-05-05 01:11:37 +02:00
Michael Scherer fd9a0a324d Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC 2016-05-05 01:11:33 +02:00
Michael Scherer 6e4266c886 Add YKPIV_ALGO_TAG
Replace the magic constant 0x80 when sending a packet to the key
2016-05-05 01:11:18 +02:00
Klas Lindfors ebf31d73f8 Merge branch 'attestation2' 2016-05-03 09:24:14 +02:00
Klas Lindfors b1139a516b don't continue processing after list-readers action
it fell through into write-object
2016-04-22 09:41:41 +02:00
Klas Lindfors b512077c21 enforce minimum 6 digits of pin when changing in the tool 2016-04-19 14:19:33 +02:00
Klas Lindfors d1c454ca02 error isn't an iso error, run ykpiv_strerror() on it 2016-04-19 14:16:01 +02:00
Klas Lindfors 4c74ebdc56 actually open output_file in attest() 2016-03-17 10:21:18 +01:00
Klas Lindfors bfc3185e9b Merge branch 'master' into attestation2 2016-03-10 15:34:25 +01:00
Klas Lindfors 53667a22b0 Move asking for PKCS12 password outside of import_key()
also restructure a bit when deciding to do authentication

relates #66
2016-02-15 09:24:36 +01:00
Klas Lindfors d3a75cc6ee Merge pull request #65 from mattmoyer/add-self-signed-cert-options
Add options for configuring self-signed certs.
2016-02-15 08:48:19 +01:00
Klas Lindfors a233ff53ae if the password supplied for PKCS12 doesn't verify ask for a new one
or if it's NULL and the mac doesn't verify with that either..

fixes #66
2016-02-15 08:43:45 +01:00
Matt Moyer d39b697d49 Drop const from these these int parameters. 2016-02-12 09:01:12 -06:00
Matt Moyer f91cf3379a Add a --serial parameter to yubico-piv-tool.
Allows the serial number of self signed certificates to be configured.
2016-02-10 17:40:12 -06:00
Matt Moyer 98f843e7e7 Add a --valid-days parameter to yubico-piv-tool.
Allows the expiration date (notAfter) value of self signed certificates to be configured.
2016-02-10 17:35:21 -06:00
Alessio Di Mauro b08de95597 Remove some clutter. 2015-12-24 10:50:36 +01:00
Alessio Di Mauro ecfc71fab0 Print CCC with status action. Relates to #57. 2015-12-24 10:50:05 +01:00
Klas Lindfors 73585f2416 use unsigned long for len 2015-12-17 09:55:20 +01:00
Klas Lindfors a143c6d67d remove the util function dump_hex() in favor of dump_data() 2015-12-15 10:27:54 +01:00
Klas Lindfors 30cc13aaff add format for read/write object as hex/base64/binary
relates #31
2015-12-15 10:22:11 +01:00
Klas Lindfors a4ee5725b8 add generic write and read object actions for the tool
this take in/out hex dump of the data
2015-12-14 10:55:32 +01:00
Mikhail Denisenko 6042a2140e Implemented C_SetPIN 2015-12-11 13:23:38 -05:00
Klas Lindfors e7d53ceb45 fix an old overflow bug
we need to do 8 - new_len, not 16 - new_len which overflows the indata
buffer
2015-12-08 14:12:29 +01:00
Klas Lindfors a1d6007375 increase buffer sizes when building the status view
otherwise data buffer will be to small after loading a big certificate
2015-12-07 19:53:43 +01:00
Klas Lindfors ebbb002068 don't overfill the buffer on cert import 2015-12-07 09:24:19 +01:00
Klas Lindfors baae5fa464 difference between CHUID and CCC in success message. 2015-12-03 14:53:10 +01:00
Klas Lindfors 70e181a860 add a new action set-ccc
change aroudn so set_chuid() becomes set_dataobject() and a bit more
generic
fixes #33
2015-12-03 08:18:27 +01:00
Alessio Di Mauro 0a93217dbc Minor fix. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 4849e494be Add retired key definitions to libykpiv.
Include retired keys in import_key's check.
2015-11-20 15:44:19 +01:00
Alessio Di Mauro 3b81112aeb Change behavior of yubico-piv-tool -a status.
Status only prints information from populated slots. Additionally,
it is possible to explicitly choose a single slot and only print
information reagarding it.
2015-11-20 15:44:19 +01:00
Klas Lindfors ed38b96fe4 raise buffer sizes and remove a miss-leading error 2015-11-20 13:14:55 +01:00
Alessio Di Mauro 113c3e0b98 Whitespace cleanup. 2015-11-20 12:03:02 +01:00
Alessio Di Mauro abc94bc62a Refactor yubico-piv-tool to use import_private_key from libykpiv. 2015-11-20 11:49:30 +01:00
Klas Lindfors 32e66f4fc6 add attest action 2015-11-18 13:42:11 +01:00
Alessio Di Mauro d38df01c6c Change applet to application. 2015-11-06 13:14:52 +01:00
Klas Lindfors f46a4713bd Merge branch 'master' into development 2015-10-28 16:08:00 +01:00
Klas Lindfors f558983577 add an error print for failing set-pin-retries 2015-10-28 16:07:18 +01:00