Commit Graph

152 Commits

Author SHA1 Message Date
Klas Lindfors ed38b96fe4 raise buffer sizes and remove a miss-leading error 2015-11-20 13:14:55 +01:00
Alessio Di Mauro 113c3e0b98 Whitespace cleanup. 2015-11-20 12:03:02 +01:00
Alessio Di Mauro abc94bc62a Refactor yubico-piv-tool to use import_private_key from libykpiv. 2015-11-20 11:49:30 +01:00
Alessio Di Mauro f5b1081f00 Replace YubiKey NEO with YubiKey. 2015-11-06 13:39:21 +01:00
Alessio Di Mauro d38df01c6c Change applet to application. 2015-11-06 13:14:52 +01:00
Klas Lindfors f46a4713bd Merge branch 'master' into development 2015-10-28 16:08:00 +01:00
Klas Lindfors f558983577 add an error print for failing set-pin-retries 2015-10-28 16:07:18 +01:00
Klas Lindfors e4059a5995 Merge branch 'master' into development
Conflicts:
	NEWS
	configure.ac
2015-10-20 20:48:57 +02:00
Klas Lindfors 777b40b3c2 read key from stdin if no key is given as argument 2015-10-09 11:14:58 +02:00
Klas Lindfors 69326b868d actually run valgrind for the tests 2015-10-09 10:40:59 +02:00
Alessio Di Mauro 17ebced2e6 Mask more one pin change. 2015-09-24 14:20:25 +02:00
Klas Lindfors 809e0ebdb7 use in, not signinput to actually sign anything in the ecc case 2015-09-18 11:05:15 +02:00
Klas Lindfors d30f6fc781 unblock-pin shouldn't tell you new puk 2015-09-16 14:32:30 +02:00
Klas Lindfors 49eab7dbfa drop ykpiv_sign_data2() and change ykpiv_sign_data() to not pad 2015-09-08 15:29:10 +02:00
Klas Lindfors 8eb7595d42 add list-readers action to tool
also refactor ykpiv_list_readers() a bit
2015-09-08 12:26:42 +02:00
Klas Lindfors b770155cbb Merge branch 'devel/p384' into ykcs11
Conflicts:
	NEWS
	configure.ac
	lib/ykpiv.c
	lib/ykpiv.h
	tool/util.c
	tool/util.h
2015-09-07 14:32:37 +02:00
Klas Lindfors aabe4fb20e Merge branch 'master' into ykcs11
Conflicts:
	lib/ykpiv.c
	lib/ykpiv.h
2015-08-20 09:30:49 +02:00
Steffan Karger 723fe2f405 Query for PIN/PUK/mgmt-key if not supplied on command line
Do not force a user to specify the PIN/PUK/mgmt-key on the command line.
Instead, query the user to supply them through stdin when required for
the requested operation.  This is both more user friendly and more
secure, since the secrets do not end up in the shell history and/or
visible to shoulder-surfers on the terminal.

Signed-off-by: Steffan Karger <steffan@karger.me>
2015-08-12 23:05:44 +02:00
Alessio Di Mauro bf56cd8f30 Added certificate import on key generation. 2015-08-11 14:12:34 +02:00
Klas Lindfors 8ece5ed26e drop unused variable
found with clang scan-build
2015-07-09 11:03:11 +02:00
Klas Lindfors 2e91cd0f5b Merge branch 'master' into devel/p384 2015-07-08 15:09:11 +02:00
Klas Lindfors 306651a308 remove extra \ 2015-07-03 13:28:12 +02:00
Klas Lindfors 0d88b0b38b name include file .adoc instead 2015-07-03 09:52:41 +02:00
Klas Lindfors 5f8605dc7e use asciidoc comments for comments in asciidoc file 2015-07-03 09:42:17 +02:00
Klas Lindfors 3b080dca45 relicense to 2-clause BSD license 2015-07-01 16:34:20 +02:00
Klas Lindfors 561bf00c55 add include file for help2adoc 2015-07-01 13:23:22 +02:00
Klas Lindfors a775ac6e69 move around texts for help 2015-06-30 07:46:21 +02:00
Klas Lindfors 80e6fe525a change IS_XXKEY macros to be YKPIV_IS_XX 2015-06-30 07:33:39 +02:00
Klas Lindfors f43c5781b9 fix indentation 2015-06-26 13:00:21 +02:00
Klas Lindfors 6f5870d884 better errors for fail on pin-policy and touch-policy 2015-06-25 12:37:06 +02:00
Klas Lindfors 600b302c1d add touch for set-mgm-key 2015-06-25 12:32:01 +02:00
Klas Lindfors ca6a355b5d add touch tlv for generate and import-key 2015-06-25 12:04:05 +02:00
Klas Lindfors be8f37924d pin policy code for generate and import-key 2015-06-24 15:25:59 +02:00
Klas Lindfors bc27d98bf7 better errors for generate on non-supported algorithm or slot 2015-06-24 13:22:02 +02:00
Klas Lindfors a73d708c25 add support for retired key objects
slots 82-95
2015-06-24 13:06:01 +02:00
Klas Lindfors c2621960a9 use IS_RSAKEY and IS_ECKEY macros, fix minor stuff for ECCP384 2015-06-24 13:06:00 +02:00
Klas Lindfors d06852959c add sha384 hash and refactor some common patterns 2015-06-24 13:06:00 +02:00
Klas Lindfors f17d09f19c start adding secp384r1 2015-06-24 13:06:00 +02:00
Klas Lindfors 6b4b3001c4 verify that e is 0x10001 on import
fixes #13
2015-06-23 14:28:44 +02:00
Klas Lindfors 18e057e58c let RSA_public_encrypt() do the PKCS1 padding
noteworthy is that it will do pkcs1 type 2 padding
2015-05-19 15:11:30 +02:00
Klas Lindfors 3d0ff7b969 add a test-decipher command
test-decipher will for rsa do public encrypt on a random string and let
the key decrypt
for ec it will generate a new ec key and do ecdh and confirm it gets the
same answer back
2015-05-19 14:22:26 +02:00
Klas Lindfors 8ce4ab4997 add newline at end of output 2015-05-08 13:49:32 +02:00
Klas Lindfors a9c8cb9fd3 drop openssl/err.h again 2015-03-20 14:17:51 +01:00
Klas Lindfors 9db6d3d45a replace EVP_MD_CTX_verify() stuff with RSA_verify()/ECDSA_verify()
since the EVP_MD_CTX stuff doesn't seem to exist on osx at all.
2015-03-20 14:04:26 +01:00
Klas Lindfors f204987941 add a test-signature action
that takes a certificate in and does a signature with the given slot,
then verifying that signature with the given certificate.
2015-03-20 10:04:58 +01:00
Klas Lindfors b1cda2ffce add missing }
that's why you should always build before push..
2015-03-19 15:52:20 +01:00
Klas Lindfors da1f61f23a move up validation of pin-retries parameters 2015-03-19 14:54:23 +01:00
Klas Lindfors c85fd4eaa8 move more validation of parameters together 2015-03-19 14:52:38 +01:00
Klas Lindfors 9124e82ea6 write version to output file 2015-03-19 14:43:13 +01:00
Klas Lindfors 635729f339 call get_algorithm() to get the algorithm
as it was already implemented..
2015-03-19 14:37:59 +01:00