Tony Arcieri (iqlusion)
3580c45f71
yubikey-piv v0.2.0 ( #220 )
2021-01-30 07:47:39 -08:00
Tony Arcieri (iqlusion)
79c289ac00
Bump pbkdf2 dependency to v0.7 ( #219 )
2021-01-30 07:34:54 -08:00
str4d
24b035008c
Improve self-signed certificates ( #207 )
...
Adds support for:
- A hierarchical SubjectName field.
- Certificate extensions.
2021-01-11 07:49:15 -08:00
str4d
90bc878b21
Dependency updates and MSRV 1.46 ( #208 )
...
- cargo update
- cli: Bump x509-parser to 0.9
- Bump elliptic-curve to 0.8. Also requires bumping p256 and p384.
- Bump MSRV to 1.46.0. Required to match the MSRV of elliptic-curve.
2021-01-10 07:14:02 -08:00
Shella Stephens
08185c5ec9
Bump der-parser, nom, x509-parser ( #194 )
...
* Bump der-parser from 4.1.0 to 5.0.0
Bumps [der-parser](https://github.com/rusticata/der-parser ) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/rusticata/der-parser/releases )
- [Changelog](https://github.com/rusticata/der-parser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rusticata/der-parser/compare/der-parser-4.1.0...der-parser-5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* Bump der-parser, nom, x509-parser
* clippy
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 07:20:58 -08:00
dependabot[bot]
fecd786262
Bump ring from 0.16.15 to 0.16.18 ( #192 )
...
Bumps [ring](https://github.com/briansmith/ring ) from 0.16.15 to 0.16.18.
- [Release notes](https://github.com/briansmith/ring/releases )
- [Commits](https://github.com/briansmith/ring/commits )
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-30 09:09:16 -08:00
Tony Arcieri (iqlusion)
fc62fc286d
yubikey-piv v0.1.0 ( #180 )
2020-10-19 08:26:05 -07:00
Tony Arcieri
ab11e037cc
Bump x509-parser to v0.8
2020-10-19 07:58:35 -07:00
dependabot[bot]
b21c4bd307
Bump env_logger from 0.7.1 to 0.8.1
...
Bumps [env_logger](https://github.com/env-logger-rs/env_logger ) from 0.7.1 to 0.8.1.
- [Release notes](https://github.com/env-logger-rs/env_logger/releases )
- [Changelog](https://github.com/env-logger-rs/env_logger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/env-logger-rs/env_logger/compare/v0.7.1...v0.8.1 )
Signed-off-by: dependabot[bot] <support@github.com >
2020-10-19 13:01:11 +00:00
Tony Arcieri
17ae87f741
Bump RustCrypto dependencies
...
Updates all RustCrypto crates (`crypto-mac`, `des`, `hmac`, `pbkdf2`)
to the latest versions.
2020-10-18 10:12:09 -07:00
Tony Arcieri
cbe60413cb
Bump p256 to v0.5; p384 to v0.4; MSRV 1.44+
2020-10-17 13:54:40 -07:00
Jack Grigg
f906e6a2d7
des 0.5
2020-08-30 18:18:29 +01:00
Jack Grigg
35fa940a37
secrecy 0.7
2020-08-30 18:16:45 +01:00
Jack Grigg
05a3b85934
hmac 0.9 and pbkdf2 0.5
2020-08-30 18:14:58 +01:00
Jack Grigg
23d0f96adc
elliptic-curve 0.5
...
Requires p256 0.4 and p384 0.3
2020-08-30 18:13:17 +01:00
Shella Stephens
4435a54435
Update der-parser & x509-parser ( #145 )
...
* Update der-parser & x509-parser
* use rust v1.41 toolchain
2020-06-23 17:03:04 -07:00
dependabot[bot]
55b960501a
Bump ring from 0.16.14 to 0.16.15 ( #144 )
...
Bumps [ring](https://github.com/briansmith/ring ) from 0.16.14 to 0.16.15.
- [Release notes](https://github.com/briansmith/ring/releases )
- [Commits](https://github.com/briansmith/ring/commits )
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-23 14:47:23 -07:00
Shella Stephens
860c163eb9
Update rsa to v0.3 & other dependencies ( #142 )
...
* Update rsa to v0.3 & other dependencies
2020-06-15 16:40:33 -07:00
BlackHoleFox
556b9cb671
Remove dependency on regular num-bigint
2020-06-09 18:42:56 -05:00
BlackHoleFox
0f907ebd5c
Implement RSA key precomputation
2020-06-08 21:48:25 -05:00
dependabot-preview[bot]
2d4f2fa750
Bump x509-parser from 0.6.5 to 0.7.0
...
Bumps [x509-parser](https://github.com/rusticata/x509-parser ) from 0.6.5 to 0.7.0.
- [Release notes](https://github.com/rusticata/x509-parser/releases )
- [Commits](https://github.com/rusticata/x509-parser/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2020-05-04 17:06:10 +00:00
dependabot-preview[bot]
ed66d399ca
Bump ring from 0.16.12 to 0.16.13
...
Bumps [ring](https://github.com/briansmith/ring ) from 0.16.12 to 0.16.13.
- [Release notes](https://github.com/briansmith/ring/releases )
- [Commits](https://github.com/briansmith/ring/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2020-05-04 16:14:43 +00:00
dependabot-preview[bot]
39d2b0982a
Bump p256 from 0.1.0 to 0.2.0
...
Bumps [p256](https://github.com/RustCrypto/elliptic-curves ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/RustCrypto/elliptic-curves/releases )
- [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p256/v0.1.0...p256/v0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2020-05-04 16:03:26 +00:00
dependabot-preview[bot]
268b3709fd
Bump ring from 0.16.10 to 0.16.11
...
Bumps [ring](https://github.com/briansmith/ring ) from 0.16.10 to 0.16.11.
- [Release notes](https://github.com/briansmith/ring/releases )
- [Commits](https://github.com/briansmith/ring/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2020-02-05 13:37:06 +00:00
dependabot-preview[bot]
9c566c9130
Bump ring from 0.16.9 to 0.16.10
...
Bumps [ring](https://github.com/briansmith/ring ) from 0.16.9 to 0.16.10.
- [Release notes](https://github.com/briansmith/ring/releases )
- [Commits](https://github.com/briansmith/ring/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2020-02-03 13:25:33 +00:00
Tony Arcieri
27504890d7
Bump elliptic-curve from 0.2.0 to 0.3.0
2020-01-07 15:11:27 -05:00
dependabot-preview[bot]
2d57b8e2e1
Bump x509 from 0.1.1 to 0.1.2
...
Bumps [x509](https://github.com/str4d/x509.rs ) from 0.1.1 to 0.1.2.
- [Release notes](https://github.com/str4d/x509.rs/releases )
- [Commits](https://github.com/str4d/x509.rs/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-17 13:42:12 +00:00
Tony Arcieri
d4838f2652
tests: eliminate usage of rand crate
...
Otherwise dependabot will nag us until `num-bigint` updates.
2019-12-16 07:28:21 -08:00
Jack Grigg
02ade49288
tests/integration: Verify signature on generated EC certificate
2019-12-15 17:22:52 +00:00
Jack Grigg
1a95a5f921
Fix PKCS#1 v1.5 signature generation
2019-12-15 17:09:09 +00:00
Jack Grigg
8ac78cafb8
Certificate::generate_self_signed
2019-12-15 10:59:50 +00:00
dependabot-preview[bot]
36408ac658
Bump secrecy from 0.5.1 to 0.6.0
...
Bumps [secrecy](https://github.com/iqlusioninc/crates ) from 0.5.1 to 0.6.0.
- [Release notes](https://github.com/iqlusioninc/crates/releases )
- [Commits](https://github.com/iqlusioninc/crates/compare/secrecy/v0.5.1...secrecy/v0.6.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-13 13:45:51 +00:00
dependabot-preview[bot]
cee7f1cef8
Bump elliptic-curve from 0.1.0 to 0.2.0
...
Bumps [elliptic-curve](https://github.com/RustCrypto/signatures ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/RustCrypto/signatures/releases )
- [Commits](https://github.com/RustCrypto/signatures/compare/elliptic-curve/v0.1.0...elliptic-curve/v0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-12 13:49:12 +00:00
dependabot-preview[bot]
ac338cf17a
Bump rsa from 0.1.4 to 0.2.0
...
Bumps [rsa](https://github.com/RustCrypto/RSA ) from 0.1.4 to 0.2.0.
- [Release notes](https://github.com/RustCrypto/RSA/releases )
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/release.toml )
- [Commits](https://github.com/RustCrypto/RSA/compare/0.1.4...0.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-12-11 13:34:30 +00:00
Tony Arcieri
78d5f33695
cli: add status command
...
Provides equivalent functionality to `yubico-piv-tool`
2019-12-09 18:00:34 -08:00
Tony Arcieri
55d077dd80
cli: rename 'list' command to 'readers'; improve usage
...
There are going to be several `list` commands (e.g. `yubikey keys list`)
so this is a confusing name.
If we need more than one `readers` subcommand we can change this to be
`readers list` eventually.
Separately (in what probably should've been its own commit, mea culpa)
this adds slightly better usage.
2019-12-09 09:39:24 -08:00
Tony Arcieri
cb9d5221b2
Merge pull request #60 from iqlusioninc/test-verify-pin
...
Test YubiKey::verify_pin (--ignored)
2019-12-07 08:52:09 -08:00
Tony Arcieri
c30cf5b83a
Test YubiKey::verify_pin (--ignored)
...
Adds an off-by-default test that the `YubiKey::verify_pin` function
works, and removes it from `untested` gating.
2019-12-07 08:44:12 -08:00
Jack Grigg
0551263286
Switch to elliptic-curve crate
2019-12-07 15:47:24 +00:00
Tony Arcieri
da897b99bb
yubikey-piv v0.0.3
2019-12-02 11:17:10 -08:00
Tony Arcieri
07f70bccb5
cli: Initial yubikey-cli utility with list command
...
Adds a `yubikey-cli` crate to the workspace, with a `yubikey` binary,
which presently provides a `list` command for listing detected readers.
Dependencies:
- `env_logger`: logging
- `gumdrop`: argument parsing
- `termcolor`: colored terminal output
As this repo now contains a binary, it also checks in `Cargo.lock`.
2019-12-02 10:42:17 -08:00
Jack Grigg
3a283aca40
Use ecdsa crate for EC point representations
2019-12-01 18:23:57 +00:00
Jack Grigg
9ee1494c6f
Parse RSA public keys within certificates
2019-12-01 16:09:59 +00:00
Tony Arcieri
6a16c59567
Use secrecy crate for storing CachedPin
...
The `SecretVec` type automatically handles zeroing and may prevent
accidental exposure of the cached PIN via `Debug`.
2019-11-30 12:11:53 -08:00
Tony Arcieri
7f3d821df2
Add #![forbid(unsafe_code)]; fix up README.md badges and links
...
- Forbids unsafe code
- Adds a "Safety Dance" badge
- Fixes the GitHub Actions status badge
- Fixes up links that changed with the move to `iqlusioninc` org
2019-11-29 10:06:52 -08:00
Tony Arcieri
77d9dd6e97
v0.0.2
2019-11-25 15:27:04 -08:00
Tony Arcieri
a23af7dc31
Add untested Cargo feature for untested functionality
...
This adds an `untested` feature to any functions which have not yet been
tested live against a YubiKey device (which is presently pretty much
everything).
This sets a clear expectation of what is presently supported, and
additionally documents the status in the README (and a series of GitHub
issues).
Adds a `cargo build --all-features` to GitHub Actions' `test` step in
order to make sure that `untested` functionality still compiles.
2019-11-25 15:04:32 -08:00
Tony Arcieri
fd77e9f844
tests: Initial connect test and docs
...
Adds an extremely basic initial test to ensure that we are able to
connect to a YubiKey.
The test is marked `#[ignore]` in the hope that we can eventually start
adding tests which run in CI, e.g. against a mock card.
This also includes a fix for calculating the APDU size, since the ones
we were sending originally were overly long.
2019-11-25 10:00:56 -08:00
Tony Arcieri
ebbf043bc9
Rewrite translated code to use the pcsc crate
...
This commit contains a "big bang" refactor/rewrite which does the
following:
- Replaces all `SCard*` FFI calls with the `pcsc` crate, which provides
a safe, portable PC/SC API across Windows, macOS, and Linux
- Refactors the `util` module into modules representing the various
device functions and concepts, e.g. `certificate`, `key`, `mgm`
- Replaces all usage of `libc` with `std` functionality, and in many
places rewriting functionality to use safe code.
- Removes `ykpiv_` from all function names, and `Piv*` from type names.
In 20/20 hindsight I wish I had done this commit more incrementally so
as to make it easier to review. Que sera sera.
However, realistically we need to test all functionality on the device
to ensure that it actually works. Going forward I would like to put
pretty much all of the current code behind an `untested` cargo feature,
and then remove it for each bit of functionality we test.
2019-11-24 16:36:43 -08:00
Jack Grigg
86fde50c2d
Use des crate for 3DES operations
2019-11-21 00:37:16 +00:00