Jakub Jelen
f5c42cef89
Do not build test if HW_TESTS is not enabled (to avoid warnings)
2018-02-10 19:35:12 +01:00
Trevor Bentley
38ce95cf1c
Merge pull request #137 from Yubico/custom_pcsc
...
Support specifying custom PCSC lib
2018-01-25 11:23:01 +01:00
Trevor Bentley
c9f4d684d1
Support specifying custom PCSC lib
2018-01-24 15:44:22 +01:00
Trevor Bentley
74e1a0885c
Merge pull request #136 from jmyreen/openssl-1.1-fixes
...
Fixed some bugs in the port to Openssl-1.1:
2018-01-02 13:24:53 +01:00
Trevor Bentley
6dc0419a79
Merge pull request #135 from Aloz1/libressl-support
...
Added checks to allow building against LibreSSL
2018-01-02 13:07:07 +01:00
Johan Myréen
b0210e0710
Fixed some bugs in the port to Openssl-1.1:
...
- wrap_public_key() passed the address of the local stack variable
internal_key to RSA_meth_set0_data(), which was used long after
wrap_public_key() had returned. Changed to static.
- The callback functions yk_rsa_meth_sign and yk_ec_meth_sign 'siglen'
parameter has type (unisgned int *), which was cast to (size_t *)
before it was used to write a value in the caller's memory
space. This caused stack corruption on machines where size_t is
bigger than unsigned int.
- The callback function's 'siglen' parameter is output-only, not
in-out. The input value was assumed to contain the maximum size of
the output buffer as input, and a bogus value was compared to the
amount of data received from the token in function
_general_authenticate(). Changed to pass in the values returned by
RSA_size(rsa) and ECDSA_size(ec), which Openssl specifies as minimum
buffer sizes.
- The callback functions' return values were swapped; fixed to return
1 on success, 0 on failure.
2017-12-30 22:08:09 +02:00
Aloz1
866b6b1d9d
Added checks to allow building against LibreSSL
...
It seems that when OpenSSL 1.1.0 support was added, LibreSSL was broken
due to the way version checking was done. This adds extra checks for
LIBRESSL_VERSION_NUMBER where applicable.
2017-12-29 14:38:37 +11:00
Trevor Bentley
427451c12f
Bump version to 1.5.1 unreleased
2017-11-29 13:10:53 +01:00
Trevor Bentley
ab6f3d668a
Merge pull request #133 from Yubico/distclean
...
Use library dependencies for openssl compat layer
2017-11-29 10:56:55 +01:00
Trevor Bentley
d46db8e181
Build libs before running check.
2017-11-29 09:55:20 +00:00
Trevor Bentley
d5d953be95
Use library dependencies for openssl compat layer
2017-11-29 09:47:45 +00:00
Trevor Bentley
5bc03bfc29
Updated NEWS
2017-11-29 10:18:42 +01:00
Trevor Bentley
4acf0361cd
Merge pull request #132 from Yubico/bump_openssl
...
Bump Windows/Mac builds to latest OpenSSL 1.0.x
2017-11-29 10:16:23 +01:00
Trevor Bentley
7e9c383b1c
Bump Windows/Mac builds to latest OpenSSL 1.0.x
2017-11-29 10:09:59 +01:00
Trevor Bentley
66a2bafacb
Merge pull request #131 from Yubico/openssl1.1_jakuje
...
OpenSSL 1.1 compatibility
2017-11-27 16:39:42 +01:00
Trevor Bentley
7f76eaeb64
Fix 'make dist'
2017-11-27 14:50:50 +01:00
Trevor Bentley
c1a500fce4
Build with correct OpenSSL version number on Mac and mingw32/64
...
This is a cosmetic change. OpenSSL picks up the VERSION environment variable
when building, which is set to the yubico-piv-tool version number during
Travis-CI builds. This overrides it back to the OpenSSL version when building
OpenSSL.
2017-11-27 13:02:19 +01:00
Trevor Bentley
20a5ecce0f
Fix OpenSSL 1.1 build with mingw32/64
2017-11-27 11:27:11 +01:00
Trevor Bentley
b10d98e96b
Build against OpenSSL 1.1 in travis-ci
2017-11-24 15:52:17 +01:00
Trevor Bentley
7ca0267ddf
Fix OpenSSL 1.1 compat layer
...
- Changes for latest ykpiv_util refactor
- Passes hw tests with openssl 1.0 and 1.1
- Passes valgrind
2017-11-21 17:08:38 +01:00
Trevor Bentley
4785e23bd1
Merge branch 'master' of https://github.com/Jakuje/yubico-piv-tool into Jakuje-master
2017-11-20 14:03:48 +01:00
Trevor Bentley
3aaa525efc
Merge pull request #130 from Yubico/ykpiv_util
...
Refactor yubico-piv-tool/libykpiv with a ykpiv_util_* high-level API
2017-11-20 10:23:05 +01:00
Trevor Bentley
6a34b6ef96
Fix cross-compiling for mingw64
2017-11-17 16:13:15 +01:00
Jakub Jelen
77c51a7317
Properly apply the OpenSSL version checks
2017-11-14 13:34:57 +01:00
Trevor Bentley
40d5b7cbab
Install 'check' package in build script.
2017-11-14 11:34:07 +01:00
Jakub Jelen
0a131a053d
Do not use the new API with the old OpenSSL
2017-11-14 10:54:47 +01:00
Jakub Jelen
eda075fa57
Provide the bogus signature with OpenSSL 1.1.0 API
2017-11-14 10:37:02 +01:00
Jakub Jelen
13f542c1f8
Use the new OpenSSL 1.1.0 API also in the HW tests
2017-11-14 10:29:34 +01:00
Jakub Jelen
a2715f0a4a
Use OpenSSL 1.1.0 API
2017-11-13 17:43:06 +01:00
Jakub Jelen
4a847677cc
WIP:Use RSA/EC_KEY METHOD to provide X509 signatures using high-level OpenSSL API
2017-11-13 17:39:34 +01:00
Jakub Jelen
d2ffc41a6c
RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0
2017-11-13 17:39:34 +01:00
Jakub Jelen
ad4e93a462
Few more OpenSSL 1.1.0 incompatibilities
2017-11-13 17:39:34 +01:00
Jakub Jelen
bd351261ec
Initial idea of openssl-1.1.0 compatibility (still missing some magic around certificates)
2017-11-13 17:39:34 +01:00
Trevor Bentley
aa3b69926b
Doxygen documentation for ykpiv_util_* API.
2017-11-08 11:38:27 +01:00
Trevor Bentley
3ce4f0ccae
Clean up typos, warnings, and incorrect libtool age.
2017-11-08 11:11:45 +01:00
Trevor Bentley
c7549ac9cc
Update .gitignore
2017-11-03 16:29:17 +01:00
Trevor Bentley
366de02ab1
Organize ykpiv.h, update NEWS file for 1.5.0
2017-11-03 16:15:13 +01:00
Trevor Bentley
c6abe7ac6d
Add integration test for PIN cache
2017-11-03 13:39:23 +01:00
Trevor Bentley
7818b49e7d
Skip unusable integration tests when testing a NEO
2017-10-31 15:40:51 +01:00
Trevor Bentley
c939cff518
Allow changing libykpiv compile-time ifdefs from CFLAGS
2017-10-31 12:34:15 +01:00
Trevor Bentley
252226220a
Disable ensure_application_selected() by default, since it breaks PIN policy.
2017-10-31 12:29:16 +01:00
Trevor Bentley
4eb6f1b193
Fix build on Linux
...
Signed-off-by: Trevor Bentley <trevor@yubico.com >
2017-10-26 17:03:35 +02:00
Dave Pate
999312e6b5
api: use uintptr_t for architecture specific handle sizes
2017-10-26 14:09:09 +02:00
Trevor Bentley
a7eb0657f1
Fix compile time warnings about -no-install on Darwin/clang
2017-10-26 12:37:05 +02:00
Trevor Bentley
05ac49abbb
Suppress sscanf_s error on Windows
2017-10-25 16:19:13 +02:00
Trevor Bentley
edda816abe
Remove accidental printf
2017-10-25 16:18:53 +02:00
Trevor Bentley
c2f86d0a0f
Move YK4 insecure on-chip key generation prevention from yubico-piv-tool to libykpiv
2017-10-24 15:59:44 +02:00
Trevor Bentley
15f533d7de
Move hardware tests to "make hwtest", with one warning for all test suites.
...
- "make check" will mark destructive tests as skipped
- "make hwtest" will ask once for user confirmation
2017-10-24 15:10:45 +02:00
Trevor Bentley
4c9004feeb
Remove artifact from rebase (bad local variable)
2017-10-23 16:28:57 +02:00
Trevor Bentley
4dffc0fa6a
Bump libykpiv version to 1.5.0
2017-10-23 16:27:09 +02:00