Commit Graph

1361 Commits

Author SHA1 Message Date
Jack Grigg d3e565ef55 Derive PartialEq for SlotId 2019-12-01 15:35:00 +00:00
Tony Arcieri 2bdeca0069 Merge pull request #44 from str4d/more-enums
Convert SlotId and AlgorithmId into enums
2019-11-30 14:28:36 -08:00
Jack Grigg bc95d8b7b9 Delete unnecessary commented-out code
We will handle the CardManagement slot separately.
2019-11-30 22:18:31 +00:00
Jack Grigg 11c93d6421 Inline SlotId constants 2019-11-30 22:01:22 +00:00
Jack Grigg afca0fec0a Convert AlgorithmId into an enum
3DES also has an algorithm ID, but it is completely disjoint from the
key algorithms, and can be handled separately later.
2019-11-30 20:47:37 +00:00
Tony Arcieri c8837d485f Merge pull request #43 from iqlusioninc/pin-secrecy
Use `secrecy` crate for storing `CachedPin`
2019-11-30 12:39:33 -08:00
Jack Grigg 12b5bd1e3c Convert SlotId into an enum 2019-11-30 20:15:16 +00:00
Jack Grigg c3698dcffb Key::list: Skip Certificate::new for empty buffers
This matches the C code behaviour.
2019-11-30 20:15:12 +00:00
Tony Arcieri 6a16c59567 Use secrecy crate for storing CachedPin
The `SecretVec` type automatically handles zeroing and may prevent
accidental exposure of the cached PIN via `Debug`.
2019-11-30 12:11:53 -08:00
Carl Wallace c8e5c96398 change cccid handling to target entire ccc object (a la yubico-piv-tool status action) 2019-11-30 15:11:10 -05:00
Tony Arcieri 8e38cf6c4e Merge pull request #42 from carl-wallace/develop
Change CHUID struct to hold complete CHUID value. Add getters for sub components. Add additional consts to support this. Modified CCCID struct to be public (as prelude to similar treatment).
2019-11-30 11:44:51 -08:00
Tony Arcieri ac665f9ec9 Merge pull request #40 from str4d/pin-fixups
PIN fixups
2019-11-30 11:43:35 -08:00
Carl Wallace 77302af21e address formatting per cargo fmt 2019-11-30 14:22:33 -05:00
Carl Wallace 78288b4200 address formatting and documentation issues flagged by clippy 2019-11-30 14:13:34 -05:00
Jack Grigg a61a6fd94b Define more YubiKey-recognized status words
Recognized values sourced from https://github.com/Yubico/yubikey-manager
NotFoundError and NoSpaceError are specified in SP 800-73-4 Table 6.
2019-11-30 15:39:11 +00:00
Jack Grigg cfef291ad9 Use u16 for raw StatusWords 2019-11-30 15:39:10 +00:00
Jack Grigg 4b5cd8dd45 Make PIN verification failure a StatusWord case
Retry count is now u8, as  it cannot exceed 16 (being returned in the
lower half of SW2).
2019-11-30 15:39:09 +00:00
Jack Grigg 9fe363661e verify_pin: Don't set APDU data for empty PIN 2019-11-30 15:16:15 +00:00
Tony Arcieri 4af95edc74 Merge pull request #39 from iqlusioninc/safety-dance-and-other-readme-badge-fixups
Add #![forbid(unsafe_code)]; fix up README.md badges and links
2019-11-29 10:18:25 -08:00
Tony Arcieri 7f3d821df2 Add #![forbid(unsafe_code)]; fix up README.md badges and links
- Forbids unsafe code
- Adds a "Safety Dance" badge
- Fixes the GitHub Actions status badge
- Fixes up links that changed with the move to `iqlusioninc` org
2019-11-29 10:06:52 -08:00
Tony Arcieri 2f963a15d0 Merge pull request #37 from str4d/safety-rails
Safety rails
2019-11-29 09:56:54 -08:00
Carl Wallace 4210571da3 Change CHUID struct to hold complete CHUID value. Add getters for subcomponents. Add additional consts to support this. Modified CCCID struct to be public (as prelude to similar treatment). 2019-11-29 09:31:24 -05:00
Jack Grigg 1db929c10f Mark excluded nested match branches as unreachable 2019-11-29 00:09:08 +00:00
Jack Grigg 8240575bb4 Rewrite YubiKey::import_private_key without unsafe 2019-11-28 23:44:16 +00:00
Jack Grigg 1935216cf3 Rewrite MsRoots::read without unsafe 2019-11-28 23:43:02 +00:00
Jack Grigg 7c08674fac Use slice::copy_within in metadata::read 2019-11-28 23:43:01 +00:00
Jack Grigg 8b86a0f578 Rewrite metadata::get_item without unsafe 2019-11-28 23:42:55 +00:00
Jack Grigg bd5669d9ef Rewrite metadata::set_item without unsafe
Also re-introduces some comments that were lost during corrosion.
2019-11-28 23:06:09 +00:00
Jack Grigg afb6a9479e Use slice::copy_within in read_certificate 2019-11-28 23:03:11 +00:00
Jack Grigg 48d0a2ab04 Use slice::copy_from_slice in Transaction::change_pin 2019-11-28 23:02:33 +00:00
Tony Arcieri 82b4bbb35d Merge pull request #36 from carl-wallace/develop
Make anonymous CHUID struct public, remove spurious subtraction of two bytes in transfer_data
2019-11-27 12:37:06 -08:00
Carl Wallace 13b350f822 change length comparison to is_empty check per clippy 2019-11-27 15:26:13 -05:00
Carl Wallace 0f1ef2f519 Make anonymous field of CHUID struct public. Remove spurious -2 instances inside Transaction::transfer_data (the Response object is already eating the status words) 2019-11-27 15:09:53 -05:00
Tony Arcieri d799e9c35b Merge pull request #34 from tarcieri/have-encrypt-sign-return-buffer
Have `sign_data` and `decrypt_data` return a `Buffer`
2019-11-26 11:21:38 -08:00
Tony Arcieri 5bf27f5422 Have sign_data and decrypt_data return a Buffer 2019-11-26 11:06:11 -08:00
Tony Arcieri ecea0081b5 Merge pull request #33 from tarcieri/ins-enum
`Ins` (APDU instruction codes) enum
2019-11-26 10:05:35 -08:00
Tony Arcieri debde6e765 Ins (APDU instruction codes) enum
Converts a bag of constant values (`YKPIV_INS_*`) into an enum
representing APDU instruction codes (a.k.a. `ins`).

Among other things, this makes the `Debug` output for `APDU` more human
meaningful, since it can print a text label for the instruction rather
than a code number, which is helpful in trace debugging.
2019-11-26 09:52:19 -08:00
Tony Arcieri 3fa5555943 Merge pull request #32 from tarcieri/factor-responses-into-apdu-module
Factor `Response` into `apdu` module; improved debugging
2019-11-26 09:26:55 -08:00
Tony Arcieri d3af2f2d80 Factor Response into apdu module; improved debugging
This commit merges the `apdu` and `response` modules: the responses are
APDU responses, and so the two are related.

This also moves the `trace` logging into the APDU type, which allows it
to display `Debug` output for APDUs and responses, which makes it easier
to understand what's going on (and will be even better once instructions
are converted into an enum so you can actually see what's happening).
2019-11-26 09:15:48 -08:00
Tony Arcieri 5fab09e54d Merge pull request #31 from tarcieri/v0.0.2
v0.0.2
2019-11-25 16:59:02 -08:00
Tony Arcieri 77d9dd6e97 v0.0.2 yubikey-piv/v0.0.2 2019-11-25 15:27:04 -08:00
Tony Arcieri aeb4e6c3fc Merge pull request #30 from tarcieri/untested-feature
Add `untested` Cargo feature for untested functionality
2019-11-25 15:16:56 -08:00
Tony Arcieri a23af7dc31 Add untested Cargo feature for untested functionality
This adds an `untested` feature to any functions which have not yet been
tested live against a YubiKey device (which is presently pretty much
everything).

This sets a clear expectation of what is presently supported, and
additionally documents the status in the README (and a series of GitHub
issues).

Adds a `cargo build --all-features` to GitHub Actions' `test` step in
order to make sure that `untested` functionality still compiles.
2019-11-25 15:04:32 -08:00
Tony Arcieri 9083194c3b Merge pull request #29 from tarcieri/document-project-status
Document project status in README.md and lib.rs
2019-11-25 13:57:41 -08:00
Tony Arcieri cf8f3c88cf Document project status in README.md and lib.rs
This commit adds quite a bit of documentation about the current status
of the project, including links to GitHub issues for the different Rust
modules which map to specific pieces of functionality.

The intent is to track the current status of the project in the
README.md as that's more up-to-date than the docs.rs documentation
(which depends on a crate release to get updated).
2019-11-25 13:42:22 -08:00
Tony Arcieri eb399cbecc Merge pull request #19 from tarcieri/tests
tests: Initial connect test and docs
2019-11-25 10:32:30 -08:00
Tony Arcieri fd77e9f844 tests: Initial connect test and docs
Adds an extremely basic initial test to ensure that we are able to
connect to a YubiKey.

The test is marked `#[ignore]` in the hope that we can eventually start
adding tests which run in CI, e.g. against a mock card.

This also includes a fix for calculating the APDU size, since the ones
we were sending originally were overly long.
2019-11-25 10:00:56 -08:00
Tony Arcieri 4039560d97 Merge pull request #17 from tarcieri/pcsc
Rewrite translated code to use the `pcsc` crate
2019-11-25 09:17:51 -08:00
Tony Arcieri 63d7a21c9d transaction: Fix fetch_object result slicing
Needs to match the original C code:

    memmove(data, data + 1 + offs, outlen);
2019-11-25 09:00:53 -08:00
Tony Arcieri 79b1142f21 Remove usages of YKPIV_OBJ_MAX_SIZE
...replacing them with `CB_BUF_MAX`.

Both constants are 3072, however `CB_BUF_MAX` is what the original code
was using.

See discussion here:

https://github.com/tarcieri/yubikey-piv.rs/pull/17#discussion_r350166104
2019-11-25 08:49:29 -08:00