Jakub Jelen
a2715f0a4a
Use OpenSSL 1.1.0 API
2017-11-13 17:43:06 +01:00
Jakub Jelen
4a847677cc
WIP:Use RSA/EC_KEY METHOD to provide X509 signatures using high-level OpenSSL API
2017-11-13 17:39:34 +01:00
Jakub Jelen
d2ffc41a6c
RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0
2017-11-13 17:39:34 +01:00
Jakub Jelen
ad4e93a462
Few more OpenSSL 1.1.0 incompatibilities
2017-11-13 17:39:34 +01:00
Jakub Jelen
bd351261ec
Initial idea of openssl-1.1.0 compatibility (still missing some magic around certificates)
2017-11-13 17:39:34 +01:00
Trevor Bentley
aa3b69926b
Doxygen documentation for ykpiv_util_* API.
2017-11-08 11:38:27 +01:00
Trevor Bentley
3ce4f0ccae
Clean up typos, warnings, and incorrect libtool age.
2017-11-08 11:11:45 +01:00
Trevor Bentley
c7549ac9cc
Update .gitignore
2017-11-03 16:29:17 +01:00
Trevor Bentley
366de02ab1
Organize ykpiv.h, update NEWS file for 1.5.0
2017-11-03 16:15:13 +01:00
Trevor Bentley
c6abe7ac6d
Add integration test for PIN cache
2017-11-03 13:39:23 +01:00
Trevor Bentley
7818b49e7d
Skip unusable integration tests when testing a NEO
2017-10-31 15:40:51 +01:00
Trevor Bentley
c939cff518
Allow changing libykpiv compile-time ifdefs from CFLAGS
2017-10-31 12:34:15 +01:00
Trevor Bentley
252226220a
Disable ensure_application_selected() by default, since it breaks PIN policy.
2017-10-31 12:29:16 +01:00
Trevor Bentley
4eb6f1b193
Fix build on Linux
...
Signed-off-by: Trevor Bentley <trevor@yubico.com >
2017-10-26 17:03:35 +02:00
Dave Pate
999312e6b5
api: use uintptr_t for architecture specific handle sizes
2017-10-26 14:09:09 +02:00
Trevor Bentley
a7eb0657f1
Fix compile time warnings about -no-install on Darwin/clang
2017-10-26 12:37:05 +02:00
Trevor Bentley
05ac49abbb
Suppress sscanf_s error on Windows
2017-10-25 16:19:13 +02:00
Trevor Bentley
edda816abe
Remove accidental printf
2017-10-25 16:18:53 +02:00
Trevor Bentley
c2f86d0a0f
Move YK4 insecure on-chip key generation prevention from yubico-piv-tool to libykpiv
2017-10-24 15:59:44 +02:00
Trevor Bentley
15f533d7de
Move hardware tests to "make hwtest", with one warning for all test suites.
...
- "make check" will mark destructive tests as skipped
- "make hwtest" will ask once for user confirmation
2017-10-24 15:10:45 +02:00
Trevor Bentley
4c9004feeb
Remove artifact from rebase (bad local variable)
2017-10-23 16:28:57 +02:00
Trevor Bentley
4dffc0fa6a
Bump libykpiv version to 1.5.0
2017-10-23 16:27:09 +02:00
Trevor Bentley
b3cbfb5560
Some documentation and cleanup of ykpiv.h
2017-10-23 16:26:25 +02:00
Trevor Bentley
58abe404f3
Generate Doxygen docs for libykpiv if doxygen is available.
2017-10-23 16:26:23 +02:00
Trevor Bentley
935e05485a
Use openssl implementation of DES_is_weak_key on non-Windows, and add unit test.
2017-10-23 16:26:20 +02:00
Trevor Bentley
27933eaff8
Fix applet selection for whole public API.
2017-10-23 16:26:17 +02:00
Trevor Bentley
c07355fefb
Fix unit tests for NEO: use ECCP256 and detect attestation errors
2017-10-23 16:26:14 +02:00
Trevor Bentley
7177ceda74
Extra attempts for PIN/PUK block in unit test
2017-10-23 16:26:11 +02:00
Trevor Bentley
aa293dcc31
Fix PIN length handling in ykpiv_verify*()
2017-10-23 16:26:08 +02:00
Trevor Bentley
de065ae36e
Rename util.c test suite to api.c
2017-10-23 16:26:05 +02:00
Trevor Bentley
f903a432e3
Backport minidriver changes
...
* Port ykpiv_auth_getchallenge and ykpiv_auth_verifyresponse
- Commit 8fde607b50b19c57a662c53c6b276b54a78606d8
- Commit 6046b98e477cfef59a590ce2177336d694813e7e
- Commit 422cea11745dc67d15039e242ed21ecb5208ae55
- Commit 1d31647e5a27bd2df6bda76512c7d673980f0bec
* Rename connect2() and done2() to connect_with_external_card(), etc.
* Select applet in ykpiv_change_pin, change_puk, and unblock_pin
2017-10-23 16:26:02 +02:00
Trevor Bentley
ef81054dc2
Add automated tests for yubico-piv-tool CLI (hw-tests only)
2017-10-23 16:25:59 +02:00
Trevor Bentley
9a7ccf48fa
Fix all clang scan-build warnings
2017-10-23 16:25:56 +02:00
Trevor Bentley
90209997cc
Unit test for ykpiv_attest()
2017-10-23 16:25:53 +02:00
Trevor Bentley
5291bc4a63
Fix issue #123 - specify text/binary mode for open files
2017-10-23 16:25:50 +02:00
Trevor Bentley
79464a3d3e
Use slot enum consistently. Move slot->object translation into libykpiv.
2017-10-23 16:25:47 +02:00
Trevor Bentley
2e818dd914
Add ykpiv_util_(get/set)_cccid(), and use in yubico-piv-tool
2017-10-23 16:25:44 +02:00
Trevor Bentley
13e02f998d
Fix ykpiv_attest slot argument name
2017-10-23 16:25:41 +02:00
Trevor Bentley
f6b817f056
Add ykpiv_attest() and use it in yubico-piv-tool
2017-10-23 16:25:38 +02:00
Trevor Bentley
248980fe27
yubico-piv-tool: use ykpiv_util_read_cert
2017-10-23 16:25:35 +02:00
Trevor Bentley
3bca63c39c
yubico-piv-tool: use ykpiv_util_delete_cert
2017-10-23 16:25:32 +02:00
Trevor Bentley
ded78751a0
Add gzip support to ykpiv_util_import_certificate(), and use in yubico-piv-tool
2017-10-23 16:25:20 +02:00
Trevor Bentley
8135a55200
yubico-piv-tool: Switch to ykpiv_set_pin_retries()
2017-10-23 16:25:17 +02:00
Trevor Bentley
ec8e2786e6
yubico-piv-tool: use ykpiv_util_reset()
2017-10-23 16:25:13 +02:00
Trevor Bentley
12f35b8884
yubico-piv-tool: use util function for key generation
2017-10-23 16:25:10 +02:00
Trevor Bentley
48c2b8e99c
Move shared functionality from util.c to internal.h
2017-10-23 16:22:34 +02:00
Trevor Bentley
dfd2a9ef92
Cleanup compiler warnings, and switch to cross-platform data types
2017-10-23 16:22:31 +02:00
Trevor Bentley
97ecb75dd4
Cleanup function names. Make PIN cache optional.
2017-10-23 16:22:27 +02:00
Trevor Bentley
a8b2c2c1c4
Fix DES bugs in Linux. Windows+Linux both pass unit tests.
2017-10-23 16:22:24 +02:00
Trevor Bentley
fb00baf672
Backport from minidriver:
...
commit 90020fea0ac34b2f98b68a5798fa85cb5ad12175 (tag: 3.2)
Author: Dave Pate <dpate@yubico.com >
Date: Thu Jul 27 00:31:54 2017 -0700
Release 3.2
Adds automatic PUK blocking
Adds feature to turn automatic PUK blocking off
Miscellaneous fixes with metadata handling
2017-10-23 16:22:21 +02:00