Compare commits

...

6 Commits

Author SHA1 Message Date
Tony Arcieri (iqlusion) ac72797d1f yubikey v0.4.2 (#291) 2021-07-13 06:35:53 -07:00
Tony Arcieri (iqlusion) fdd3b8730a Make yubikey::Buffer a pub type (#290) 2021-07-13 06:05:24 -07:00
Tony Arcieri (iqlusion) d51ec0a225 Have YubiKey::block_puk take &mut self as argument (#289)
This is effectively the same signature; it just uses `self` instead of a
named argument.
2021-07-13 05:55:24 -07:00
Tony Arcieri (iqlusion) d601c33ba3 yubikey v0.4.1 (#288) 2021-07-12 19:37:12 -07:00
Tony Arcieri (iqlusion) 8e52d75992 Rename Ccc to CccId (#287) 2021-07-12 19:28:46 -07:00
Tony Arcieri (iqlusion) 42ae5fb974 Rename SettingValue to Setting. (#286)
Breaking change, but the crate is fresh and there's time to yank and
republish.
2021-07-12 17:36:42 -07:00
8 changed files with 45 additions and 27 deletions
+19 -1
View File
@@ -4,7 +4,25 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 0.4.0 (2021-07-12) ## 0.4.2 (2021-07-13)
### Added
- Make `yubikey::Buffer` a pub type ([#290])
### Changed
- Have `YubiKey::block_puk` take `&mut self` as argument ([#289])
[#289]: https://github.com/iqlusioninc/yubikey.rs/pull/289
[#290]: https://github.com/iqlusioninc/yubikey.rs/pull/290
## 0.4.1 (2021-07-12)
### Changed
- Rename `SettingValue` to `Setting` ([#286])
- Rename `Ccc` to `CccId` ([#287])
[#286]: https://github.com/iqlusioninc/yubikey.rs/pull/286
[#287]: https://github.com/iqlusioninc/yubikey.rs/pull/287
## 0.4.0 (2021-07-12) [YANKED]
### Added ### Added
- `Result` alias ([#271]) - `Result` alias ([#271])
Generated
+1 -1
View File
@@ -964,7 +964,7 @@ dependencies = [
[[package]] [[package]]
name = "yubikey" name = "yubikey"
version = "0.4.0" version = "0.4.2"
dependencies = [ dependencies = [
"chrono", "chrono",
"cookie-factory", "cookie-factory",
+1 -1
View File
@@ -1,6 +1,6 @@
[package] [package]
name = "yubikey" name = "yubikey"
version = "0.4.0" # Also update html_root_url in lib.rs when bumping this version = "0.4.2" # Also update html_root_url in lib.rs when bumping this
description = """ description = """
Pure Rust cross-platform host-side driver for YubiKey devices from Yubico with Pure Rust cross-platform host-side driver for YubiKey devices from Yubico with
support for hardware-backed public-key decryption and digital signatures using support for hardware-backed public-key decryption and digital signatures using
+3 -3
View File
@@ -78,9 +78,9 @@ impl CardId {
/// Cardholder Capability Container (CCC) Identifier. /// Cardholder Capability Container (CCC) Identifier.
#[derive(Copy, Clone, Debug, Eq, PartialEq)] #[derive(Copy, Clone, Debug, Eq, PartialEq)]
pub struct Ccc(pub [u8; Self::BYTE_SIZE]); pub struct CccId(pub [u8; Self::BYTE_SIZE]);
impl Ccc { impl CccId {
/// CCC size in bytes /// CCC size in bytes
pub const BYTE_SIZE: usize = 51; pub const BYTE_SIZE: usize = 51;
@@ -115,7 +115,7 @@ impl Ccc {
} }
} }
impl Display for Ccc { impl Display for CccId {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(str::from_utf8(&hex::encode(&self.0[..])).unwrap()) f.write_str(str::from_utf8(&hex::encode(&self.0[..])).unwrap())
} }
+5 -5
View File
@@ -131,7 +131,7 @@
#![cfg_attr(docsrs, feature(doc_cfg))] #![cfg_attr(docsrs, feature(doc_cfg))]
#![doc( #![doc(
html_logo_url = "https://raw.githubusercontent.com/iqlusioninc/yubikey.rs/main/img/logo.png", html_logo_url = "https://raw.githubusercontent.com/iqlusioninc/yubikey.rs/main/img/logo.png",
html_root_url = "https://docs.rs/yubikey/0.4.0" html_root_url = "https://docs.rs/yubikey/0.4.2"
)] )]
#![forbid(unsafe_code)] #![forbid(unsafe_code)]
#![warn(missing_docs, rust_2018_idioms, trivial_casts, unused_qualifications)] #![warn(missing_docs, rust_2018_idioms, trivial_casts, unused_qualifications)]
@@ -153,12 +153,12 @@ pub mod piv;
mod policy; mod policy;
pub mod reader; pub mod reader;
mod serialization; mod serialization;
mod settings; mod setting;
mod transaction; mod transaction;
mod yubikey; mod yubikey;
pub use crate::{ pub use crate::{
cccid::{CardId, Ccc}, cccid::{CardId, CccId},
certificate::Certificate, certificate::Certificate,
chuid::ChuId, chuid::ChuId,
config::Config, config::Config,
@@ -167,7 +167,7 @@ pub use crate::{
piv::Key, piv::Key,
policy::{PinPolicy, TouchPolicy}, policy::{PinPolicy, TouchPolicy},
reader::Context, reader::Context,
settings::{SettingSource, SettingValue}, setting::{Setting, SettingSource},
yubikey::{CachedPin, Serial, Version, YubiKey}, yubikey::{CachedPin, Serial, Version, YubiKey},
}; };
@@ -180,4 +180,4 @@ pub use uuid::Uuid;
pub type ObjectId = u32; pub type ObjectId = u32;
/// Buffer type (self-zeroizing byte vector) /// Buffer type (self-zeroizing byte vector)
pub(crate) type Buffer = zeroize::Zeroizing<Vec<u8>>; pub type Buffer = zeroize::Zeroizing<Vec<u8>>;
+5 -5
View File
@@ -48,7 +48,7 @@ use crate::{
error::{Error, Result}, error::{Error, Result},
policy::{PinPolicy, TouchPolicy}, policy::{PinPolicy, TouchPolicy},
serialization::*, serialization::*,
settings, setting,
yubikey::YubiKey, yubikey::YubiKey,
Buffer, ObjectId, Buffer, ObjectId,
}; };
@@ -481,7 +481,7 @@ pub fn generate(
const SZ_ROCA_BLOCK_ADMIN: &str = "was blocked due to an administrator configuration setting."; const SZ_ROCA_BLOCK_ADMIN: &str = "was blocked due to an administrator configuration setting.";
const SZ_ROCA_DEFAULT: &str = "was permitted by default, but is not recommended. The default behavior will change in a future Yubico release."; const SZ_ROCA_DEFAULT: &str = "was permitted by default, but is not recommended. The default behavior will change in a future Yubico release.";
let setting_roca: settings::SettingValue; let setting_roca: setting::Setting;
match algorithm { match algorithm {
AlgorithmId::Rsa1024 | AlgorithmId::Rsa2048 => { AlgorithmId::Rsa1024 | AlgorithmId::Rsa2048 => {
@@ -489,17 +489,17 @@ pub fn generate(
&& (yubikey.version.minor < 3 && (yubikey.version.minor < 3
|| yubikey.version.minor == 3 && (yubikey.version.patch < 5)) || yubikey.version.minor == 3 && (yubikey.version.patch < 5))
{ {
setting_roca = settings::SettingValue::get(SZ_SETTING_ROCA, true); setting_roca = setting::Setting::get(SZ_SETTING_ROCA, true);
let psz_msg = match setting_roca.source { let psz_msg = match setting_roca.source {
settings::SettingSource::User => { setting::SettingSource::User => {
if setting_roca.value { if setting_roca.value {
SZ_ROCA_ALLOW_USER SZ_ROCA_ALLOW_USER
} else { } else {
SZ_ROCA_BLOCK_USER SZ_ROCA_BLOCK_USER
} }
} }
settings::SettingSource::Admin => { setting::SettingSource::Admin => {
if setting_roca.value { if setting_roca.value {
SZ_ROCA_ALLOW_ADMIN SZ_ROCA_ALLOW_ADMIN
} else { } else {
+6 -6
View File
@@ -66,7 +66,7 @@ impl Default for SettingSource {
/// system administrator, or by the local user via `YUBIKEY_PIV_*` environment /// system administrator, or by the local user via `YUBIKEY_PIV_*` environment
/// variables. /// variables.
#[derive(Copy, Clone, Debug)] #[derive(Copy, Clone, Debug)]
pub struct SettingValue { pub struct Setting {
/// Boolean value /// Boolean value
pub value: bool, pub value: bool,
@@ -74,8 +74,8 @@ pub struct SettingValue {
pub source: SettingSource, pub source: SettingSource,
} }
impl SettingValue { impl Setting {
/// Get a [`SettingValue`] value by name. /// Get a setting by name.
pub fn get(key: &str, default: bool) -> Self { pub fn get(key: &str, default: bool) -> Self {
Self::from_file(key) Self::from_file(key)
.or_else(|| Self::from_env(key)) .or_else(|| Self::from_env(key))
@@ -109,7 +109,7 @@ impl SettingValue {
}; };
if name == key { if name == key {
return Some(SettingValue { return Some(Setting {
source: SettingSource::Admin, source: SettingSource::Admin,
value: value == "1" || value == "true", value: value == "1" || value == "true",
}); });
@@ -124,14 +124,14 @@ impl SettingValue {
fn from_env(key: &str) -> Option<Self> { fn from_env(key: &str) -> Option<Self> {
env::var(format!("YUBIKEY_PIV_{}", key)) env::var(format!("YUBIKEY_PIV_{}", key))
.ok() .ok()
.map(|value| SettingValue { .map(|value| Setting {
source: SettingSource::User, source: SettingSource::User,
value: value == "1" || value == "true", value: value == "1" || value == "true",
}) })
} }
} }
impl Default for SettingValue { impl Default for Setting {
fn default() -> Self { fn default() -> Self {
Self { Self {
value: false, value: false,
+5 -5
View File
@@ -32,7 +32,7 @@
use crate::{ use crate::{
apdu::{Apdu, Ins}, apdu::{Apdu, Ins},
cccid::Ccc, cccid::CccId,
chuid::ChuId, chuid::ChuId,
config::Config, config::Config,
error::{Error, Result}, error::{Error, Result},
@@ -275,8 +275,8 @@ impl YubiKey {
} }
/// Get Cardholder Capability Container (CCC) Identifier. /// Get Cardholder Capability Container (CCC) Identifier.
pub fn cccid(&mut self) -> Result<Ccc> { pub fn cccid(&mut self) -> Result<CccId> {
Ccc::get(self) CccId::get(self)
} }
/// Authenticate to the card using the provided management key (MGM). /// Authenticate to the card using the provided management key (MGM).
@@ -476,12 +476,12 @@ impl YubiKey {
/// Block PUK: permanently prevent the PIN from becoming unblocked. /// Block PUK: permanently prevent the PIN from becoming unblocked.
#[cfg(feature = "untested")] #[cfg(feature = "untested")]
#[cfg_attr(docsrs, doc(cfg(feature = "untested")))] #[cfg_attr(docsrs, doc(cfg(feature = "untested")))]
pub fn block_puk(yubikey: &mut YubiKey) -> Result<()> { pub fn block_puk(&mut self) -> Result<()> {
let mut puk = [0x30, 0x42, 0x41, 0x44, 0x46, 0x30, 0x30, 0x44]; let mut puk = [0x30, 0x42, 0x41, 0x44, 0x46, 0x30, 0x30, 0x44];
let mut tries_remaining: i32 = -1; let mut tries_remaining: i32 = -1;
let mut flags = [0]; let mut flags = [0];
let txn = yubikey.begin_transaction()?; let txn = self.begin_transaction()?;
while tries_remaining != 0 { while tries_remaining != 0 {
// 2 -> change puk // 2 -> change puk