turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
609 commits 1 branch 0 tags 1.7 MiB
Commit graph

72 commits

Author SHA1 Message Date
Heiko Schaefer
13b2b62f07
Simplify: use the changed CardBackend handling and the new openpgp-card-sequoia Card struct 2022-09-28 20:44:34 +02:00
Heiko Schaefer
c96377c9df
OpenPGP owns CardBackend (instead of holding a &mut CardBackend). 
When OpenPgp holds a &mut CardBackend, clients of this library need to keep track of the CardBackend (which adds unnecessary complexity).
 2022-09-28 20:42:27 +02:00
Heiko Schaefer
9aff50d2d3
Fix lint warnings 2022-09-04 20:36:17 +02:00
Heiko Schaefer
96e28b1b4f
opgpcard: Add optional user-id parameter for "pubkey" and "admin generate", to bind User IDs to the certificate. 2022-09-04 20:30:33 +02:00
Heiko Schaefer
8e6f03a2c5
Fix new clippy lints. 2022-08-30 19:19:25 +02:00
Heiko Schaefer
380592b069
opgpcard: implement import of encrypted keys. 
- handle cases where not all keys are encrypted, or keys are encrypted with different passwords.
- check availability of all necessary passwords before starting to write to the card.

(Fixes #33)
 2022-08-05 22:43:23 +02:00
Heiko Schaefer
b614716c0b
Don't require a certificate for signing or decryption (use the public key material from the card instead). 2022-07-25 18:12:03 +02:00
Heiko Schaefer
a477b81a19
Clippy fixes: don't bind unit values. 2022-07-16 12:13:37 +02:00
Heiko Schaefer
d96e56651b
Add callback Fn for touch confirmation prompt to generate attestations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
374f9eec89
Add callback Fn for touch confirmation prompt for decryption operations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
079cc32427
Add callback Fn for touch confirmation prompt for signing operations. 2022-06-11 09:55:05 +02:00
Heiko Schaefer
f9d69dbefb
Implement 'opgpcard admin touch' to set the touch confirmation policy. 2022-06-11 09:55:03 +02:00
Heiko Schaefer
15d457864c
Reorganize 'status' output format 2022-06-11 09:55:03 +02:00
Heiko Schaefer
0694e084e4
Add comment about verifying the admin PIN before attempting a PIN-change (and a link to a yubico developer blog article detailing a potential pitfall of *not* doing that check) 2022-05-24 18:33:46 +02:00
Heiko Schaefer
26f1af2bd3
Use select_data() in AttCommand::Show 2022-05-24 16:20:59 +02:00
Heiko Schaefer
22c29262d3
Implement attestation-related functionality in opgpcard 2022-05-24 16:20:59 +02:00
Heiko Schaefer
b668aebaba
KeyGenerationTime: remove formatted(); add to_datetime(); implement Display. 2022-05-01 21:36:06 +02:00
Heiko Schaefer
02b42081b9
Implement Display for CardholderRelatedData 2022-05-01 21:36:06 +02:00
Heiko Schaefer
b795f32f09
opgpcard: Print additional card status details 2022-04-23 21:20:59 +02:00
Heiko Schaefer
34b1be073a
Clean up SSH public key output text 2022-04-23 21:03:59 +02:00
Heiko Schaefer
8514ef35d1
Tweak opgpcard status output. 2022-04-21 19:39:00 +02:00
Heiko Schaefer
9edd459d86
Update to rpassword 6 2022-04-21 18:01:29 +02:00
Heiko Schaefer
3dadc5d16f
Always style PIN names as "User PIN" and "Admin PIN", in user interactions. 2022-04-21 17:58:05 +02:00
Heiko Schaefer
99e0c6caaf
Implement, document PIN management in opgpcard 2022-04-21 13:28:21 +02:00
Heiko Schaefer
55696346c9
Use Display trait to print card information 2022-04-15 17:52:55 +02:00
Heiko Schaefer
e6c40be8ad
Adjusted/improved handling of public keys (especially to find the correct KDF parameters for ECC decryption keys): 
- "Brute force" find the right KDF parameters in the new helper fn public_key_material_and_fp_to_key() [try possible parameters until a matching fingerprint is found, error if none].
- In `opgpcard pubkey`, use public_key_material_and_fp_to_key() to find the right parameters for the ECC decryption subkey (this subcommand now fails when the fingerprint on the card doesn't match the fingerprint of the public key data for that key slot)
- When generating OpenPGP ECC decryption keys from public key material (including to compute fingerprints from the key material), use SHA256/AES128 as default parameters.
 2022-04-15 16:17:04 +02:00
Heiko Schaefer
58b8454e33
Implement an "info" command that prints capabilities/metadata for a card (the output format is currently not very nice, it would benefit from working on https://gitlab.com/hkos/openpgp-card/-/issues/9). 2022-04-03 02:27:27 +02:00
Heiko Schaefer
2f903f5907
Implement a "pubkey" command that prints the OpenPGP public key representation of the keys on a card. 2022-04-03 00:58:32 +02:00
Heiko Schaefer
1f7d17bc70
Optionally allow interactive PIN entry. 2022-03-30 01:31:49 +02:00
Heiko Schaefer
f069fb1e20
Model PINs as &[u8] in openpgp-card-sequoia 2022-03-29 22:40:26 +02:00
Heiko Schaefer
e18affc1ea
Print guidance for the '--card' parameter in status/ssh, when more than one card is plugged in. 2022-03-25 21:05:40 +01:00
Heiko Schaefer
2f32583fd1
Adjust opgpcard ssh output 2022-03-18 17:00:37 +01:00
Heiko Schaefer
4656394112
Move printing of ssh information into its own command 2022-03-18 12:38:15 +01:00
Heiko Schaefer
0b4a18b136
Fix clippy lints 2022-03-06 16:15:13 +01:00
Heiko Schaefer
0d2bf91676
Upgrade to clap 3.1 2022-03-06 15:19:56 +01:00
Heiko Schaefer
421e4d155f
Make OpenPgp "Send + Sync" 2022-02-28 11:06:00 +01:00
Heiko Schaefer
326ba895a9
Print language setting(s) in display format 2022-02-25 18:56:37 +01:00
Heiko Schaefer
8ab3a43d6e
Use Error::InternalError less, introduce additional specific error variants. 2022-02-24 21:25:47 +01:00
Heiko Schaefer
96167f6530
Move OpenPGP card functionality into OpenPgp/OpenPgpTransaction. 
This separates backend access (implemented in CardBackend and CardTransaction) from OpenPGP card operations.

Fixes #7
 2022-02-24 21:25:47 +01:00
Heiko Schaefer
636813279b
Reformatted to conform to vanilla rustfmt. 2022-02-24 21:25:47 +01:00
Neal H. Walfield
64119c4f29
Where possible, avoid unnecessary boxing. 2022-02-18 17:43:29 +01:00
Heiko Schaefer
e01c79e857
Tweak ergonomics of openpgp-card-pcsc usage and simplify client code. 2022-02-18 15:06:31 +01:00
Heiko Schaefer
c23f23c619
Introduce the new CardBackend trait. 
A CardBackend represents a card without an open transaction (a CardTransaction implementation can be acquired from a CardBackend).
 2022-02-18 15:06:31 +01:00
Heiko Schaefer
5133051626
Rename CardClient -> CardTransaction. 2022-02-18 15:06:31 +01:00
Heiko Schaefer
dcf73bd86d
More explicit data type Lang for language. 2022-02-16 10:02:35 +01:00
Heiko Schaefer
574d7be765
Use byte-array data types for url, name, lang in openpgp-card. 2022-02-15 15:34:52 +01:00
Heiko Schaefer
0e94871189
Implement PcscCard::transaction() to replace the transaction!() macro. 
(This currently requires unreleased pcsc from git)
 2022-02-15 15:34:52 +01:00
Heiko Schaefer
87788e8912
rename get_txc!() -> transaction!() 2022-02-15 10:53:46 +01:00
Heiko Schaefer
984aa219bf
Print the auth key in ssh public key format, in the "status" output. 2022-02-15 10:53:46 +01:00
Heiko Schaefer
36b9fb2770
get_txc!() now assumes the OpenPGP application should be re-selected, by default 2022-02-15 10:49:55 +01:00