turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
580 commits 1 branch 0 tags 1.7 MiB
Commit graph

273 commits

Author SHA1 Message Date
Heiko Schaefer
56d03ffca6
Drop use of "anyhow". 2022-02-24 21:25:47 +01:00
Heiko Schaefer
986094fac8
Update/improve crate level documentation. 2022-02-24 21:25:47 +01:00
Heiko Schaefer
e9235164c8
Rename PIN-related functions for clarity 2022-02-24 21:25:47 +01:00
Heiko Schaefer
8ab3a43d6e
Use Error::InternalError less, introduce additional specific error variants. 2022-02-24 21:25:47 +01:00
Heiko Schaefer
088bb88a02
Consistently model pin as &[u8] in openpgp-card. 
Fixes #22
 2022-02-24 21:25:47 +01:00
Heiko Schaefer
96167f6530
Move OpenPGP card functionality into OpenPgp/OpenPgpTransaction. 
This separates backend access (implemented in CardBackend and CardTransaction) from OpenPGP card operations.

Fixes #7
 2022-02-24 21:25:47 +01:00
Heiko Schaefer
074bab321e
Add notes that "check_pw1 causes the error counter to decrease" (see #23) on some cards 2022-02-24 21:25:47 +01:00
Heiko Schaefer
12a6a77b8d
CardTransaction::method should not return a Response. Most don't have a return value, the rest should return Vec<u8> instead. 
Fixes #19
 2022-02-24 21:25:47 +01:00
Heiko Schaefer
636813279b
Reformatted to conform to vanilla rustfmt. 2022-02-24 21:25:47 +01:00
Neal H. Walfield
c4119ae77f
For CardBackend and CardTransaction, implement T for Box<T> 
- Allow a Box<dyn CardBackend> to be used in all contexts where a
    type that implements CardBackend can be used.

  - Likewise for CardTransaction.
 2022-02-18 17:45:09 +01:00
Heiko Schaefer
282b16fdba
Cleanup: move ?Sized bounds to "where". 2022-02-18 15:09:33 +01:00
Heiko Schaefer
c23f23c619
Introduce the new CardBackend trait. 
A CardBackend represents a card without an open transaction (a CardTransaction implementation can be acquired from a CardBackend).
 2022-02-18 15:06:31 +01:00
Heiko Schaefer
5133051626
Rename CardClient -> CardTransaction. 2022-02-18 15:06:31 +01:00
Heiko Schaefer
5b2979874b
Implement methods on the CardClient trait rather than on dyn CardClient. 
This patch is largely based on input and an MR by @nwalfield.
 2022-02-18 15:06:31 +01:00
Heiko Schaefer
06ad7772a6
Remove remnants of card_app. 2022-02-16 18:21:49 +01:00
Heiko Schaefer
dcf73bd86d
More explicit data type Lang for language. 2022-02-16 10:02:35 +01:00
Heiko Schaefer
889eedbb79
Remove cardholder_certificate from the public CardClient API, for now (until we learn of actual use cases for this part of the spec). 2022-02-15 16:07:05 +01:00
Heiko Schaefer
574d7be765
Use byte-array data types for url, name, lang in openpgp-card. 2022-02-15 15:34:52 +01:00
Heiko Schaefer
2480745088
Move implementation of low-level OpenPGP functionality from CardApp to CardClient. 2022-02-14 17:46:16 +01:00
Heiko Schaefer
5e7fcd079b
Change CardApp API: take &mut CardClient parameter for all calls (instead of owning a CardClientBox). 
This way, clients can exert control over the state of the CardClient, e.g. to combine CardApp operations in a PCSC transaction.
 2022-02-14 17:43:07 +01:00
Heiko Schaefer
748c334403
Implement TxClient to use pcsc with transactions (transaction opening code is duplicated) 2022-02-14 17:43:07 +01:00
Heiko Schaefer
476f46dacc
Simplify get_data() by splitting it into a one-byte- and two-byte-tag variant. 2022-02-09 13:34:43 +01:00
Heiko Schaefer
8a899afb9d
Fix/clean up limitation of data length. 2022-02-09 12:50:42 +01:00
Heiko Schaefer
40f279684e
workaround and test for "ledger nano s" quirks 2022-02-08 12:28:17 +01:00
Heiko Schaefer
b04295543e
Gracefully handle missing algorithm_information in generate_key_simple() 2021-12-10 22:42:37 +01:00
Heiko Schaefer
413e8b7d2a
Bump versions for releases. 2021-12-02 18:45:46 +01:00
Heiko Schaefer
4ff2cf8b2e
Normalize naming: always use algo_info instead of algo_list. 2021-12-02 18:35:54 +01:00
Heiko Schaefer
281bf403e3
Normalize naming of "private use" DO related fn. 2021-12-02 18:35:54 +01:00
Heiko Schaefer
133b290ae6
Adjust getter fn naming. 2021-12-02 18:35:54 +01:00
Heiko Schaefer
1dc178a7b2
Documentation edits. 2021-12-02 18:35:53 +01:00
Heiko Schaefer
ddcd888834
Refactor determine_ecc_attrs() for reusability. 
Use in AlgoSimple::determine_algo().
 2021-12-02 16:58:50 +01:00
Heiko Schaefer
c37c34e525
Remove bitsize of e parameter for RSA from SimpleAlgo. 
Use determine_rsa_attrs() to get a concrete Algo for a specific card from an AlgoSimple.
 2021-12-02 14:08:17 +01:00
Heiko Schaefer
10bdb32c45
Refactor determine_rsa_attrs() to be more easily reusable for key generation. 2021-12-02 13:13:28 +01:00
Heiko Schaefer
9739074b63
Minor error handling/messaging cleanups. 2021-12-01 22:23:22 +01:00
Heiko Schaefer
576110ecce
Update comments. 2021-12-01 22:21:28 +01:00
Heiko Schaefer
ecd862e23f
Remove "get_" prefix from getter function names (to better conform with Rust API Guidelines https://rust-lang.github.io/api-guidelines). 2021-12-01 19:11:22 +01:00
Heiko Schaefer
9d87cddb60
Minor tweaks in Display impl for Algo. 2021-12-01 00:06:39 +01:00
Heiko Schaefer
2709b4ad39
Implement pinpad feature detection and pinpad support for verify/modify (of pw1 and pw3) in pcsc backend. 
Extend CardCaps to contain pw1_max_len and pw3_max_len (and initialize these values from ARD).

Add pinpad_verify(), pinpad_modify(), feature_verify()/feature_modify() to CardClient API.
Expose in card_app (and openpgp-card-sequoia card API).

Adjust opgpcard, opgpcard-pin to ue pinpad reader when available.
 2021-11-30 22:51:18 +01:00
Heiko Schaefer
9e9cddc225
Implement setting of 'identity' for NitroKey Start. 2021-11-29 18:33:23 +01:00
Heiko Schaefer
9de79477b9
Implement get_firmware_version (probably YubiKey specific) 2021-11-23 20:38:46 +01:00
Heiko Schaefer
9930e7d420
Clarified: the spec says the card will format accordingly. 2021-11-22 19:24:09 +01:00
Heiko Schaefer
e695e8171a
Implement 'Display' for PublicKeyMaterial 2021-11-16 19:18:34 +01:00
Heiko Schaefer
90ae9398ed
Adjust the backend API and interaction with openpgp-card some more. 2021-11-12 18:47:56 +01:00
Heiko Schaefer
d10cbe8eff
clean up lints 2021-11-11 16:40:08 +01:00
Heiko Schaefer
d55985807c
Change the API for interactions between openpgp-card and backends. 
The goal of this change is a cleaner structure, and in particular to make it the default for client-code to obtain a CardApp with pre-initialized "capabilities" (that is, init_caps() gets called implicitely).
 2021-11-11 16:40:08 +01:00
Heiko Schaefer
288a2a8325
Add comments/assert for PSO: DECIPHER 2021-11-09 16:43:59 +01:00
Heiko Schaefer
39e7eaa9cc
Make pso_compute_digital_signature() and internal_authenticate() public. 2021-11-08 11:39:14 +01:00
Heiko Schaefer
7bb2fcb497
Wrap RSA-hashes in digestinfo, for internal_authenticate() in the new fn authenticate_for_hash(). 2021-11-07 20:32:26 +01:00
Heiko Schaefer
3d821e2c5f Add internal_authenticate() to the public API. 2021-11-05 13:33:40 +01:00
Heiko Schaefer
a88620a96d Add some more documentation to CardApp::signature_for_hash. 2021-11-04 18:06:18 +01:00
Heiko Schaefer
52a146fd56 implement internal_authenticate 2021-11-04 18:05:45 +01:00
Heiko Schaefer
19ca7d9308 In factory_reset(), StatusBytes::PasswordNotChecked is also a legal response to "verify" calls to a card (with a bad password). 2021-11-02 20:59:18 +01:00
Heiko Schaefer
5eea5c861d When card returns OkBytesAvailable(), use the returned number of bytes from sw2 when asking for the next response. 
This approach solved problems with "GET RESULT" with a "Feitian Java Card D11CR" running the ykneo applet.
 2021-11-01 21:58:08 +01:00
Heiko Schaefer
bc08ca68ed Releases 2021-10-29 22:51:23 +02:00
Heiko Schaefer
aa7528ec9a Add functionality for cli tools. 2021-10-28 00:05:41 +02:00
Heiko Schaefer
a4c04de09c Add notes about using Protected memory for private key material. 2021-10-05 17:38:08 +02:00
Heiko Schaefer
1ce74ab8c6 Pad private key scalars of ECC keys. 
MPIs can have leading zeros stripped, in OpenPGP, however, e.g. the floss34 card requires the NIST scalar in its non-stripped form.
 2021-09-23 20:54:33 +02:00
Heiko Schaefer
dbbe4ed4c1 Fix comparison of card ident (the test config shouldn't be case sensitive) 2021-09-21 16:50:34 +02:00
Heiko Schaefer
5417fde8ca Implement support for alternate ECC import format (which includes public key data) 2021-09-21 16:50:34 +02:00
Heiko Schaefer
200d7e60d1 Algo attributes for key generation should be checked if we can't set them. 2021-09-21 16:50:34 +02:00
Heiko Schaefer
c0088c4eae Hack for SmartPGP applet (use the last of the suitable algorithm variants from the Algorithm Information list). 2021-09-21 11:22:56 +02:00
Heiko Schaefer
773117965c Add RSA1k/17 and RSA1k/32 to AlgoSimple 2021-09-21 11:22:56 +02:00
Heiko Schaefer
332360cbbb Implement additional import formats for RSA key import. 2021-09-21 11:22:56 +02:00
Heiko Schaefer
256690d97c Print RSA import format in Display for Algo 2021-09-19 19:13:51 +02:00
Heiko Schaefer
0bf59c7e51 In key generation: don't set algo attributes if the card doesn't support that feature. 2021-09-17 13:56:28 +02:00
Heiko Schaefer
a39f25d8a3 Handle SW_EXACT_LENGTH (0x6c??) in send_command() 2021-09-17 13:36:20 +02:00
Heiko Schaefer
60c67d3ebe Print status bytes as hex, for UnknownStatus 2021-09-16 17:17:19 +02:00
Heiko Schaefer
e1af08646a Add comment 2021-09-16 02:07:05 +02:00
Heiko Schaefer
cdb72e271c Fix existing test, add test for v2 card 2021-09-16 01:52:34 +02:00
Heiko Schaefer
3cc9a09290 Implement discrete handling of v2 and v3 ExtendedCapabilities. 2021-09-15 17:39:47 +02:00
Heiko Schaefer
f2e5fea0fc extended capabilities: restructure, to prepare for different versions of this DO 2021-09-14 02:00:54 +02:00
Heiko Schaefer
245740febc More precise debug output. 2021-09-13 19:45:17 +02:00
Heiko Schaefer
e261d4d041 Fix refactoring mistake in rustdoc. 2021-09-09 18:17:46 +02:00
Heiko Schaefer
0302387bea Releases 2021-09-09 00:48:25 +02:00
Heiko Schaefer
62b7b35ab0 Clean up Command, simplify serialization. 2021-09-09 00:46:38 +02:00
Heiko Schaefer
52bdf4cffd Implement change_pw1(), change_pw3(), reset_retry_counter_pw1(). 2021-09-08 11:18:18 +02:00
Heiko Schaefer
891b57df06 Throw error for unexpected input length for Fingerprint. 2021-09-07 17:01:13 +02:00
Heiko Schaefer
6cfe340d2b Clippy lints 2021-09-07 17:01:13 +02:00
Heiko Schaefer
5a49b578f9 Throw errors for unexpected values while processing ExtendedCapabilities from the card. 
(Note: observed mse_command_support values were 0/1/255, so checks for that field have been disabled for now)
 2021-09-07 17:01:13 +02:00
Heiko Schaefer
6a7cb7287a Remove obsolete FIXME comments (this case is now handled upstream) 2021-09-07 14:34:31 +02:00
Heiko Schaefer
2e7ee82a58 Use StatusBytes in RawResponse (instead of a pair of u8). 
Replace status bytes constants in the code with StatusBytes enum variants.
 2021-09-07 14:34:31 +02:00
Heiko Schaefer
c5d03bd677 Rename StatusByte -> StatusBytes 2021-09-07 11:50:20 +02:00
Heiko Schaefer
a52f3a648e Check for OK status code in chained replies. 2021-09-06 22:34:06 +02:00
Heiko Schaefer
bc7dede0ac Move the code that creates a DO for setting algorithm attributes into Algo. 2021-09-06 17:07:47 +02:00
Heiko Schaefer
5fcb454b9c Remove FIXMEs; add panic to match branches that should not happen 2021-09-06 12:30:56 +02:00
Heiko Schaefer
5ccd6be1bb Remove asserts for password lengths (running the command and returning the card's error, if any, seems more appropriate) 2021-09-06 12:27:44 +02:00
Heiko Schaefer
ad929598ce Rename Features -> ExCapFeatures 2021-09-03 20:03:50 +02:00
Heiko Schaefer
48803eb454 Break apart key import function. 
Don't try to set algo attributes when Extended Capabilities doesn't list the feature.
 2021-09-03 18:49:35 +02:00
Heiko Schaefer
7a78271211 Rename decrypt() to decipher(), to correspond with naming in spec. 
Add a note to investigate PKCS#1 formatting of the command input.
 2021-09-03 13:45:19 +02:00
Heiko Schaefer
17ee12566f Minor edits to comments 2021-09-02 22:13:15 +02:00
Heiko Schaefer
8b5894e961 Rename get_app_data() to get_application_related_data() to correspond with naming in spec. 2021-09-02 22:09:46 +02:00
Heiko Schaefer
f5b31aac26 Move KeySet from card_do.rs to lib.rs 
(It is not a DO, only a container to conveniently handle triples of DO)
 2021-09-02 21:59:05 +02:00
Heiko Schaefer
6b3ae2cf62 Adjust DO struct names to correspond to naming in the spec 2021-09-02 21:54:44 +02:00
Heiko Schaefer
a415ec9a50 Minor edit in comment 2021-09-02 21:54:19 +02:00
Heiko Schaefer
ee349d9083 impl From instead of Into 2021-09-02 21:44:35 +02:00
Heiko Schaefer
393e58d489 Add simple unit tests for all card_do 2021-09-02 21:41:14 +02:00
Heiko Schaefer
c7751ff4ce Implement TryFrom (instead of offering that functionality without implementing the trait) 2021-09-02 19:39:53 +02:00
Heiko Schaefer
c377f37a9b Rename "foo/mod.rs => foo.rs" 2021-09-02 16:55:31 +02:00
Heiko Schaefer
18819c65d9 Edit comment 2021-09-02 16:52:47 +02:00
Heiko Schaefer
316ca7eb3a Rename error types and re-export them at the crate top level. 2021-09-01 23:59:56 +02:00