Commit graph

198 commits

Author SHA1 Message Date
Nora Widdecke
1834762879
opgpcard: Remove negative logic 2022-10-25 14:53:05 +02:00
Nora Widdecke
e81ebd21a0
opgpcard: Restrict values of id of set-identity 2022-10-25 14:53:05 +02:00
Nora Widdecke
a7731ec467
opgpcard: Add Nora to license headers 2022-10-25 14:53:05 +02:00
Nora Widdecke
e9787dcbd3
opgpcard: Make TouchPolicy type safe 2022-10-25 14:53:05 +02:00
Nora Widdecke
9dd4f3ab56
opgpcard: Make the KeySlots type safe 2022-10-25 14:44:44 +02:00
Heiko Schaefer
708a8b2707
opgpcard: remove dependencies on lower level openpgp-card (use only the openpgp-card-sequoia API) 2022-10-25 12:53:37 +02:00
Heiko Schaefer
fff5b18310
opgpcard: adjust handling of card_service_data 2022-10-25 10:37:37 +02:00
Lars Wirzenius
bfb7449686 add an example for scripting use of opgpcard
Sponsored-by: NLnet Foundation; NGI Assure
2022-10-24 20:30:14 +03:00
Lars Wirzenius
dd02a29497 add integration/acceptance test with Subplot
These need to be run with the virtual smartcard emulation in the
Docker container specified in .gitlab-ci.yml for tests.

The tests are a little simplistic, as it turned out that making
changes to the smart card results in flaky tests. Thus only parts of
opgpcard that don't change the card are tested.

Sponsored-by: NLnet Foundation; NGI Assure
2022-10-24 20:30:14 +03:00
Lars Wirzenius
0b616e7b6e implement output formats, version
This is where we actually implement support for the new, versioned
JSON/YAML output formatting.
2022-10-24 19:33:21 +03:00
Lars Wirzenius
dd6950e5fe add command line options to specify output format, version
In this change, these have no effect, but they will have soon. Very soon.

Sponsored-by: NLnet Foundation; NGI Assure
2022-10-24 19:33:21 +03:00
Lars Wirzenius
eb0ad179f6 output: add module that models output for various subcommands
Each subcommand has its own model, and models for each major version
of the output. This isn't used yet, but soon will be.

Sponsored-by: author
2022-10-24 19:33:21 +03:00
Lars Wirzenius
dd0b74c43b versioned_output.rs: add scaffolding for versioned JSON
JSON and other structured output needs to be versioned so that
consumers can rely on it long term. Add a module for specifying output
format and version, as well as traits for implementing things. This
doesn't do anything on its own, but future changes will build on it.

Sponsored-by: NLnet Foundation; NGI Assure
2022-10-24 19:33:21 +03:00
Lars Wirzenius
326aa23dba tools/Cargo.toml: add dependencies for upcoming changes
These dependencies aren't used yet, but are added in preparation for
upcoming changes.

Sponsored-by: NLnet Foundation; NGI Assure
2022-10-24 19:33:21 +03:00
Heiko Schaefer
35f6240608
Bump versions.
This fixes a mistake with the openpgp-card-pcsc 0.2.2 release: openpgp-card-pcsc 0.2.2 depends on openpgp-card 0.3. However, this results in an (accidental) semver break, because openpgp-card-pcsc exposes parts of the openpgp-card API.
See https://gitlab.com/openpgp-card/openpgp-card/-/issues/41
2022-10-01 15:36:17 +02:00
Heiko Schaefer
dc72a9c6c2
Clarify version requirement 2022-09-28 21:03:03 +02:00
Heiko Schaefer
efc2aefcc9
Bump versions 2022-09-28 20:48:14 +02:00
Heiko Schaefer
13b2b62f07
Simplify: use the changed CardBackend handling and the new openpgp-card-sequoia Card struct 2022-09-28 20:44:34 +02:00
Heiko Schaefer
c96377c9df
OpenPGP owns CardBackend (instead of holding a &mut CardBackend).
When OpenPgp holds a &mut CardBackend, clients of this library need to keep track of the CardBackend (which adds unnecessary complexity).
2022-09-28 20:42:27 +02:00
Heiko Schaefer
4b16a0bf63
Bump version 2022-09-27 22:13:47 +02:00
Heiko Schaefer
9fe1ca31c0
Bump version 2022-09-18 15:30:50 +02:00
Heiko Schaefer
9734ed5dc9
Bump version 2022-09-08 19:30:31 +02:00
Heiko Schaefer
8cadded9f0
opgpcard: rename parameter "user-id" to "userid" to match sq 2022-09-08 19:30:05 +02:00
Heiko Schaefer
69ea7c453b
opgpcard: Document optionally binding User IDs to certificates in 'admin generate' and 'pubkey'. 2022-09-04 20:45:04 +02:00
Heiko Schaefer
9aff50d2d3
Fix lint warnings 2022-09-04 20:36:17 +02:00
Heiko Schaefer
fa524a4942
Bump version 2022-09-04 20:33:42 +02:00
Heiko Schaefer
639c80f6c8
Bump version 2022-09-04 20:31:08 +02:00
Heiko Schaefer
96e28b1b4f
opgpcard: Add optional user-id parameter for "pubkey" and "admin generate", to bind User IDs to the certificate. 2022-09-04 20:30:33 +02:00
Heiko Schaefer
8e6f03a2c5
Fix new clippy lints. 2022-08-30 19:19:25 +02:00
Heiko Schaefer
e5537c04f5
Bump version 2022-08-05 23:01:25 +02:00
Heiko Schaefer
9309658d39
Document password entry for opgpcard key import. 2022-08-05 23:01:25 +02:00
Heiko Schaefer
380592b069
opgpcard: implement import of encrypted keys.
- handle cases where not all keys are encrypted, or keys are encrypted with different passwords.
- check availability of all necessary passwords before starting to write to the card.

(Fixes #33)
2022-08-05 22:43:23 +02:00
Heiko Schaefer
3f833faf3b
Change short option name for showing "public-key-material" in status to '-K' for uniqueness. 2022-07-26 16:16:44 +02:00
Heiko Schaefer
93b0cf93d0
openpgp-card-tools documentation: Use long form option names (except for PIN options). 2022-07-26 16:15:39 +02:00
Heiko Schaefer
4b20107197
openpgp-card-tools documentation edits.
- always show examples for interactive pin-entry first, as the default,
- fix documentation error for 'pin set-admin',
- misc minor edits.
2022-07-26 16:08:05 +02:00
Heiko Schaefer
202b0ef5ce
Uniformly use 'YubiKey' styling. 2022-07-26 09:43:27 +02:00
Heiko Schaefer
8427eadfad
Bump versions 2022-07-25 18:13:36 +02:00
Heiko Schaefer
b614716c0b
Don't require a certificate for signing or decryption (use the public key material from the card instead). 2022-07-25 18:12:03 +02:00
Lars Wirzenius
f8d7ea86cc
Add rudimentary, ugly Debian packaging
Someone should do this right, and upload the result to Debian.
2022-07-19 11:15:36 +03:00
Heiko Schaefer
a477b81a19
Clippy fixes: don't bind unit values. 2022-07-16 12:13:37 +02:00
Heiko Schaefer
f93d7bbb30
Bump versions 2022-06-22 21:58:51 +02:00
Heiko Schaefer
6d52835efa
Adjust paths for move to gitlab group 'openpgp-card'. 2022-06-11 21:46:32 +02:00
Heiko Schaefer
febf960b39
Bump versions 2022-06-11 10:03:52 +02:00
Heiko Schaefer
d96e56651b
Add callback Fn for touch confirmation prompt to generate attestations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
374f9eec89
Add callback Fn for touch confirmation prompt for decryption operations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
079cc32427
Add callback Fn for touch confirmation prompt for signing operations. 2022-06-11 09:55:05 +02:00
Heiko Schaefer
f9d69dbefb
Implement 'opgpcard admin touch' to set the touch confirmation policy. 2022-06-11 09:55:03 +02:00
Heiko Schaefer
15d457864c
Reorganize 'status' output format 2022-06-11 09:55:03 +02:00
Heiko Schaefer
0694e084e4
Add comment about verifying the admin PIN before attempting a PIN-change (and a link to a yubico developer blog article detailing a potential pitfall of *not* doing that check) 2022-05-24 18:33:46 +02:00
Heiko Schaefer
cd40e2bae4
Bump versions:
- openpgp-card 0.2.5
- openpgp-card-sequoia 0.0.12
- openpgp-tools 0.0.10
2022-05-24 16:20:59 +02:00
Heiko Schaefer
ff1ef2a316
Add documentation for attestation functionality. 2022-05-24 16:20:59 +02:00
Heiko Schaefer
26f1af2bd3
Use select_data() in AttCommand::Show 2022-05-24 16:20:59 +02:00
Heiko Schaefer
22c29262d3
Implement attestation-related functionality in opgpcard 2022-05-24 16:20:59 +02:00
Heiko Schaefer
b668aebaba
KeyGenerationTime: remove formatted(); add to_datetime(); implement Display. 2022-05-01 21:36:06 +02:00
Heiko Schaefer
02b42081b9
Implement Display for CardholderRelatedData 2022-05-01 21:36:06 +02:00
Heiko Schaefer
87c848f1a4
Document that opgpcard needs pcscd; troubleshooting cards being locked by scdaemon. 2022-04-27 13:11:40 +02:00
Heiko Schaefer
9aa46adffb
remove disable_help_subcommand 2022-04-26 14:41:20 +02:00
Heiko Schaefer
3df649d149
Release: openpgp-card 0.2.4, openpgp-card-tools 0.0.9 2022-04-23 21:23:53 +02:00
Heiko Schaefer
b795f32f09
opgpcard: Print additional card status details 2022-04-23 21:20:59 +02:00
Heiko Schaefer
34b1be073a
Clean up SSH public key output text 2022-04-23 21:03:59 +02:00
Heiko Schaefer
c275bfc7dd
Add more help output, re-organize commands 2022-04-21 20:06:16 +02:00
Heiko Schaefer
3442bd265d
Edits for consistency 2022-04-21 19:44:03 +02:00
Heiko Schaefer
8514ef35d1
Tweak opgpcard status output. 2022-04-21 19:39:00 +02:00
Heiko Schaefer
f4e344b959
Bump openpgp-card-sequoia to 0.0.11; openpgp-card-tools to 0.0.8 2022-04-21 18:24:14 +02:00
Heiko Schaefer
9b4a603ace
Move cardholder URL options to tools/README.md, to keep the guide short. 2022-04-21 18:22:28 +02:00
Heiko Schaefer
9edd459d86
Update to rpassword 6 2022-04-21 18:01:29 +02:00
Heiko Schaefer
3dadc5d16f
Always style PIN names as "User PIN" and "Admin PIN", in user interactions. 2022-04-21 17:58:05 +02:00
Heiko Schaefer
fe8768298b
Remove extra opgpcard-pin program. Its functionality has been folded into opgpcard. 2022-04-21 13:28:22 +02:00
Heiko Schaefer
99e0c6caaf
Implement, document PIN management in opgpcard 2022-04-21 13:28:21 +02:00
Heiko Schaefer
fbdb9e87b2
Adjust openpgp-card-sequoia API to take resetting code as &[u8] instead of &str. 2022-04-21 13:28:21 +02:00
Heiko Schaefer
d3e49e0bb3
Add cautionary text about OpenPGP cert export 2022-04-20 12:32:49 +02:00
Heiko Schaefer
33c0c5a3df
Update documentation for opgpcard info. 2022-04-15 18:04:43 +02:00
Heiko Schaefer
af3fd437ed
Bump openpgp-card to 0.2.3 (and use in openpgp-card-tools) 2022-04-15 17:52:56 +02:00
Heiko Schaefer
55696346c9
Use Display trait to print card information 2022-04-15 17:52:55 +02:00
Heiko Schaefer
e6c40be8ad
Adjusted/improved handling of public keys (especially to find the correct KDF parameters for ECC decryption keys):
- "Brute force" find the right KDF parameters in the new helper fn public_key_material_and_fp_to_key() [try possible parameters until a matching fingerprint is found, error if none].
- In `opgpcard pubkey`, use public_key_material_and_fp_to_key() to find the right parameters for the ECC decryption subkey (this subcommand now fails when the fingerprint on the card doesn't match the fingerprint of the public key data for that key slot)
- When generating OpenPGP ECC decryption keys from public key material (including to compute fingerprints from the key material), use SHA256/AES128 as default parameters.
2022-04-15 16:17:04 +02:00
Heiko Schaefer
aae546326f
Clean up dependencies; move openpgp-card-sequoia test-code into examples/. 2022-04-12 11:41:33 +02:00
Heiko Schaefer
43c8c12870
Bump openpgp-card-tools version to 0.0.6 2022-04-03 02:28:11 +02:00
Heiko Schaefer
58b8454e33
Implement an "info" command that prints capabilities/metadata for a card (the output format is currently not very nice, it would benefit from working on https://gitlab.com/hkos/openpgp-card/-/issues/9). 2022-04-03 02:27:27 +02:00
Heiko Schaefer
2f903f5907
Implement a "pubkey" command that prints the OpenPGP public key representation of the keys on a card. 2022-04-03 00:58:32 +02:00
Heiko Schaefer
6525c2ddbc
openpgp-card-sequoia release 0.0.9, use as a dependency in openpgp-card-tools 0.0.5 2022-03-30 03:15:07 +02:00
Heiko Schaefer
79499e2e1d
Bump openpgp-card-tools to 0.0.5 2022-03-30 02:50:30 +02:00
Heiko Schaefer
1f7d17bc70
Optionally allow interactive PIN entry. 2022-03-30 01:31:49 +02:00
Heiko Schaefer
f069fb1e20
Model PINs as &[u8] in openpgp-card-sequoia 2022-03-29 22:40:26 +02:00
Heiko Schaefer
e95b8c33bf
Expand documentation for opgpcard-pin 2022-03-25 21:55:18 +01:00
Heiko Schaefer
d6f0d90899
Add more example output, minor editing. 2022-03-25 21:25:14 +01:00
Heiko Schaefer
e18affc1ea
Print guidance for the '--card' parameter in status/ssh, when more than one card is plugged in. 2022-03-25 21:05:40 +01:00
Heiko Schaefer
d39d88694d
Adjust mistakenly copied SPDX header 2022-03-23 12:11:07 +01:00
Heiko Schaefer
63b47cffdc
Update/remove dependency on env_logger 2022-03-22 11:27:48 +01:00
Heiko Schaefer
2f32583fd1
Adjust opgpcard ssh output 2022-03-18 17:00:37 +01:00
Heiko Schaefer
4656394112
Move printing of ssh information into its own command 2022-03-18 12:38:15 +01:00
Heiko Schaefer
0b4a18b136
Fix clippy lints 2022-03-06 16:15:13 +01:00
Heiko Schaefer
0d2bf91676
Upgrade to clap 3.1 2022-03-06 15:19:56 +01:00
Heiko Schaefer
421e4d155f
Make OpenPgp "Send + Sync" 2022-02-28 11:06:00 +01:00
Heiko Schaefer
326ba895a9
Print language setting(s) in display format 2022-02-25 18:56:37 +01:00
Heiko Schaefer
a8637f48b1
Bump versions 2022-02-24 21:25:47 +01:00
Heiko Schaefer
8ab3a43d6e
Use Error::InternalError less, introduce additional specific error variants. 2022-02-24 21:25:47 +01:00
Heiko Schaefer
96167f6530
Move OpenPGP card functionality into OpenPgp/OpenPgpTransaction.
This separates backend access (implemented in CardBackend and CardTransaction) from OpenPGP card operations.

Fixes #7
2022-02-24 21:25:47 +01:00
Heiko Schaefer
636813279b
Reformatted to conform to vanilla rustfmt. 2022-02-24 21:25:47 +01:00
Neal H. Walfield
64119c4f29
Where possible, avoid unnecessary boxing. 2022-02-18 17:43:29 +01:00
Heiko Schaefer
1496da6dd5
Rename pcsc::PcscCard -> pcsc::PcscBackend, pcsc::TxClient -> pcsc::PcscTransaction 2022-02-18 15:58:12 +01:00