turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
624 commits 1 branch 0 tags 1.7 MiB
Commit graph

196 commits

Author SHA1 Message Date
Heiko Schaefer
cf04d1d3a1
Make version requirement explicit 2022-10-01 15:53:36 +02:00
Heiko Schaefer
35f6240608
Bump versions. 
This fixes a mistake with the openpgp-card-pcsc 0.2.2 release: openpgp-card-pcsc 0.2.2 depends on openpgp-card 0.3. However, this results in an (accidental) semver break, because openpgp-card-pcsc exposes parts of the openpgp-card API.
See https://gitlab.com/openpgp-card/openpgp-card/-/issues/41
 2022-10-01 15:36:17 +02:00
Sosthène Guédon
0c7fae8ef9
openpgp-card-sequoia: Implement MANAGE SECURITY ENVIRONMENT command 2022-09-30 14:24:39 +02:00
Heiko Schaefer
dc72a9c6c2
Clarify version requirement 2022-09-28 21:03:03 +02:00
Heiko Schaefer
efc2aefcc9
Bump versions 2022-09-28 20:48:14 +02:00
Heiko Schaefer
13b2b62f07
Simplify: use the changed CardBackend handling and the new openpgp-card-sequoia Card struct 2022-09-28 20:44:34 +02:00
Heiko Schaefer
15e7241807
Add Card to the openpgp-card-sequoia API, as a wrapper around a CardBackend/OpenPgp. 
This allows using the openpgp-card-sequoia API without needing the crate openpgp-card.
 2022-09-28 20:43:57 +02:00
Heiko Schaefer
c96377c9df
OpenPGP owns CardBackend (instead of holding a &mut CardBackend). 
When OpenPgp holds a &mut CardBackend, clients of this library need to keep track of the CardBackend (which adds unnecessary complexity).
 2022-09-28 20:42:27 +02:00
Heiko Schaefer
4b16a0bf63
Bump version 2022-09-27 22:13:47 +02:00
Heiko Schaefer
f87ce5e53d
openpgp-card-sequoia: 
add cardholder_name()
 2022-09-18 23:18:28 +02:00
Heiko Schaefer
3756521141
openpgp-card-sequoia: Fix make_cert() 
[The primary key was missing its CS Key Flags after the changes in 4557c40b, both in the User ID selfsigs, and the DirectKey signature]
 2022-09-18 23:18:28 +02:00
Heiko Schaefer
9fe1ca31c0
Bump version 2022-09-18 15:30:50 +02:00
Heiko Schaefer
b32cf67196
Don't implicitly add a User ID for the cardholder name, in make_cert() 2022-09-18 15:30:35 +02:00
Heiko Schaefer
2ece9734fd
opgpcard: filter out empty User IDs in make_cert() 2022-09-08 19:25:55 +02:00
Heiko Schaefer
4557c40bda
opgpcard: DRY make_cert(). 2022-09-08 19:25:35 +02:00
Heiko Schaefer
1b483b5c09
opgpcard: Add direct key signature in make_cert(). 
Without this, pubkey output contains no signatures at all, if no User ID is set.
 2022-09-08 19:25:30 +02:00
Heiko Schaefer
d167883835
opgpcard: Remove obsolete FIXME 2022-09-08 19:25:24 +02:00
Heiko Schaefer
fa524a4942
Bump version 2022-09-04 20:33:42 +02:00
Heiko Schaefer
96e28b1b4f
opgpcard: Add optional user-id parameter for "pubkey" and "admin generate", to bind User IDs to the certificate. 2022-09-04 20:30:33 +02:00
Heiko Schaefer
11ccc9b5e3
cleanup import 2022-08-05 01:29:43 +02:00
Heiko Schaefer
d4f7b8d1b0
Update copyright headers 2022-07-26 09:42:03 +02:00
Heiko Schaefer
8427eadfad
Bump versions 2022-07-25 18:13:36 +02:00
Heiko Schaefer
6e630254fa
Don't use Cert to build signer and decryptor. 
Rename decryptor/signer/authenticator getters.
Add alternatives that don't require PublicKey parameter.
 2022-07-25 18:12:03 +02:00
Heiko Schaefer
f9ed6c30c0
Clippy: don't bind unit values. 2022-07-16 14:24:49 +02:00
Heiko Schaefer
f93d7bbb30
Bump versions 2022-06-22 21:58:51 +02:00
Heiko Schaefer
7bfeb4df59
Always allow getting Sign/User 2022-06-22 21:50:57 +02:00
Heiko Schaefer
43a9abdabd
Implement signing for auth slot 2022-06-22 21:50:07 +02:00
Heiko Schaefer
17fc6ebeff
Handle empty signing key slot in key_slot() 2022-06-19 14:53:15 +02:00
Heiko Schaefer
6d52835efa
Adjust paths for move to gitlab group 'openpgp-card'. 2022-06-11 21:46:32 +02:00
Heiko Schaefer
febf960b39
Bump versions 2022-06-11 10:03:52 +02:00
Heiko Schaefer
e3dfdbffe6
Implement key_slot() to get a PublicKey representation for one of the card's key slots. 2022-06-11 10:01:00 +02:00
Heiko Schaefer
441feb0a34
Implement reload_ard(). 2022-06-11 09:59:20 +02:00
Heiko Schaefer
d96e56651b
Add callback Fn for touch confirmation prompt to generate attestations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
374f9eec89
Add callback Fn for touch confirmation prompt for decryption operations. 2022-06-11 09:55:06 +02:00
Heiko Schaefer
079cc32427
Add callback Fn for touch confirmation prompt for signing operations. 2022-06-11 09:55:05 +02:00
Heiko Schaefer
ccba7c7e9f
Rename 'prompt' parameters to 'pinpad_prompt'. 2022-06-11 09:55:04 +02:00
Heiko Schaefer
bc58a346c2
Implement set_uif() 2022-06-11 09:55:03 +02:00
Heiko Schaefer
b90ee05f6d
Implement set_pso_enc_dec_key() 2022-05-28 19:41:54 +02:00
Heiko Schaefer
cd40e2bae4
Bump versions: 
- openpgp-card 0.2.5
- openpgp-card-sequoia 0.0.12
- openpgp-tools 0.0.10
 2022-05-24 16:20:59 +02:00
Heiko Schaefer
7b3152a88e
Add a note that the openpgp-card-sequoia API is an early draft (and subject to change). 2022-05-24 16:20:58 +02:00
Heiko Schaefer
432edd5a3e
Add workaround for select_data() on older Yubikey5 firmware versions. 
(This breaks API compatibility, but select_data() was so far not used in any published crate)
 2022-05-24 14:45:25 +02:00
Heiko Schaefer
0885cb0ac9
Add cardholder_certificate() 2022-05-24 14:45:25 +02:00
Heiko Schaefer
14143ee182
Implement next_cardholder_certificate() to read successive cardholder certificates from the card. 2022-05-24 14:45:24 +02:00
Heiko Schaefer
abd61d5a15
Implement generate_attestation() 2022-05-24 14:45:24 +02:00
Heiko Schaefer
6fad597637
Implement attestation_certificate() 2022-05-24 14:45:24 +02:00
Heiko Schaefer
f4e344b959
Bump openpgp-card-sequoia to 0.0.11; openpgp-card-tools to 0.0.8 2022-04-21 18:24:14 +02:00
Heiko Schaefer
fbdb9e87b2
Adjust openpgp-card-sequoia API to take resetting code as &[u8] instead of &str. 2022-04-21 13:28:21 +02:00
Heiko Schaefer
e6c40be8ad
Adjusted/improved handling of public keys (especially to find the correct KDF parameters for ECC decryption keys): 
- "Brute force" find the right KDF parameters in the new helper fn public_key_material_and_fp_to_key() [try possible parameters until a matching fingerprint is found, error if none].
- In `opgpcard pubkey`, use public_key_material_and_fp_to_key() to find the right parameters for the ECC decryption subkey (this subcommand now fails when the fingerprint on the card doesn't match the fingerprint of the public key data for that key slot)
- When generating OpenPGP ECC decryption keys from public key material (including to compute fingerprints from the key material), use SHA256/AES128 as default parameters.
 2022-04-15 16:17:04 +02:00
Heiko Schaefer
cf7dd20789
Don't dev-depend on scdc, for now. 2022-04-12 14:51:39 +02:00
Heiko Schaefer
aae546326f
Clean up dependencies; move openpgp-card-sequoia test-code into examples/. 2022-04-12 11:41:33 +02:00