turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
617 commits 1 branch 0 tags 1.7 MiB
Commit graph

617 commits

This branch
This branch
All branches
Author SHA1 Message Date
Heiko Schaefer
d55985807c
Change the API for interactions between openpgp-card and backends. 
The goal of this change is a cleaner structure, and in particular to make it the default for client-code to obtain a CardApp with pre-initialized "capabilities" (that is, init_caps() gets called implicitely).
 2021-11-11 16:40:08 +01:00
Heiko Schaefer
288a2a8325
Add comments/assert for PSO: DECIPHER 2021-11-09 16:43:59 +01:00
Heiko Schaefer
39e7eaa9cc
Make pso_compute_digital_signature() and internal_authenticate() public. 2021-11-08 11:39:14 +01:00
Heiko Schaefer
7bb2fcb497
Wrap RSA-hashes in digestinfo, for internal_authenticate() in the new fn authenticate_for_hash(). 2021-11-07 20:32:26 +01:00
Heiko Schaefer
1220b39498
List the non-library crates under the architecture diagram. 2021-11-07 00:47:04 +01:00
Heiko Schaefer
22bbf77707
Add examples for passing PINs via file-descriptors. 
Change the example card ident so that the serial number doesn't look like the default admin PIN.
 2021-11-06 12:36:59 +01:00
Heiko Schaefer
9955c9e1be
Normalize PIN-Parameters in opgpcard. 
"-P" is now always the admin pin file, while "-p" is the user pin file.
 2021-11-06 11:59:58 +01:00
Heiko Schaefer
8d31ee80db
Document that $HOME/.cargo/bin needs to be added to PATH 2021-11-05 23:40:07 +01:00
Heiko Schaefer
2085fdc66d
Release tools 2021-11-05 23:14:48 +01:00
Heiko Schaefer
87168ea0de
Cleanup imports 2021-11-05 23:14:36 +01:00
Heiko Schaefer
1a37b437e2
Releases 2021-11-05 23:07:48 +01:00
Heiko Schaefer
f82cc6ae2a
Add documentation on installing. 2021-11-05 22:57:10 +01:00
Heiko Schaefer
cda224d738
Add more logic to key generation 2021-11-05 22:56:23 +01:00
Heiko Schaefer
79cfcb09c2 In generate_key_simple(), the algo parameter is now an Option<AlgoSimple>. 
This allows uploading keys without explicitly setting the algorithm, thus leaving the card's algo setting unchanged.
 2021-11-05 13:34:14 +01:00
Heiko Schaefer
02401d12f4 Initial parts of key generation. 2021-11-05 13:34:14 +01:00
Heiko Schaefer
8674b0e65c Refactor "Open" to use a borrowed CardApp (instead of owning the CardApp). 2021-11-05 13:34:14 +01:00
Heiko Schaefer
8dd83b6c55 Extend comment 2021-11-05 13:34:14 +01:00
Heiko Schaefer
3d821e2c5f Add internal_authenticate() to the public API. 2021-11-05 13:33:40 +01:00
Heiko Schaefer
a88620a96d Add some more documentation to CardApp::signature_for_hash. 2021-11-04 18:06:18 +01:00
Heiko Schaefer
52a146fd56 implement internal_authenticate 2021-11-04 18:05:45 +01:00
Heiko Schaefer
0aaef211a0 Add documentation about testing to the top-level README.md 2021-11-03 13:50:06 +01:00
Heiko Schaefer
edc89078ce Make the PublicKey type pub. 2021-11-03 02:26:07 +01:00
Heiko Schaefer
308e8bfabd enable env_logger 2021-11-03 02:24:59 +01:00
Heiko Schaefer
19ca7d9308 In factory_reset(), StatusBytes::PasswordNotChecked is also a legal response to "verify" calls to a card (with a bad password). 2021-11-02 20:59:18 +01:00
Heiko Schaefer
5eea5c861d When card returns OkBytesAvailable(), use the returned number of bytes from sw2 when asking for the next response. 
This approach solved problems with "GET RESULT" with a "Feitian Java Card D11CR" running the ykneo applet.
 2021-11-01 21:58:08 +01:00
Heiko Schaefer
921e0d22d9 Add some more user facing output. 
(Including for the case when a card doesn't allow a user password change when no key material exists on the card, which is a particular policy of Gnuk cards)
 2021-10-30 01:25:08 +02:00
Heiko Schaefer
bc08ca68ed Releases 2021-10-29 22:51:23 +02:00
Heiko Schaefer
753bd8b71b Move example keys/data to openpgp-card-sequoia 2021-10-29 22:38:01 +02:00
Heiko Schaefer
85075c4cda Rename openpgp-card-apps into openpgp-card-examples 2021-10-29 22:38:01 +02:00
Heiko Schaefer
59d77f584d Add openpgp-card-tools crate 2021-10-29 22:38:01 +02:00
Heiko Schaefer
aa7528ec9a Add functionality for cli tools. 2021-10-28 00:05:41 +02:00
Heiko Schaefer
1d4f058858 add comment about Gnuk pin change precondition 2021-10-27 12:10:18 +02:00
Heiko Schaefer
3407cd3a39 Add reset_user_pin() fn for Open and for Admin, as well as set_resetting_code() to Admin. 2021-10-26 21:57:32 +02:00
Heiko Schaefer
2c0c19502f Add change_user_pin() and change_admin_pin() 2021-10-26 14:46:57 +02:00
Heiko Schaefer
77c7a90daf sq_util::get_subkey() now returns an Option. 
Not finding any subkey is not an error.
 2021-10-23 20:01:10 +02:00
Heiko Schaefer
5d8b547158 Build and run card-functionality tests against two JavaCard images (SmartPGP and YubiKey NEO) 2021-10-19 22:57:57 +02:00
Heiko Schaefer
dfca788e2f Yet more documentation edits. 2021-10-13 16:44:37 +02:00
Heiko Schaefer
f2b65e7880 Some more edits for documentation. 2021-10-11 12:11:56 +02:00
Heiko Schaefer
63576de817 Add documentation, in particular for running the tests against emulated Gnuk. 2021-10-11 11:53:41 +02:00
Heiko Schaefer
73593e66e7 Add "list-cards" tool. 2021-10-08 00:51:01 +02:00
Heiko Schaefer
a4c04de09c Add notes about using Protected memory for private key material. 2021-10-05 17:38:08 +02:00
Heiko Schaefer
ddf62dbfe2 Use the MPI::value_padded() method for left-padding. 2021-10-05 17:11:52 +02:00
Heiko
40c52c7f3a Merge branch 'add-more-examples' into 'main' 
Add decrypt and detach-sign examples

See merge request hkos/openpgp-card!1
 2021-10-01 15:35:33 +00:00
Wiktor Kwapisiewicz
1ec7fc97dc
Add decrypt and detach-sign examples 
This should mirror the usage of `gpg --decrypt` and `gpg --detach
--sign`.
 2021-09-27 13:28:34 +02:00
Heiko Schaefer
1ce74ab8c6 Pad private key scalars of ECC keys. 
MPIs can have leading zeros stripped, in OpenPGP, however, e.g. the floss34 card requires the NIST scalar in its non-stripped form.
 2021-09-23 20:54:33 +02:00
Heiko Schaefer
c73a4fa2f8 Adjust card name to the shop's naming. 2021-09-22 16:42:43 +02:00
Heiko Schaefer
6d24054e1e Normalize capitalization to "OpenPGP card" 2021-09-22 16:41:53 +02:00
Heiko Schaefer
6de3901c12 Add a NIST384 key for testing. 2021-09-22 13:22:45 +02:00
Heiko Schaefer
43e57ffc7a Make password exploration-test more robust. 2021-09-21 19:54:43 +02:00
Heiko Schaefer
10ddb8918d Add an RSA1k key for testing (with older cards). 2021-09-21 17:18:43 +02:00