turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
455 commits 1 branch 0 tags 1.7 MiB
Commit graph

230 commits

Author SHA1 Message Date
Heiko Schaefer
d10cbe8eff
clean up lints 2021-11-11 16:40:08 +01:00
Heiko Schaefer
d55985807c
Change the API for interactions between openpgp-card and backends. 
The goal of this change is a cleaner structure, and in particular to make it the default for client-code to obtain a CardApp with pre-initialized "capabilities" (that is, init_caps() gets called implicitely).
 2021-11-11 16:40:08 +01:00
Heiko Schaefer
288a2a8325
Add comments/assert for PSO: DECIPHER 2021-11-09 16:43:59 +01:00
Heiko Schaefer
39e7eaa9cc
Make pso_compute_digital_signature() and internal_authenticate() public. 2021-11-08 11:39:14 +01:00
Heiko Schaefer
7bb2fcb497
Wrap RSA-hashes in digestinfo, for internal_authenticate() in the new fn authenticate_for_hash(). 2021-11-07 20:32:26 +01:00
Heiko Schaefer
3d821e2c5f Add internal_authenticate() to the public API. 2021-11-05 13:33:40 +01:00
Heiko Schaefer
a88620a96d Add some more documentation to CardApp::signature_for_hash. 2021-11-04 18:06:18 +01:00
Heiko Schaefer
52a146fd56 implement internal_authenticate 2021-11-04 18:05:45 +01:00
Heiko Schaefer
19ca7d9308 In factory_reset(), StatusBytes::PasswordNotChecked is also a legal response to "verify" calls to a card (with a bad password). 2021-11-02 20:59:18 +01:00
Heiko Schaefer
5eea5c861d When card returns OkBytesAvailable(), use the returned number of bytes from sw2 when asking for the next response. 
This approach solved problems with "GET RESULT" with a "Feitian Java Card D11CR" running the ykneo applet.
 2021-11-01 21:58:08 +01:00
Heiko Schaefer
bc08ca68ed Releases 2021-10-29 22:51:23 +02:00
Heiko Schaefer
aa7528ec9a Add functionality for cli tools. 2021-10-28 00:05:41 +02:00
Heiko Schaefer
a4c04de09c Add notes about using Protected memory for private key material. 2021-10-05 17:38:08 +02:00
Heiko Schaefer
1ce74ab8c6 Pad private key scalars of ECC keys. 
MPIs can have leading zeros stripped, in OpenPGP, however, e.g. the floss34 card requires the NIST scalar in its non-stripped form.
 2021-09-23 20:54:33 +02:00
Heiko Schaefer
dbbe4ed4c1 Fix comparison of card ident (the test config shouldn't be case sensitive) 2021-09-21 16:50:34 +02:00
Heiko Schaefer
5417fde8ca Implement support for alternate ECC import format (which includes public key data) 2021-09-21 16:50:34 +02:00
Heiko Schaefer
200d7e60d1 Algo attributes for key generation should be checked if we can't set them. 2021-09-21 16:50:34 +02:00
Heiko Schaefer
c0088c4eae Hack for SmartPGP applet (use the last of the suitable algorithm variants from the Algorithm Information list). 2021-09-21 11:22:56 +02:00
Heiko Schaefer
773117965c Add RSA1k/17 and RSA1k/32 to AlgoSimple 2021-09-21 11:22:56 +02:00
Heiko Schaefer
332360cbbb Implement additional import formats for RSA key import. 2021-09-21 11:22:56 +02:00
Heiko Schaefer
256690d97c Print RSA import format in Display for Algo 2021-09-19 19:13:51 +02:00
Heiko Schaefer
0bf59c7e51 In key generation: don't set algo attributes if the card doesn't support that feature. 2021-09-17 13:56:28 +02:00
Heiko Schaefer
a39f25d8a3 Handle SW_EXACT_LENGTH (0x6c??) in send_command() 2021-09-17 13:36:20 +02:00
Heiko Schaefer
60c67d3ebe Print status bytes as hex, for UnknownStatus 2021-09-16 17:17:19 +02:00
Heiko Schaefer
e1af08646a Add comment 2021-09-16 02:07:05 +02:00
Heiko Schaefer
cdb72e271c Fix existing test, add test for v2 card 2021-09-16 01:52:34 +02:00
Heiko Schaefer
3cc9a09290 Implement discrete handling of v2 and v3 ExtendedCapabilities. 2021-09-15 17:39:47 +02:00
Heiko Schaefer
f2e5fea0fc extended capabilities: restructure, to prepare for different versions of this DO 2021-09-14 02:00:54 +02:00
Heiko Schaefer
245740febc More precise debug output. 2021-09-13 19:45:17 +02:00
Heiko Schaefer
e261d4d041 Fix refactoring mistake in rustdoc. 2021-09-09 18:17:46 +02:00
Heiko Schaefer
0302387bea Releases 2021-09-09 00:48:25 +02:00
Heiko Schaefer
62b7b35ab0 Clean up Command, simplify serialization. 2021-09-09 00:46:38 +02:00
Heiko Schaefer
52bdf4cffd Implement change_pw1(), change_pw3(), reset_retry_counter_pw1(). 2021-09-08 11:18:18 +02:00
Heiko Schaefer
891b57df06 Throw error for unexpected input length for Fingerprint. 2021-09-07 17:01:13 +02:00
Heiko Schaefer
6cfe340d2b Clippy lints 2021-09-07 17:01:13 +02:00
Heiko Schaefer
5a49b578f9 Throw errors for unexpected values while processing ExtendedCapabilities from the card. 
(Note: observed mse_command_support values were 0/1/255, so checks for that field have been disabled for now)
 2021-09-07 17:01:13 +02:00
Heiko Schaefer
6a7cb7287a Remove obsolete FIXME comments (this case is now handled upstream) 2021-09-07 14:34:31 +02:00
Heiko Schaefer
2e7ee82a58 Use StatusBytes in RawResponse (instead of a pair of u8). 
Replace status bytes constants in the code with StatusBytes enum variants.
 2021-09-07 14:34:31 +02:00
Heiko Schaefer
c5d03bd677 Rename StatusByte -> StatusBytes 2021-09-07 11:50:20 +02:00
Heiko Schaefer
a52f3a648e Check for OK status code in chained replies. 2021-09-06 22:34:06 +02:00
Heiko Schaefer
bc7dede0ac Move the code that creates a DO for setting algorithm attributes into Algo. 2021-09-06 17:07:47 +02:00
Heiko Schaefer
5fcb454b9c Remove FIXMEs; add panic to match branches that should not happen 2021-09-06 12:30:56 +02:00
Heiko Schaefer
5ccd6be1bb Remove asserts for password lengths (running the command and returning the card's error, if any, seems more appropriate) 2021-09-06 12:27:44 +02:00
Heiko Schaefer
ad929598ce Rename Features -> ExCapFeatures 2021-09-03 20:03:50 +02:00
Heiko Schaefer
48803eb454 Break apart key import function. 
Don't try to set algo attributes when Extended Capabilities doesn't list the feature.
 2021-09-03 18:49:35 +02:00
Heiko Schaefer
7a78271211 Rename decrypt() to decipher(), to correspond with naming in spec. 
Add a note to investigate PKCS#1 formatting of the command input.
 2021-09-03 13:45:19 +02:00
Heiko Schaefer
17ee12566f Minor edits to comments 2021-09-02 22:13:15 +02:00
Heiko Schaefer
8b5894e961 Rename get_app_data() to get_application_related_data() to correspond with naming in spec. 2021-09-02 22:09:46 +02:00
Heiko Schaefer
f5b31aac26 Move KeySet from card_do.rs to lib.rs 
(It is not a DO, only a container to conveniently handle triples of DO)
 2021-09-02 21:59:05 +02:00
Heiko Schaefer
6b3ae2cf62 Adjust DO struct names to correspond to naming in the spec 2021-09-02 21:54:44 +02:00
Heiko Schaefer
a415ec9a50 Minor edit in comment 2021-09-02 21:54:19 +02:00
Heiko Schaefer
ee349d9083 impl From instead of Into 2021-09-02 21:44:35 +02:00
Heiko Schaefer
393e58d489 Add simple unit tests for all card_do 2021-09-02 21:41:14 +02:00
Heiko Schaefer
c7751ff4ce Implement TryFrom (instead of offering that functionality without implementing the trait) 2021-09-02 19:39:53 +02:00
Heiko Schaefer
c377f37a9b Rename "foo/mod.rs => foo.rs" 2021-09-02 16:55:31 +02:00
Heiko Schaefer
18819c65d9 Edit comment 2021-09-02 16:52:47 +02:00
Heiko Schaefer
316ca7eb3a Rename error types and re-export them at the crate top level. 2021-09-01 23:59:56 +02:00
Heiko Schaefer
f501c09d2f Add #[non_exhaustive] to error and crypto_data enums. 2021-09-01 22:46:04 +02:00
Heiko Schaefer
84a7f0060d Fix problem in test on debian stable Rust. 2021-09-01 22:35:26 +02:00
Heiko Schaefer
b6cc237f61 Make low level signing and decryption fn private. 
Adjust docs.
 2021-09-01 22:27:37 +02:00
Heiko Schaefer
f8d998b3a6 Implement From<CardClientBox>, Into<CardClientBox> for CardApp and adjust client code. 2021-09-01 22:26:25 +02:00
Heiko Schaefer
88c924c7d9 Add documentation, normalize fn names. 2021-09-01 20:45:18 +02:00
Heiko Schaefer
65780cf352 Explicitly handle RSA keysizes that are not in the card's algorithm list as an error. 2021-08-29 18:21:38 +02:00
Heiko Schaefer
935c77f59a Rename ApplicationRelatedData::get_aid() to get_application_id() 2021-08-28 19:58:34 +02:00
Heiko Schaefer
c25c8b55b8 Cleanup Tlv, Tag, Value: 
- Make Tlv/Tag fields private.
- Rename TlvEntry to Value.
- impl TryFrom<&[u8]> for Tlv
 2021-08-28 18:29:51 +02:00
Heiko Schaefer
821b5f0dae Make error messages easier to read. 2021-08-28 17:54:39 +02:00
Heiko Schaefer
6583c160eb Edit comment 2021-08-28 11:58:42 +02:00
Heiko Schaefer
889ac234c6 Clean up AlgoSimple::get_algo(). 2021-08-28 11:57:04 +02:00
Heiko Schaefer
a55f0f6621 Use check_card_algo_ecc() when uploading keys: if algo_list is available and oid is not listed, error out of upload_key(). 2021-08-27 21:42:18 +02:00
Heiko Schaefer
cb2269c761 Remove redundant check_card_algo_e*() fn. 2021-08-27 21:29:23 +02:00
Heiko Schaefer
7748a7b1e0 Improve documentation of determining algorithm attributes for key import. 
Implement setting of default RSA values when neither algo info nor algo attrs for import of an RSA key are available.
 2021-08-27 21:12:36 +02:00
Heiko Schaefer
ea8e33b6d5 Return Err for unexpected cases. 2021-08-27 19:24:15 +02:00
Heiko Schaefer
0e37967200 Handle Attestation KeyType as a type of signing key. 2021-08-27 19:23:21 +02:00
Heiko Schaefer
e4eff705af Make AlgoSimple, Algo, Curve non_exhaustive. 2021-08-27 19:22:22 +02:00
Heiko Schaefer
454d50eb45 Make KeyType non_exhaustive. 2021-08-27 15:15:15 +02:00
Heiko Schaefer
64f05e93f5 Implement From/TryFrom for conversions of Historical and its members. 2021-08-27 13:55:55 +02:00
Heiko Schaefer
73829a6b27 Make handling of Historical Bytes more robust. 
Add unit tests.
 2021-08-27 13:39:30 +02:00
Heiko Schaefer
3d1b166911 Add comments 2021-08-26 20:40:36 +02:00
Heiko Schaefer
36cf10cbad Tests need to use RsaAttrs::new(). 2021-08-26 20:03:24 +02:00
Heiko Schaefer
7c8c72339b Use KeyGenerationTime in openpgp-card APIs (instead of u32 or SystemTime) 2021-08-26 19:27:08 +02:00
Heiko Schaefer
794b04725f Remove redundant import. 2021-08-26 19:25:13 +02:00
Heiko Schaefer
38c701187d Fix clippy warnings 2021-08-26 18:23:34 +02:00
Heiko Schaefer
eaf46e6bbb Make fields private, add accessor methods. 2021-08-26 17:59:54 +02:00
Heiko Schaefer
9f3ebe8972 Release openpgp-card. 2021-08-26 15:01:59 +02:00
Heiko Schaefer
6001eacfa1 Make placeholder fn private, for now. 2021-08-26 14:47:41 +02:00
Heiko Schaefer
faba8f6ca0 Fix comment 2021-08-26 14:11:16 +02:00
Heiko Schaefer
5df81dd464 Rename Fingerprint::from() -> to_keyset() 2021-08-25 21:27:28 +02:00
Heiko Schaefer
f3bfecd185 Use the openpgp_card::card_do::Fingerprint type instead of [u8; 20]. 
Add a TryFrom<&[u8]> implementation to Fingerprint.
 2021-08-25 21:25:20 +02:00
Heiko Schaefer
c6ba204293 Move debug prints for key generation from keys.rs to tests.rs 2021-08-25 21:18:13 +02:00
Heiko Schaefer
786515a7f4 Make fields of Command private. 2021-08-25 17:29:21 +02:00
Heiko Schaefer
39f48bf13b Add get_data() method to Response. 2021-08-25 16:42:00 +02:00
Heiko Schaefer
780b6e724c Implement get_cardholder_certificate()/set_cardholder_certificate() and select_data(). 2021-08-25 13:59:53 +02:00
Heiko Schaefer
20cfcead02 Adjust ExtendedCap field names 2021-08-25 13:32:30 +02:00
Heiko Schaefer
f9bad31d63 Explicitly limit size of data. 2021-08-25 13:07:25 +02:00
Heiko Schaefer
6d08b34a87 Make mod test more readable. 2021-08-25 12:34:46 +02:00
Heiko Schaefer
5a766b78a4 Fix for older rust versions (std::array::IntoIter was only stabilized in 1.51.0) 2021-08-25 12:20:31 +02:00
Heiko Schaefer
02987a86e4 Add links to rustdoc. 2021-08-24 09:58:41 +02:00
Heiko Schaefer
013af97c23 Implement get_private() and set_private(). 2021-08-22 18:59:54 +02:00
Heiko Schaefer
cb8f3c7cb1 Elaborate "PW status bytes", fix broken naming of members. 
Implement set_pw_status_bytes().
Add test code to card-functionality.
 2021-08-22 01:20:14 +02:00
Heiko Schaefer
c14664b9d5 Implement get_security_support_template() 2021-08-21 20:22:03 +02:00