turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
204 commits 1 branch 0 tags 1.7 MiB
Commit graph

55 commits

Author SHA1 Message Date
Heiko Schaefer
f501c09d2f Add #[non_exhaustive] to error and crypto_data enums. 2021-09-01 22:46:04 +02:00
Heiko Schaefer
f8d998b3a6 Implement From<CardClientBox>, Into<CardClientBox> for CardApp and adjust client code. 2021-09-01 22:26:25 +02:00
Heiko Schaefer
88c924c7d9 Add documentation, normalize fn names. 2021-09-01 20:45:18 +02:00
Heiko Schaefer
935c77f59a Rename ApplicationRelatedData::get_aid() to get_application_id() 2021-08-28 19:58:34 +02:00
Heiko Schaefer
fdac0de34f Add a CI job to run 'cargo test' with rustc/cargo from debian stable. 
Minor fixes so that the code compiles with rustc 1.48
 2021-08-27 15:15:31 +02:00
Heiko Schaefer
9b321c5232 Don't fail when the card doesn't support algo information. 2021-08-26 20:57:50 +02:00
Heiko Schaefer
7c8c72339b Use KeyGenerationTime in openpgp-card APIs (instead of u32 or SystemTime) 2021-08-26 19:27:08 +02:00
Heiko Schaefer
eaf46e6bbb Make fields private, add accessor methods. 2021-08-26 17:59:54 +02:00
Heiko Schaefer
fadd327e7c Release pcsc, scdc. 2021-08-26 15:05:40 +02:00
Heiko Schaefer
9f3ebe8972 Release openpgp-card. 2021-08-26 15:01:59 +02:00
Heiko Schaefer
f3bfecd185 Use the openpgp_card::card_do::Fingerprint type instead of [u8; 20]. 
Add a TryFrom<&[u8]> implementation to Fingerprint.
 2021-08-25 21:25:20 +02:00
Heiko Schaefer
c14664b9d5 Implement get_security_support_template() 2021-08-21 20:22:03 +02:00
Heiko Schaefer
5109ac5445 Rename card_data -> card_do 2021-08-21 19:02:04 +02:00
Heiko Schaefer
d599471be5 Refactor: move cryptographic data structures to the module crypto_data 2021-08-21 17:43:44 +02:00
Heiko Schaefer
44e915d3e0 Refactor: move OpenPGP card data structures (and parsing) into the module card_data 2021-08-21 15:59:31 +02:00
Heiko Schaefer
c872e46e80 Refactor: move accessor fn for "Application Related Data" into the struct ApplicationRelatedData. 2021-08-20 22:19:39 +02:00
Heiko Schaefer
8aae0a357e Split the Response type into an internal RawResponse type which also contains the status bytes, and an external Response type that can only be generated from a RawResponse with status "ok". 
This removes the need for external users of openpgp-card to check the status or operations.
That is, openpgp-card now always returns an `Err` if the status of a command is not ok.
 2021-08-20 13:25:58 +02:00
Heiko Schaefer
f4b90dc4e7 Bump version for release 2021-08-18 20:14:30 +02:00
Heiko Schaefer
a35ba66784 Minor edit of README 2021-08-18 20:10:48 +02:00
Heiko Schaefer
b8e3fc4816 Set version numbers for crates.io releases 2021-08-18 19:57:54 +02:00
Heiko Schaefer
85a05167d1 Refactor, Document API. 
(Moved algorithm-related data structures to algorithm.rs)
 2021-08-18 19:19:22 +02:00
Heiko Schaefer
6be4daa690 Switch back to using the PCSC backend in the test code. 2021-08-18 15:02:15 +02:00
Heiko Schaefer
0b0e9c48fc Refactor: 
- Move high-level API from openpgp-card to openpgp-card-sequoia
- Move the pcsc backend into the separate crate openpgp-card-pcsc
 2021-08-18 14:03:54 +02:00
Heiko Schaefer
83d9a703db Simplify 2021-08-13 21:27:59 +02:00
Heiko Schaefer
3361c8b79d Extend Test configuration file format. 
Run key generation tests for the algorithms specified in the configuration.
 2021-08-13 20:02:53 +02:00
Heiko Schaefer
765b4e8fdc Move "make_cert" into openpgp-card-sequoia 2021-08-13 20:02:53 +02:00
Heiko Schaefer
e9f1256309 Remove/adjust debug prints 2021-08-13 20:02:53 +02:00
Heiko Schaefer
9e5bb9b5a6 Make CardSigner accessible (for use in card-functionality crate) 2021-08-13 20:02:53 +02:00
Heiko Schaefer
44d5abd7ed WIP: Handling of public key material from cards 2021-08-13 20:02:53 +02:00
Heiko Schaefer
a0d92d2dc4 Refactor: add a set_fingerprint() method to CardApp. 
Use that method instead of manually calling the apdu command.
Change type of fingerprint in CardUploadableKey to [u8; 20].
 2021-08-07 19:27:24 +02:00
Heiko Schaefer
7acc1deb98 - Implement key generation (without specifying an algorithm so the current algo is used. only supports RSA for now) 
- Refactor: rename key_upload.rs -> keys.rs
- Fix handling of key timestamps
 2021-08-06 20:14:02 +02:00
Heiko Schaefer
f67501d0f9 Lints 2021-08-05 15:16:16 +02:00
Heiko Schaefer
833cdbc238 Adjust to new ScdClient API, socket is not needed anymore. 2021-08-03 18:23:47 +02:00
Heiko Schaefer
083db2a8be Adjust to changed ScdClient API 2021-08-03 15:32:48 +02:00
Heiko Schaefer
9d93570d9f Add comment pointing to Gnuk source for decryption return format. 2021-07-29 17:33:30 +02:00
Heiko Schaefer
6c563b230b Handle Gnuk's return format for NistP256 decryption 2021-07-20 17:38:15 +02:00
Heiko Schaefer
2b221fa76b Truncate digest length for ECDSA. 
This fixes signing for nistp256 keys with Gnuk (Gnuk expects a 32 byte hash for nistp256)
 2021-07-19 14:18:09 +02:00
Heiko Schaefer
c85d006887 Support ECDSA signatures 2021-07-18 21:12:22 +02:00
Heiko Schaefer
97d4880118 Signing 2021-07-18 12:00:00 +02:00
Heiko Schaefer
5af213562b Add decryption to card-functionality tests. 2021-07-17 02:24:43 +02:00
Heiko Schaefer
4b7b4a2ab6 Use ScdClient::open_scdc_by_serial() in test code. 2021-07-16 17:24:53 +02:00
Heiko Schaefer
e34285dc68 Add helper fn vka_as_uploadable_key() 2021-07-16 17:23:47 +02:00
Heiko Schaefer
da51f27173 Simplify code. 2021-07-16 16:31:14 +02:00
Heiko Schaefer
01126aabdf Support scdaemon as an alternative backend for interaction with OpenPGP cards. 2021-07-16 16:30:56 +02:00
Heiko Schaefer
8e3c6c0046 Add an abstraction layer (CardClient) for access to the card, in preparation for scdaemon client mode. 2021-07-09 20:37:52 +02:00
Heiko Schaefer
fd9cd6eabd Change set* commands to leave out 'Le', because no response data is expected. 
(The Floss-Card 3.4 rejects set* commands with "expected" response data)
 2021-07-04 01:03:09 +02:00
Heiko Schaefer
3bc14e9d19 Implement check_pw1/3(), which calls "7.2.2 VERIFY" with no data ("Lc empty"), to ask the card for verification status. 
(It seems that the Yubikey 5 doesn't support this type of request, but instead responds "6A 80: Incorrect parameters")
 2021-07-04 00:04:35 +02:00
Heiko Schaefer
d1f854f2f0 Implement get_pw_status_bytes() 2021-07-03 21:23:17 +02:00
Heiko Schaefer
2a836546b3 Adjust README 2021-07-03 18:24:56 +02:00
Heiko Schaefer
01fab2d91c Use an "ident" to specify a card. 
The ident is a combination of manufacturer and serial number.

The OpenPGP card spec stipulates:
"Each OpenPGP application on a card from a manufacturer/personaliser has a unique serial number"
 2021-07-03 18:17:30 +02:00