gnupg - The GNU Privacy Guard

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	scd: For PIV cards used NO_AUTH instead of BAD_PIN.	Werner Koch	2019-02-11	1	-1/+14
\| \| \| \| \| \| \| \| \|	* common/util.h (GPG_ERR_NO_AUTH, GPG_ERR_BAD_AUTH): Add replacement codes for gpgrt < 1.36. * scd/app-piv.c (auth_adm_key): (do_genkey, do_writecert): Use better error codes. Signed-off-by: Werner Koch <[email protected]>
*	scd: Implement RSA signing for PIV cards.	Werner Koch	2019-02-08	1	-99/+299
\| \| \| \| \| \| \| \| \|	* scd/app-piv.c (concat_tlv_list): New. (get_key_algorithm_by_dobj): Rename args for clarity. (do_auth): factor all code out to ... (do_sign): new. Implement RSA signing. Signed-off-by: Werner Koch <[email protected]>
*	scd: Allow generating ECC curves on PIV cards.	Werner Koch	2019-02-08	1	-0/+53
\| \| \| \| \| \| \| \| \|	* scd/app-piv.c (genkey_parse_ecc): New. (get_keygrip_by_tag): Call that one. (do_readkey): Call that one. * scd/command.c (cmd_genkey): Add option --algo. Signed-off-by: Werner Koch <[email protected]>
*	scd: Store a new PIV public key in the certificate DO.	Werner Koch	2019-02-07	1	-106/+179
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (struct genkey_result_s): Remove type and all users. (send_keypair_and_cert_info): Print certinfo only if we got a cert.. (readcert_by_tag): Add arg r_mechanism and implement reading of public keys. (get_keygrip_by_tag): Use a public key to compute the keygrip. (do_readcert): Make sure to only return a certificate. (do_readkey): Read public key from the DO if a certificate is missing. (get_key_algorithm_by_dobj): Get the algorithm also from a public key. (does_key_exist): String changes. (do_genkey): Remove result caching and store public key in the DO. -- This removes the result cache and instead stores the public key in the certificate object. This allows to properly list public keys at any time after generating a key and before a new certificate is stored there. Signed-off-by: Werner Koch <[email protected]>
*	card: Support reading and writing PIV certificates	Werner Koch	2019-02-07	1	-8/+191
\| \| \| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (add_tlv): New. (put_data): New. (do_writecert): New. (do_setattr): Remove usused special mode 0. * tools/gpg-card-tool.c (cmd_writecert): Allow other cards than OPENPGP. (cmd_readcert): Ditto. Signed-off-by: Werner Koch <[email protected]>
*	scd: Add genkey command to app-piv (rsa-only)	Werner Koch	2019-02-06	1	-7/+355
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (struct genkey_result_s): new. (struct app_local_s): add member genkey_results. (do_deinit): Free that one. (flush_cached_data): Extend to delete all items. (keyref_from_dobj): New. (do_readkey): New. (do_auth): Use keyref_from_dobj. (does_key_exist): New. (genkey_parse_rsa): New. (do_genkey): New. -- We need to extend the GENKEY in command.c to support other algos. Signed-off-by: Werner Koch <[email protected]>
*	scd: Implement PIN changing and unblocking for PIV cards.	Werner Koch	2019-02-06	1	-66/+201
\| \| \| \| \| \| \|	* scd/app-piv.c: Some refactoring (do_change_chv): Implement. Signed-off-by: Werner Koch <[email protected]>
*	scd: Add DES authentication for PIV card.	Werner Koch	2019-01-31	1	-7/+248
\| \| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (flush_cached_data): New. (auth_adm_key): New. (set_adm_key): New. (do_setattr): New. * scd/command.c (MAXLEN_SETATTRDATA): New. (cmd_setattr): Add an inquire option. Signed-off-by: Werner Koch <[email protected]>
*	card: Support factory reset for Yubikey PIV application.	Werner Koch	2019-01-29	1	-1/+19
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* scd/app-common.h (struct app_ctx_s): Add field cardtype. * scd/app.c (app_new_register): Set cardtype for yubikey. (app_getattr): Add CARDTYPE. (app_write_learn_status): Emit new attribute. * scd/app-piv.c (do_getattr): Add CHV-USAGE. (do_learn_status): Emit it. * tools/card-tool.h (struct card_info_s): Add field cardtype. * tools/card-call-scd.c (learn_status_cb): Parse "CARDTYPE". * tools/gpg-card-tool.c (list_piv): Print PIN usage policy. (list_card): Print card type. (cmd_factoryreset): Implement for Yubikey with PIV. Signed-off-by: Werner Koch <[email protected]>
*	card: Print keyinfo for PIV cards.	Werner Koch	2019-01-29	1	-1/+4
\| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (do_learn_status): Print CHV-STATUS. * tools/card-tool.h (struct card_info_s): Rename chvretry to chvinfo. * tools/card-call-scd.c (learn_status_cb): Depend CHV-STATUS on app type. * tools/gpg-card-tool.c (list_piv): New. Signed-off-by: Werner Koch <[email protected]>
*	scd: Support CHV-STATUS and CHECKPIN for PIV.	Werner Koch	2019-01-21	1	-25/+212
\| \| \| \| \| \| \| \| \| \| \| \|	* scd/app-piv.c (parse_pin_keyref): New. (get_chv_status): New. (do_getattr): Add name CHV-STATUS. (verify_pin): Add arg keyref to support other PINs. (do_change_pin): New. Right now limited to --clear. (do_check_pin): New. (app_select_piv): Register new commands. Signed-off-by: Werner Koch <[email protected]>
*	scd: Add very basic support for PIV cards.	Werner Koch	2019-01-20	1	-0/+1238
	* scd/app-piv.c: New. * scd/Makefile.am (card_apps): Add app-piv.c * scd/app.c (app_new_register): Try to get a Yubikey serial number. Detect the PIV application. (get_supported_applications): Add "piv". -- Right now this allows the use of the authentication key (9A) for SSH authentication. More support will follow soon. Tested with Yubikey-5.