cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,525 Commits 1 Branch 0 Tags
2cf3e27e5135f033e6d0c5d0ed6238c04fdef710
Commit Graph

6525 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dominik Schürmann
2cf3e27e51 First set Admin PIN, then PIN to prevent Gnuk from going into 'admin less mode' 2017-11-03 14:06:26 +01:00
Vincent Breitmoser
3a818e8cde improve security token connection unit tests 2017-11-02 19:25:08 +01:00
Dominik Schürmann
b56a420aed Enable Gnuk 1.2.5 for put key 2017-11-02 19:21:37 +01:00
Dominik Schürmann
8acf62a0e8 Use check for life cycle management to determine if token supports reset 2017-11-02 19:13:44 +01:00
Dominik Schürmann
90310b7036 Read life cycle management from historical bytes 2017-11-02 18:54:41 +01:00
Dominik Schürmann
bfce1cb4a9 Fix GNUK version comparison. 1.2.5 already supports reset, use class to make 1.2.10 bigger as 1.2.9 2017-11-02 14:19:38 +01:00
Dominik Schürmann
3ff5470d10 Merge pull request #2172 from hagau/dev 
WIP: SSH Authentication API
 2017-11-01 15:36:51 +01:00
Christian Hagau
2619cb1db3 Add sshauthentication-api v1 support 2017-11-01 14:28:17 +00:00
Dominik Schürmann
83ab483fc7 Merge pull request #2201 from open-keychain/gnuk-new 
Gnuk
 2017-11-01 14:45:29 +01:00
Vincent Breitmoser
a42391f7e9 add Nitrokey Pro to whitelist for reset and key import after testing 2017-10-31 16:07:07 +01:00
Vincent Breitmoser
aef66e97ea Disable reset for Gnuk token version < 1.2.5 2017-10-31 15:40:14 +01:00
Vincent Breitmoser
a51d0555e1 Retain RSA public exponent length when setting key attributes in putKey operation 
Similar to the previous commit, openpgp applet implementations differ in
regards to the public exponent length. As of this writing:
- The SmartPGP applet requires an 11 bit public exponent size
- The Gnuk token requires a 32 bit public exponent size

For this reason, we simply set the public exponent size to the one
previously set in the key attribute info. With this commit, the only
variable that can actually change for an RSA key is its modulus size.
 2017-10-30 22:57:13 +01:00
Vincent Breitmoser
778fb8e94a Retain RSA key format when setting key attributes in putKey operation 
For the put secret key operation, openpgp applet implementations differ
in their handling of attributes:

- there are four formats for sending key data: standard, standard with
  modulus, with crt, and with crt and modulus.
- the key attributes (modulus length, public exponent length, key
  format) can not be changed on all cards. changing them is only
  necessary for cards that support different key lengths (that is,
  RSA 4096)
- on the cards where they *can* be changed, not all parameters might be
  changeable. in particular, modulus length may be changeable but not
  key format.

Because of this constellation, the put key operation now only sets the
modulus of the key, while retaining the key format. At the time of
writing, the Gnuk and Nitrokey use the standard format, while the
Yubikey and other applets use crt+modulus.

This fixes loading keys into the Nitrokey Pro, and partially for the
Gnuk token.
 2017-10-30 21:45:38 +01:00
Vincent Breitmoser
5f622339b1 Output usb data to debug log 2017-10-30 17:01:49 +01:00
Dominik Schürmann
9bb152e990 singing -> signing 2017-10-30 15:07:18 +01:00
Vincent Breitmoser
83b6c0e2f0 use correct max packet size in CcidReceiver 2017-10-29 02:42:26 +02:00
Vincent Breitmoser
0021c1f15f add tests for CcidTransceiver 2017-10-29 02:42:26 +02:00
Vincent Breitmoser
8b07428ec0 document T1TpduProtocol slighly better 2017-10-28 23:32:07 +02:00
Vincent Breitmoser
19dc0db89b add gnuk to supported tokens 2017-10-28 23:32:03 +02:00
Nikita Mikhailov
06b5a878c5 SecurityToken: more robust voltage selection 2017-10-28 23:31:57 +02:00
Vincent Breitmoser
83ec3e7bf1 change "generic" to "communication" 2017-10-28 13:32:06 +02:00
Dominik Schürmann
b3a8069f6a strings: Generic -> Unknown 2017-10-28 12:44:04 +02:00
Dominik Schürmann
5b7851d6e7 Merge pull request #2195 from open-keychain/ccid-check 
Change USB filtering
 2017-10-28 12:42:43 +02:00
Vincent Breitmoser
95034e36b1 fix unit test 2017-10-26 17:44:13 +02:00
Vincent Breitmoser
b6236bde59 determine token type during connect 2017-10-26 17:20:13 +02:00
Vincent Breitmoser
8649332bdc don't distinguish unknown tokens by transport 2017-10-26 17:20:13 +02:00
Dominik Schürmann
ed4e21957c Better error handling for generic IOException 2017-10-26 17:20:13 +02:00
Dominik Schürmann
0920d97572 Check for security token support 2017-10-26 17:20:13 +02:00
Dominik Schürmann
e7705eaca8 Use constants for vendor and product IDs 2017-10-26 17:20:12 +02:00
Vincent Breitmoser
14b74b7590 add token transport and type to SecurityTokenInfo 2017-10-26 17:19:22 +02:00
Dominik Schürmann
0ca46c46aa Route all class 11 USB devices to OpenKeychain, some class 3 for info 2017-10-26 12:28:32 +02:00
Dominik Schürmann
60b970b060 Merge pull request #2186 from open-keychain/apdu-refactor 
Refactor OpenPGP applet communication code
 2017-10-26 12:26:55 +02:00
Dominik Schürmann
07243bcefe Merge pull request #2197 from hagau/fix_npe_dedup 
Fix NPE upon dialog dismissal in RemoteDeduplicatePresenter
 2017-10-26 12:02:11 +02:00
Christian Hagau
c435c3ec22 Fix NPE upon dialog dismissal 2017-10-25 00:00:00 +00:00
Vincent Breitmoser
0bb32fad2a Merge pull request #2194 from open-keychain/remove-fp-color 
Remove colorization of fingerprints
 2017-10-24 01:17:46 +02:00
Vincent Breitmoser
f41debb0e9 Merge pull request #2193 from hagau/fix_notifications 
Fix showing of some notifications
 2017-10-23 21:17:05 +02:00
Vincent Breitmoser
7eb37a89d8 reduce number of token roundtrips used to obtain SecurityTokenInfo 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
2812f07d34 add rudimentary unit test for SecurityTokenConnection 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
c295a6815f write nfc communication to debug output 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
edaa629f46 add unit tests for CommandApdu 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
911d2a1c96 rewrite CommandApdu 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
c89aab8802 reduce visibility where unnecessary 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
a4af2f7f5c rewrite ResponseApdu 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
e8103d8376 use reset instead of modify for changing pw1 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
9b292a4c70 rename CommandAPDUFactory -> OpenPgpCommandApduFactory 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
b7723c1a4a replace magic constants in APDU factory 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
8e9a62070d extract creation of CommandAPDUs into factory 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
46b69d45c4 explicitly pass around instance of SecurityTokenConnection 2017-10-23 20:40:25 +02:00
Vincent Breitmoser
e8f72718e9 rename SecurityTokenHelper to SecurityTokenConnection 2017-10-23 20:38:04 +02:00
Dominik Schürmann
cd65505890 Remove colorization of fingerprints 2017-10-23 18:43:41 +02:00