public-collect/age-plugin-yubikey
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

from: github.com/str4d/age-plugin-yubikey

Browse Source
This commit is contained in:
Hatter Jiang
2023-03-09 22:49:33 +08:00
parent 3d61310499
commit 0579967e9c
18 changed files with 3505 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
CHANGELOG.md Normal file
View File

@@ -0,0 +1,84 @@
# Changelog
All notable changes to this crate will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to Rust's notion of
[Semantic Versioning](https://semver.org/spec/v2.0.0.html). All versions prior
to 0.3.0 are beta releases.
## [Unreleased]
### Changed
- MSRV is now 1.60.0.
- The YubiKey PIV PIN and touch caches are now preserved across processes in
most cases. See [README.md](README.md#agent-support) for exceptions. This has
several usability effects (not applicable to YubiKey 4 series):
- If a YubiKey's PIN is cached by an agent like `yubikey-agent`, and then
`age-plugin-yubikey` is run (either directly or as a plugin), the agent
won't request a PIN entry on its next use.
- If a YubiKey's PIN was requested by either a previous invocation of
`age-plugin-yubikey` or an agent like `yubikey-agent`, subsequent calls to
`age-plugin-yubikey` won't request a PIN entry to decrypt a file with an
identity that has a PIN policy of `once`.
### Fixed
- Identities can now be generated with a PIN policy of "always" (in previous
versions of `age-plugin-yubikey` this would cause an error).
## [0.3.3] - 2023-02-11
### Fixed
- When `age-plugin-yubikey` assists the user in changing their PIN from the
default PIN, it no longer tells the user that PINs shorter than 6 characters
are allowed, and instead loops until the user enters a PIN of valid length.
It also now prevents the user from setting their PIN to the default PIN, to
avoid creating a cycle.
- More kinds of SmartCard readers are ignored when they have no SmartCard
inserted.
## [0.3.2] - 2023-01-01
### Changed
- The "sharing violation" logic now also sends SIGHUP to any `yubikey-agent`
that is running, to have them release any YubiKey locks they are holding.
### Fixed
- The "sharing violation" logic now runs during plugin mode as intended. In the
previous release it only ran during direct `age-plugin-yubikey` usage.
## [0.3.1] - 2022-12-30
### Changed
- If a "sharing violation" error is encountered while opening a connection to a
YubiKey, and `scdaemon` is running (which can hold exclusive access to a
YubiKey indefinitely), `age-plugin-yubikey` now attempts to stop `scdaemon` by
interrupting it (or killing it on Windows), and then tries again to open the
connection.
- Several error messages were enhanced with guidance on how to resolve their
respective issue.
## [0.3.0] - 2022-05-02
First non-beta release!
### Changed
- MSRV is now 1.56.0.
- During decryption, when asked to insert a YubiKey, you can now choose to skip
it, allowing the client to move on to the next identity instead of returning
an error.
- Certain kinds of PIN invalidity will now cause the plugin to re-request the
PIN instead of aborting: if the PIN is too short or too long, or if the user
touched the YubiKey early and "typed" an OTP.
### Fixed
- The "default" identity (provided by clients that invoke `age-plugin-yubikey`
using `-j yubikey`) previously caused a panic. It is now correctly treated as
an invalid identity (because this plugin does not support default identities).
## [0.2.0] - 2021-11-22
### Fixed
- Attempts-before-blocked counter is now returned as part of the invalid PIN
error string.
- PIN is no longer requested when fetching the recipient for a slot, or when
decrypting with a slot that has a PIN policy of Never.
- Migrated to `yubikey 0.5` to fix `cargo install age-plugin-yubikey` error
(caused by the `yubikey-piv` crate being yanked after it was renamed).
## [0.1.0] - 2021-05-02
Initial beta release.

61
Cargo.toml Normal file
View File

@@ -0,0 +1,61 @@
[package]
name = "age-plugin-yubikey"
description = "YubiKey plugin for age clients"
version = "0.3.3"
authors = ["Jack Grigg <thestr4d@gmail.com>"]
repository = "https://github.com/str4d/age-plugin-yubikey"
readme = "README.md"
keywords = ["age", "cli", "encryption", "yubikey"]
categories = ["command-line-utilities", "cryptography"]
license = "MIT OR Apache-2.0"
edition = "2021"
rust-version = "1.60" # MSRV
[package.metadata.deb]
extended-description = """\
An age plugin adding support for YubiKeys and other PIV hardware tokens."""
section = "utils"
assets = [
["target/release/age-plugin-yubikey", "usr/bin/", "755"],
["target/manpages/age-plugin-yubikey.1.gz", "usr/share/man/man1/", "644"],
["README.md", "usr/share/doc/age-plugin-yubikey/README.md", "644"],
]
[dependencies]
age-core = "0.9"
age-plugin = "0.4"
base64 = "0.20"
bech32 = "0.9"
console = { version = "0.15", default-features = false }
dialoguer = { version = "0.10", default-features = false, features = ["password"] }
env_logger = "0.10"
gumdrop = "0.8"
hex = "0.4"
log = "0.4"
p256 = { version = "0.11", features = ["ecdh"] }
pcsc = "2.4"
rand = "0.8"
sha2 = "0.10"
which = "4.1"
x509 = "0.2"
x509-parser = "0.14"
yubikey = { version = "0.7", features = ["untested"] }
# Translations
i18n-embed = { version = "0.13", features = ["desktop-requester", "fluent-system"] }
i18n-embed-fl = "0.6"
lazy_static = "1"
rust-embed = "6"
# GnuPG coexistence
sysinfo = "0.27"
[dev-dependencies]
flate2 = "1"
man = "0.3"
tempfile = "3"
test-with = "0.9"
which = "4"
[patch.crates-io]
yubikey = { git = "https://github.com/iqlusioninc/yubikey.rs.git", rev = "1d33ea174791f699dfc0e6a06648aa3d9e066144" }

202
LICENSE-APACHE Normal file
View File

@@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

21
LICENSE-MIT Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2020 Jack Grigg
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

192
README.md
View File

@@ -1,3 +1,191 @@
# age-plugin-yubikey # YubiKey plugin for age clients
`age-plugin-yubikey` is a plugin for [age](https://age-encryption.org/v1) clients
like [`age`](https://age-encryption.org) and [`rage`](https://str4d.xyz/rage),
which enables files to be encrypted to age identities stored on YubiKeys.
## Installation
On Windows, Linux, and macOS, you can use the
[pre-built binaries](https://github.com/str4d/age-plugin-yubikey/releases).
If your system has Rust 1.60+ installed (either via `rustup` or a system
package), you can build directly from source:
```
cargo install age-plugin-yubikey
```
Help from new packagers is very welcome.
### macOS
You can install using Homebrew:
```
brew install age-plugin-yubikey
```
### Linux, BSD, etc.
On non-Windows, non-macOS systems, you need to ensure that the `pcscd` service
is installed and running.
#### Debian or Ubuntu
```
$ sudo apt-get install pcscd
```
#### OpenBSD
As ```root``` do:
```
$ pkg_add pcsc-lite
$ rcctl enable pcscd
$ rcctl start pcscd
```
#### FreeBSD
As ```root``` do:
```
$ pkg install pcsc-lite
$ service pcscd enable
$ service pcscd start
```
### Windows Subsystem for Linux (WSL)
WSL does not currently provide native support for USB devices. However, Windows
binaries installed on the host can be run from inside a WSL environment. This
means that you can encrypt or decrypt files inside a WSL environment with a
YubiKey:
1. Install `age-plugin-yubikey` on the Windows host.
2. Install an age client inside the WSL environment.
3. Ensure that `age-plugin-yubikey.exe` is available in the WSL environment's
`PATH`. For default WSL setups, the Windows host's `PATH` is automatically
added to the WSL environment's `PATH` (see
[this Microsoft blog post](https://devblogs.microsoft.com/commandline/share-environment-vars-between-wsl-and-windows/)
for more details).
## Configuration
There are two ways to configure a YubiKey as an `age` identity. You can run the
plugin binary directly to use a simple text interface, which will create an age
identity file:
```
$ age-plugin-yubikey
```
Or you can use command-line flags to programmatically generate an identity and
print it to standard output:
```
$ age-plugin-yubikey --generate \
[--serial SERIAL] \
[--slot SLOT] \
[--name NAME] \
[--pin-policy PIN-POLICY] \
[--touch-policy TOUCH-POLICY]
```
Once an identity has been created, you can regenerate it later:
```
$ age-plugin-yubikey --identity [--serial SERIAL] --slot SLOT
```
## Usage
The age recipients contained in all connected YubiKeys can be printed on
standard output:
```
$ age-plugin-yubikey --list
```
To encrypt files to these YubiKey recipients, ensure that `age-plugin-yubikey`
is accessible in your `PATH`, and then use the recipients with an age client as
normal (e.g. `rage -r age1yubikey1...`).
The output of the `--list` command can also be used directly to encrypt files to
all recipients (e.g. `age -R filename.txt`).
To decrypt files encrypted to a YubiKey identity, pass the identity file to the
age client as normal (e.g. `rage -d -i yubikey-identity.txt`).
## Advanced topics
### Agent support
`age-plugin-yubikey` does not provide or interact with an agent for decryption.
It does however attempt to preserve the PIN cache by not soft-resetting the
YubiKey after a decryption or read-only operation, which enables YubiKey
identities configured with a PIN policy of `once` to not prompt for the PIN on
every decryption. **This does not work for YubiKey 4 series.**
The session that corresponds to the `once` policy can be ended in several ways,
not all of which are necessarily intuitive:
- Unplugging the YubiKey (the obvious way).
- Using a different applet (e.g. FIDO2). This causes the PIV applet to be closed
which clears its state.
- This is why the YubiKey 4 series does not support PIN cache preservation:
their serial can only be obtained by switching to the OTP applet.
- Generating a new age identity via `age-plugin-yubikey --generate` or the CLI
interface. This is to avoid leaving the YubiKey authenticated with the
management key.
If the current PIN UX proves to be insufficient, a decryption agent will most
likely be implemented as a separate age plugin that interacts with
[`yubikey-agent`](https://github.com/FiloSottile/yubikey-agent), enabling
YubiKeys to be used simultaneously with age and SSH.
### Manual setup and technical details
`age-plugin-yubikey` only officially supports the following YubiKey variants,
set up either via the text interface or the `--generate` flag:
- YubiKey 4 series
- YubiKey 5 series
NOTE: Nano and USB-C variants of the above are also supported. The pre-YK4
YubiKey NEO series is **NOT** supported. The blue "Security Key by Yubico" will
also not work (as it doesn't support PIV).
In practice, any PIV token with an ECDSA P-256 key and certificate in one of the
20 "retired" slots should work. You can list all age-compatible keys with:
```
$ age-plugin-yubikey --list-all
```
`age-plugin-yubikey` implements several automatic security management features:
- If it detects that the default PIN is being used, it will prompt the user to
change the PIN. The PUK is then set to the same value as the PIN.
- If it detects that the default management key is being used, it generates a
random management key and stores it in PIN-protected metadata.
`age-plugin-yubikey` does not support custom management keys.
## License
Licensed under either of
* Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
http://www.apache.org/licenses/LICENSE-2.0)
* MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)
at your option.
### Contribution
Unless you explicitly state otherwise, any contribution intentionally
submitted for inclusion in the work by you, as defined in the Apache-2.0
license, shall be dual licensed as above, without any additional terms or
conditions.
From: https://github.com/str4d/age-plugin-yubikey

93
examples/generate-docs.rs Normal file
View File

@@ -0,0 +1,93 @@
use flate2::{write::GzEncoder, Compression};
use man::prelude::*;
use std::fs::{create_dir_all, File};
use std::io::prelude::*;
const MANPAGES_DIR: &str = "./target/manpages";
fn generate_manpage(page: String, name: &str) {
let file = File::create(format!("{}/{}.1.gz", MANPAGES_DIR, name))
.expect("Should be able to open file in target directory");
let mut encoder = GzEncoder::new(file, Compression::best());
encoder
.write_all(page.as_bytes())
.expect("Should be able to write to file in target directory");
}
fn main() {
// Create the target directory if it does not exist.
let _ = create_dir_all(MANPAGES_DIR);
let builder = Manual::new("age-plugin-yubikey")
.about("An age plugin adding support for YubiKeys and other PIV hardware tokens")
.author(Author::new("Jack Grigg").email("thestr4d@gmail.com"))
.flag(
Flag::new()
.short("-h")
.long("--help")
.help("Display help text and exit."),
)
.flag(
Flag::new()
.short("-V")
.long("--version")
.help("Display version info and exit."),
)
.flag(
Flag::new()
.short("-f")
.long("--force")
.help("Force --generate to overwrite a filled slot."),
)
.flag(
Flag::new()
.short("-g")
.long("--generate")
.help("Generate a new YubiKey identity."),
)
.flag(
Flag::new()
.short("-i")
.long("--identity")
.help("Print identities stored in connected YubiKeys."),
)
.flag(
Flag::new()
.short("-l")
.long("--list")
.help("List recipients for age identities in connected YubiKeys."),
)
.flag(
Flag::new()
.long("--list-all")
.help("List recipients for all YubiKey keys that are compatible with age."),
)
.flag(
Flag::new()
.long("--name")
.help("Name for the generated identity. Defaults to 'age identity HEX_TAG'."),
)
.flag(
Flag::new()
.long("--pin-policy")
.help("One of [always, once, never]. Defaults to 'once'."),
)
.flag(
Flag::new()
.long("--serial")
.help("Specify which YubiKey to use, if more than one is plugged in."),
)
.flag(
Flag::new()
.long("--slot")
.help("Specify which slot to use. Defaults to first usable slot."),
)
.flag(
Flag::new()
.long("--touch-policy")
.help("One of [always, cached, never]. Defaults to 'always'."),
);
let page = builder.render();
generate_manpage(page, "age-plugin-yubikey");
}

4
i18n.toml Normal file
View File

@@ -0,0 +1,4 @@
fallback_language = "en-US"
[fluent]
assets_dir = "i18n"

246
i18n/en-US/age_plugin_yubikey.ftl Normal file
View File

@@ -0,0 +1,246 @@
# Copyright 2022 Jack Grigg
#
# Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
# http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
# <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
# option. This file may not be copied, modified, or distributed
# except according to those terms.
### Localization for strings in age-plugin-yubikey
-age = age
-yubikey = YubiKey
-yubikeys = YubiKeys
-age-plugin-yubikey = age-plugin-yubikey
-pcscd = pcscd
## CLI commands and flags
-cmd-generate = --generate
-cmd-identity = --identity
-cmd-list = --list
-cmd-list-all = --list-all
-flag-force = --force
-flag-serial = --serial
-flag-slot = --slot
## YubiKey metadata
pin-policy-always = Always (A PIN is required for every decryption, if set)
pin-policy-once = Once (A PIN is required once per session, if set)
pin-policy-never = Never (A PIN is NOT required to decrypt)
touch-policy-always = Always (A physical touch is required for every decryption)
touch-policy-cached = Cached (A physical touch is required for decryption, and is cached for 15 seconds)
touch-policy-never = Never (A physical touch is NOT required to decrypt)
unknown-policy = Unknown
yubikey-metadata =
# Serial: {$serial}, Slot: {$slot}
# Name: {$name}
# Created: {$created}
# PIN policy: {$pin_policy}
# Touch policy: {$touch_policy}
yubikey-identity =
{$yubikey_metadata}
# Recipient: {$recipient}
{$identity}
## CLI setup via text interface
cli-setup-intro =
✨ Let's get your {-yubikey} set up for {-age}! ✨
This tool can create a new {-age} identity in a free slot of your {-yubikey}.
It will generate an identity file that you can use with an {-age} client,
along with the corresponding recipient. You can also do this directly
with:
{" "}{$generate_usage}
If you are already using a {-yubikey} with {-age}, you can select an existing
slot to recreate its corresponding identity file and recipient.
When asked below to select an option, use the up/down arrow keys to
make your choice, or press [Esc] or [q] to quit.
cli-setup-insert-yk = ⏳ Please insert the {-yubikey} you want to set up.
cli-setup-yk-name = {$yubikey_name} (Serial: {$yubikey_serial})
cli-setup-select-yk = 🔑 Select a {-yubikey}
cli-setup-slot-usable = Slot {$slot_index} ({$slot_name})
cli-setup-slot-unusable = Slot {$slot_index} (Unusable)
cli-setup-slot-empty = Slot {$slot_index} (Empty)
cli-setup-select-slot = 🕳️ Select a slot for your {-age} identity
cli-setup-name-identity = 📛 Name this identity
cli-setup-select-pin-policy = 🔤 Select a PIN policy
cli-setup-select-touch-policy = 👆 Select a touch policy
cli-setup-yk4-pin-policy =
⚠️ Your {-yubikey} is a {-yubikey} 4 series. With ephemeral applications like
{-age-plugin-yubikey}, a PIN policy of "Once" behaves like a PIN policy of
"Always", and your PIN will be requested for every decryption. However, you
might still benefit from a PIN policy of "Once" in long-running applications
like agents.
cli-setup-yk4-pin-policy-confirm = Use PIN policy of "Once" with {-yubikey} 4?
cli-setup-generate-new = Generate new identity in slot {$slot_index}?
cli-setup-use-existing = Use existing identity in slot {$slot_index}?
cli-setup-identity-file-name = 📝 File name to write this identity to
cli-setup-identity-file-exists = File exists. Overwrite it?
cli-setup-finished =
✅ Done! This {-yubikey} identity is ready to go.
🔑 { $is_new ->
[true] Here's your shiny new {-yubikey} recipient:
*[false] Here's the corresponding {-yubikey} recipient:
}
{" "}{$recipient}
Here are some example things you can do with it:
- Encrypt a file to this identity:
{" "}{$encrypt_usage}
- Decrypt a file with this identity:
{" "}{$decrypt_usage}
- Recreate the identity file:
{" "}{$identity_usage}
- Recreate the recipient:
{" "}{$recipient_usage}
💭 Remember: everything breaks, have a backup plan for when this {-yubikey} does.
## Programmatic usage
open-yk-with-serial = ⏳ Please insert the {-yubikey} with serial {$yubikey_serial}.
open-yk-without-serial = ⏳ Please insert the {-yubikey}.
warn-yk-not-connected = Ignoring {$yubikey_name}: not connected
print-recipient = Recipient: {$recipient}
printed-kind-identities = identities
printed-kind-recipients = recipients
printed-multiple = Generated {$kind} for {$count} slots. If you intended to select a slot, use {-flag-slot}.
## YubiKey management
mgr-enter-pin = Enter PIN for {-yubikey} with serial {$yubikey_serial} (default is {$default_pin})
mgr-change-default-pin =
✨ Your {-yubikey} is using the default PIN. Let's change it!
✨ We'll also set the PUK equal to the PIN.
🔐 The PIN can be numbers, letters, or symbols. Not just numbers!
📏 The PIN must be at least 6 and at most 8 characters in length.
❌ Your keys will be lost if the PIN and PUK are locked after 3 incorrect tries.
mgr-enter-current-puk = Enter current PUK (default is {$default_puk})
mgr-choose-new-pin = Choose a new PIN/PUK
mgr-repeat-new-pin = Repeat the PIN/PUK
mgr-pin-mismatch = PINs don't match
mgr-nope-default-pin = You entered the default PIN again. You need to change it.
mgr-changing-mgmt-key =
✨ Your {-yubikey} is using the default management key.
✨ We'll migrate it to a PIN-protected management key.
mgr-changing-mgmt-key-error =
An error occurred while setting the new management key.
⚠️ SAVE THIS MANAGEMENT KEY - YOU MAY NEED IT TO MANAGE YOUR {-yubikey}! ⚠️
{" "}{$management_key}
mgr-changing-mgmt-key-success = Success!
## YubiKey keygen
builder-gen-key = 🎲 Generating key...
builder-gen-cert = 🔏 Generating certificate...
builder-touch-yk = 👆 Please touch the {-yubikey}
## Plugin usage
plugin-err-invalid-recipient = Invalid recipient
plugin-err-invalid-identity = Invalid {-yubikey} stub
plugin-err-invalid-stanza = Invalid {-yubikey} stanza
plugin-err-decryption-failed = Failed to decrypt {-yubikey} stanza
plugin-insert-yk = Please insert {-yubikey} with serial {$yubikey_serial}
plugin-yk-is-plugged-in = {-yubikey} is plugged in
plugin-skip-this-yk = Skip this {-yubikey}
plugin-insert-yk-retry = Could not open {-yubikey}. Please insert {-yubikey} with serial {$yubikey_serial}
plugin-err-yk-not-found = Could not find {-yubikey} with serial {$yubikey_serial}
plugin-err-yk-opening = Could not open {-yubikey} with serial {$yubikey_serial}
plugin-err-yk-timed-out = Timed out while waiting for {-yubikey} with serial {$yubikey_serial} to be inserted
plugin-err-yk-stub-mismatch = A {-yubikey} stub did not match the {-yubikey}
plugin-err-yk-invalid-pin-policy = Certificate for {-yubikey} identity contains an invalid PIN policy
plugin-enter-pin = Enter PIN for {-yubikey} with serial {$yubikey_serial}
plugin-err-accidental-touch = Did you touch the {-yubikey} by accident?
plugin-err-pin-too-short = PIN was too short.
plugin-err-pin-too-long = PIN was too long.
plugin-err-pin-required = A PIN is required for {-yubikey} with serial {$yubikey_serial}
## Errors
err-custom-mgmt-key = Custom unprotected non-TDES management keys are not supported.
rec-custom-mgmt-key =
You can use the {-yubikey} Manager CLI to change to a protected management key:
{" "}{$cmd}
See here for more information about {-yubikey} Manager:
{" "}{$url}
err-invalid-flag-command = Flag '{$flag}' cannot be used with '{$command}'.
err-invalid-flag-tui = Flag '{$flag}' cannot be used with the interactive interface.
err-invalid-pin-policy = Invalid PIN policy '{$policy}' (expected [{$expected}]).
err-invalid-slot = Invalid slot '{$slot}' (expected number between 1 and 20).
err-invalid-touch-policy = Invalid touch policy '{$policy}' (expected [{$expected}]).
err-io = Failed to set up {-yubikey}: {$err}
err-multiple-commands = Only one of {-cmd-generate}, {-cmd-identity}, {-cmd-list}, {-cmd-list-all} can be specified.
err-multiple-yubikeys = Multiple {-yubikeys} are plugged in. Use {-flag-serial} to select a single {-yubikey}.
err-no-empty-slots = {-yubikey} with serial {$serial} has no empty slots.
err-no-matching-serial = Could not find {-yubikey} with serial {$serial}.
err-slot-has-no-identity = Slot {$slot} does not contain an {-age} identity or compatible key.
err-slot-is-not-empty = Slot {$slot} is not empty. Use {-flag-force} to overwrite the slot.
err-timed-out = Timed out while waiting for a {-yubikey} to be inserted.
err-use-list-for-single = Use {-cmd-list} to print the recipient for a single slot.
err-yk-no-service-macos = The Crypto Token Kit service is not running.
rec-yk-no-service-macos =
You may need to restart it. See this Stack Exchange answer for more help:
{" "}{$url}
err-yk-no-service-pcscd = {-pcscd} is not running.
rec-yk-no-service-pcscd =
If you are on Debian or Ubuntu, you can install it with:
{" "}{$apt}
rec-yk-no-service-pcscd-bsd =
You can install and run it as root with:
{" "}{$pkg}
{" "}{$service_enable}
{" "}{$service_start}
err-yk-no-service-win = The Smart Cards for Windows service is not running.
rec-yk-no-service-win =
See this troubleshooting guide for more help:
{" "}{$url}
err-yk-not-found = Please insert the {-yubikey} you want to set up
err-yk-general = Error while communicating with {-yubikey}: {$err}
err-yk-general-cause = Cause: {$inner_err}
err-yk-wrong-pin = Invalid {$pin_kind} ({$tries ->
[one] {$tries} try remaining
*[other] {$tries} tries remaining
} before it is blocked)
err-yk-pin-locked = {$pin_kind} locked
err-ux-A = Did this not do what you expected? Could an error be more useful?
err-ux-B = Tell us
# Put (len(A) - len(B) - 46) spaces here.
err-ux-C = {" "}

1
rust-toolchain Normal file
View File

@@ -0,0 +1 @@
1.60.0

163
src/builder.rs Normal file
View File

@@ -0,0 +1,163 @@
use dialoguer::Password;
use rand::{rngs::OsRng, RngCore};
use x509::RelativeDistinguishedName;
use yubikey::{
certificate::Certificate,
piv::{generate as yubikey_generate, AlgorithmId, RetiredSlotId, SlotId},
Key, PinPolicy, TouchPolicy, YubiKey,
};
use crate::{
error::Error,
fl,
key::{self, Stub},
p256::Recipient,
util::{Metadata, POLICY_EXTENSION_OID},
BINARY_NAME, USABLE_SLOTS,
};
pub(crate) const DEFAULT_PIN_POLICY: PinPolicy = PinPolicy::Once;
pub(crate) const DEFAULT_TOUCH_POLICY: TouchPolicy = TouchPolicy::Always;
pub(crate) struct IdentityBuilder {
slot: Option<RetiredSlotId>,
force: bool,
name: Option<String>,
pin_policy: Option<PinPolicy>,
touch_policy: Option<TouchPolicy>,
}
impl IdentityBuilder {
pub(crate) fn new(slot: Option<RetiredSlotId>) -> Self {
IdentityBuilder {
slot,
name: None,
pin_policy: None,
touch_policy: None,
force: false,
}
}
pub(crate) fn with_name(mut self, name: Option<String>) -> Self {
self.name = name;
self
}
pub(crate) fn with_pin_policy(mut self, pin_policy: Option<PinPolicy>) -> Self {
self.pin_policy = pin_policy;
self
}
pub(crate) fn with_touch_policy(mut self, touch_policy: Option<TouchPolicy>) -> Self {
self.touch_policy = touch_policy;
self
}
pub(crate) fn force(mut self, force: bool) -> Self {
self.force = force;
self
}
pub(crate) fn build(self, yubikey: &mut YubiKey) -> Result<(Stub, Recipient, Metadata), Error> {
let slot = match self.slot {
Some(slot) => {
if !self.force {
// Check that the slot is empty.
if Key::list(yubikey)?
.into_iter()
.any(|key| key.slot() == SlotId::Retired(slot))
{
return Err(Error::SlotIsNotEmpty(slot));
}
}
// Now either the slot is empty, or --force is specified.
slot
}
None => {
// Use the first empty slot.
let keys = Key::list(yubikey)?;
USABLE_SLOTS
.iter()
.find(|&&slot| !keys.iter().any(|key| key.slot() == SlotId::Retired(slot)))
.cloned()
.ok_or_else(|| Error::NoEmptySlots(yubikey.serial()))?
}
};
let pin_policy = self.pin_policy.unwrap_or(DEFAULT_PIN_POLICY);
let touch_policy = self.touch_policy.unwrap_or(DEFAULT_TOUCH_POLICY);
eprintln!("{}", fl!("builder-gen-key"));
// No need to ask for users to enter their PIN if the PIN policy requires it,
// because here we _always_ require them to enter their PIN in order to access the
// protected management key (which is necessary in order to generate identities).
key::manage(yubikey)?;
// Generate a new key in the selected slot.
let generated = yubikey_generate(
yubikey,
SlotId::Retired(slot),
AlgorithmId::EccP256,
pin_policy,
touch_policy,
)?;
let recipient = Recipient::from_spki(&generated).expect("YubiKey generates a valid pubkey");
let stub = Stub::new(yubikey.serial(), slot, &recipient);
eprintln!();
eprintln!("{}", fl!("builder-gen-cert"));
// Pick a random serial for the new self-signed certificate.
let mut serial = [0; 20];
OsRng.fill_bytes(&mut serial);
let name = self
.name
.unwrap_or(format!("age identity {}", hex::encode(stub.tag)));
if let PinPolicy::Always = pin_policy {
// We need to enter the PIN again.
let pin = Password::new()
.with_prompt(fl!(
"plugin-enter-pin",
yubikey_serial = yubikey.serial().to_string(),
))
.report(true)
.interact()?;
yubikey.verify_pin(pin.as_bytes())?;
}
if let TouchPolicy::Never = touch_policy {
// No need to touch YubiKey
} else {
eprintln!("{}", fl!("builder-touch-yk"));
}
let cert = Certificate::generate_self_signed(
yubikey,
SlotId::Retired(slot),
serial,
None,
&[
RelativeDistinguishedName::organization(BINARY_NAME),
RelativeDistinguishedName::organizational_unit(env!("CARGO_PKG_VERSION")),
RelativeDistinguishedName::common_name(&name),
],
generated,
&[x509::Extension::regular(
POLICY_EXTENSION_OID,
&[pin_policy.into(), touch_policy.into()],
)],
)?;
let metadata = Metadata::extract(yubikey, slot, &cert, false).unwrap();
Ok((
Stub::new(yubikey.serial(), slot, &recipient),
recipient,
metadata,
))
}
}

166
src/error.rs Normal file
View File

@@ -0,0 +1,166 @@
use std::fmt;
use std::io;
use yubikey::{piv::RetiredSlotId, Serial};
use crate::util::slot_to_ui;
macro_rules! wlnfl {
($f:ident, $message_id:literal) => {
writeln!($f, "{}", $crate::fl!($message_id))
};
($f:ident, $message_id:literal, $($kwarg:expr),* $(,)*) => {{
writeln!($f, "{}", $crate::fl!($message_id, $($kwarg,)*))
}};
}
pub enum Error {
CustomManagementKey,
InvalidFlagCommand(String, String),
InvalidFlagTui(String),
InvalidPinPolicy(String),
InvalidSlot(u8),
InvalidTouchPolicy(String),
Io(io::Error),
MultipleCommands,
MultipleYubiKeys,
NoEmptySlots(Serial),
NoMatchingSerial(Serial),
PukLocked,
SlotHasNoIdentity(RetiredSlotId),
SlotIsNotEmpty(RetiredSlotId),
TimedOut,
UseListForSingleSlot,
WrongPuk(u8),
YubiKey(yubikey::Error),
}
impl From<io::Error> for Error {
fn from(e: io::Error) -> Self {
Error::Io(e)
}
}
impl From<yubikey::Error> for Error {
fn from(e: yubikey::Error) -> Self {
Error::YubiKey(e)
}
}
// Rust only supports `fn main() -> Result<(), E: Debug>`, so we implement `Debug`
// manually to provide the error output we want.
impl fmt::Debug for Error {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
Error::CustomManagementKey => {
wlnfl!(f, "err-custom-mgmt-key")?;
let cmd = "ykman piv access change-management-key --protect";
let url = "https://developers.yubico.com/yubikey-manager/";
wlnfl!(f, "rec-custom-mgmt-key", cmd = cmd, url = url)?;
}
Error::InvalidFlagCommand(flag, command) => wlnfl!(
f,
"err-invalid-flag-command",
flag = flag.as_str(),
command = command.as_str(),
)?,
Error::InvalidFlagTui(flag) => wlnfl!(f, "err-invalid-flag-tui", flag = flag.as_str())?,
Error::InvalidPinPolicy(s) => wlnfl!(
f,
"err-invalid-pin-policy",
policy = s.as_str(),
expected = "always, once, never",
)?,
Error::InvalidSlot(slot) => wlnfl!(f, "err-invalid-slot", slot = slot)?,
Error::InvalidTouchPolicy(s) => wlnfl!(
f,
"err-invalid-touch-policy",
policy = s.as_str(),
expected = "always, cached, never",
)?,
Error::Io(e) => wlnfl!(f, "err-io", err = e.to_string())?,
Error::MultipleCommands => wlnfl!(f, "err-multiple-commands")?,
Error::MultipleYubiKeys => wlnfl!(f, "err-multiple-yubikeys")?,
Error::NoEmptySlots(serial) => {
wlnfl!(f, "err-no-empty-slots", serial = serial.to_string())?
}
Error::NoMatchingSerial(serial) => {
wlnfl!(f, "err-no-matching-serial", serial = serial.to_string())?
}
Error::PukLocked => wlnfl!(f, "err-yk-pin-locked", pin_kind = "PUK")?,
Error::SlotHasNoIdentity(slot) => {
wlnfl!(f, "err-slot-has-no-identity", slot = slot_to_ui(slot))?
}
Error::SlotIsNotEmpty(slot) => {
wlnfl!(f, "err-slot-is-not-empty", slot = slot_to_ui(slot))?
}
Error::TimedOut => wlnfl!(f, "err-timed-out")?,
Error::UseListForSingleSlot => wlnfl!(f, "err-use-list-for-single")?,
Error::WrongPuk(tries) => {
wlnfl!(f, "err-yk-wrong-pin", pin_kind = "PUK", tries = tries)?
}
Error::YubiKey(e) => match e {
yubikey::Error::NotFound => wlnfl!(f, "err-yk-not-found")?,
yubikey::Error::PcscError {
inner: Some(pcsc::Error::NoService),
} => {
if cfg!(windows) {
wlnfl!(f, "err-yk-no-service-win")?;
let url = "https://learn.microsoft.com/en-us/windows/security/identity-protection/smart-cards/smart-card-debugging-information#smart-card-service";
wlnfl!(f, "rec-yk-no-service-win", url = url)?;
} else if cfg!(target_os = "macos") {
wlnfl!(f, "err-yk-no-service-macos")?;
let url = "https://apple.stackexchange.com/a/438198";
wlnfl!(f, "rec-yk-no-service-macos", url = url)?;
} else if cfg!(target_os = "openbsd") {
wlnfl!(f, "err-yk-no-service-pcscd")?;
let pkg = "pkg_add pcsc-lite";
let service_enable = "rcctl enable pcscd";
let service_start = "rcctl start pcscd";
wlnfl!(
f,
"rec-yk-no-service-pcscd-bsd",
pkg = pkg,
service_enable = service_enable,
service_start = service_start
)?;
} else if cfg!(target_os = "freebsd") {
wlnfl!(f, "err-yk-no-service-pcscd")?;
let pkg = "pkg install pcsc-lite";
let service_enable = "service pcscd enable";
let service_start = "service pcscd start";
wlnfl!(
f,
"rec-yk-no-service-pcscd-bsd",
pkg = pkg,
service_enable = service_enable,
service_start = service_start
)?;
} else {
wlnfl!(f, "err-yk-no-service-pcscd")?;
let apt = "sudo apt-get install pcscd";
wlnfl!(f, "rec-yk-no-service-pcscd", apt = apt)?;
}
}
yubikey::Error::PinLocked => wlnfl!(f, "err-yk-pin-locked", pin_kind = "PIN")?,
yubikey::Error::WrongPin { tries } => {
wlnfl!(f, "err-yk-wrong-pin", pin_kind = "PIN", tries = tries)?
}
e => {
wlnfl!(f, "err-yk-general", err = e.to_string())?;
use std::error::Error;
if let Some(inner) = e.source() {
wlnfl!(f, "err-yk-general-cause", inner_err = inner.to_string())?;
}
}
},
}
writeln!(f)?;
writeln!(f, "[ {} ]", crate::fl!("err-ux-A"))?;
write!(
f,
"[ {}: https://str4d.xyz/age-plugin-yubikey/report {} ]",
crate::fl!("err-ux-B"),
crate::fl!("err-ux-C")
)
}
}

151
src/format.rs Normal file
View File

@@ -0,0 +1,151 @@
use age_core::{
format::{FileKey, Stanza},
primitives::aead_encrypt,
secrecy::ExposeSecret,
};
use p256::{
ecdh::EphemeralSecret,
elliptic_curve::sec1::{FromEncodedPoint, ToEncodedPoint},
};
use rand::rngs::OsRng;
use sha2::Sha256;
use crate::{p256::Recipient, STANZA_TAG};
pub(crate) const STANZA_KEY_LABEL: &[u8] = b"piv-p256";
const TAG_BYTES: usize = 4;
const EPK_BYTES: usize = 33;
const ENCRYPTED_FILE_KEY_BYTES: usize = 32;
const STANDARD_NO_PAD: &base64::engine::fast_portable::FastPortable = {
use base64::{
alphabet::STANDARD,
engine::fast_portable::{FastPortable, NO_PAD},
};
&FastPortable::from(&STANDARD, NO_PAD)
};
/// The ephemeral key bytes in a piv-p256 stanza.
///
/// The bytes contain a compressed SEC-1 encoding of a valid point.
#[derive(Debug)]
pub(crate) struct EphemeralKeyBytes(p256::EncodedPoint);
impl EphemeralKeyBytes {
fn from_bytes(bytes: [u8; EPK_BYTES]) -> Option<Self> {
let encoded = p256::EncodedPoint::from_bytes(&bytes).ok()?;
if encoded.is_compressed()
&& p256::PublicKey::from_encoded_point(&encoded)
.is_some()
.into()
{
Some(EphemeralKeyBytes(encoded))
} else {
None
}
}
fn from_public_key(epk: &p256::PublicKey) -> Self {
EphemeralKeyBytes(epk.to_encoded_point(true))
}
pub(crate) fn as_bytes(&self) -> &[u8] {
self.0.as_bytes()
}
pub(crate) fn decompress(&self) -> p256::EncodedPoint {
// EphemeralKeyBytes is a valid compressed encoding by construction.
let p = p256::PublicKey::from_encoded_point(&self.0).unwrap();
p.to_encoded_point(false)
}
}
#[derive(Debug)]
pub(crate) struct RecipientLine {
pub(crate) tag: [u8; TAG_BYTES],
pub(crate) epk_bytes: EphemeralKeyBytes,
pub(crate) encrypted_file_key: [u8; ENCRYPTED_FILE_KEY_BYTES],
}
impl From<RecipientLine> for Stanza {
fn from(r: RecipientLine) -> Self {
Stanza {
tag: STANZA_TAG.to_owned(),
args: vec![
base64::encode_engine(&r.tag, STANDARD_NO_PAD),
base64::encode_engine(r.epk_bytes.as_bytes(), STANDARD_NO_PAD),
],
body: r.encrypted_file_key.to_vec(),
}
}
}
impl RecipientLine {
pub(super) fn from_stanza(s: &Stanza) -> Option<Result<Self, ()>> {
if s.tag != STANZA_TAG {
return None;
}
fn base64_arg<A: AsRef<[u8]>, B: AsMut<[u8]>>(arg: &A, mut buf: B) -> Option<B> {
if arg.as_ref().len() != ((4 * buf.as_mut().len()) + 2) / 3 {
return None;
}
base64::decode_engine_slice(arg, buf.as_mut(), STANDARD_NO_PAD)
.ok()
.map(|_| buf)
}
let (tag, epk_bytes) = match &s.args[..] {
[tag, epk_bytes] => (
base64_arg(tag, [0; TAG_BYTES]),
base64_arg(epk_bytes, [0; EPK_BYTES]).and_then(EphemeralKeyBytes::from_bytes),
),
_ => (None, None),
};
Some(match (tag, epk_bytes, s.body[..].try_into()) {
(Some(tag), Some(epk_bytes), Ok(encrypted_file_key)) => Ok(RecipientLine {
tag,
epk_bytes,
encrypted_file_key,
}),
// Anything else indicates a structurally-invalid stanza.
_ => Err(()),
})
}
pub(crate) fn wrap_file_key(file_key: &FileKey, pk: &Recipient) -> Self {
let esk = EphemeralSecret::random(OsRng);
let epk = esk.public_key();
let epk_bytes = EphemeralKeyBytes::from_public_key(&epk);
let shared_secret = esk.diffie_hellman(pk.public_key());
let mut salt = vec![];
salt.extend_from_slice(epk_bytes.as_bytes());
salt.extend_from_slice(pk.to_encoded().as_bytes());
let enc_key = {
let mut okm = [0; 32];
shared_secret
.extract::<Sha256>(Some(&salt))
.expand(STANZA_KEY_LABEL, &mut okm)
.expect("okm is the correct length");
okm
};
let encrypted_file_key = {
let mut key = [0; ENCRYPTED_FILE_KEY_BYTES];
key.copy_from_slice(&aead_encrypt(&enc_key, file_key.expose_secret()));
key
};
RecipientLine {
tag: pk.tag(),
epk_bytes,
encrypted_file_key,
}
}
}

770
src/key.rs Normal file
View File

@@ -0,0 +1,770 @@
//! Structs for handling YubiKeys.
use age_core::{
format::{FileKey, FILE_KEY_BYTES},
primitives::{aead_decrypt, hkdf},
secrecy::{ExposeSecret, SecretString},
};
use age_plugin::{identity, Callbacks};
use bech32::{ToBase32, Variant};
use dialoguer::Password;
use log::{debug, error, warn};
use std::convert::Infallible;
use std::fmt;
use std::io;
use std::iter;
use std::thread::sleep;
use std::time::{Duration, Instant, SystemTime};
use yubikey::{
certificate::Certificate,
piv::{decrypt_data, AlgorithmId, RetiredSlotId, SlotId},
reader::{Context, Reader},
Key, MgmKey, PinPolicy, Serial, TouchPolicy, YubiKey,
};
use crate::{
error::Error,
fl,
format::{RecipientLine, STANZA_KEY_LABEL},
p256::{Recipient, TAG_BYTES},
util::{otp_serial_prefix, Metadata},
IDENTITY_PREFIX,
};
const ONE_SECOND: Duration = Duration::from_secs(1);
const FIFTEEN_SECONDS: Duration = Duration::from_secs(15);
pub(crate) fn is_connected(reader: Reader) -> bool {
filter_connected(&reader)
}
pub(crate) fn filter_connected(reader: &Reader) -> bool {
match reader.open() {
Err(yubikey::Error::PcscError {
inner: Some(pcsc::Error::NoSmartcard | pcsc::Error::RemovedCard),
}) => {
warn!(
"{}",
fl!("warn-yk-not-connected", yubikey_name = reader.name())
);
false
}
Err(_) => true,
Ok(yubikey) => {
// We only connected as a side-effect of confirming that we can connect, so
// avoid resetting the YubiKey.
disconnect_without_reset(yubikey);
true
}
}
}
pub(crate) fn wait_for_readers() -> Result<Context, Error> {
// Start a 15-second timer waiting for a YubiKey to be inserted (if necessary).
let start = SystemTime::now();
loop {
let mut readers = Context::open()?;
if readers.iter()?.any(is_connected) {
break Ok(readers);
}
match SystemTime::now().duration_since(start) {
Ok(end) if end >= FIFTEEN_SECONDS => return Err(Error::TimedOut),
_ => sleep(ONE_SECOND),
}
}
}
/// Looks for agent processes that might be holding exclusive access to a YubiKey, and
/// asks them as nicely as possible to release it.
///
/// Returns `true` if any known agent was running and was successfully interrupted (or
/// killed if the platform doesn't support interrupts).
fn hunt_agents() -> bool {
debug!("Sharing violation encountered, looking for agent processes");
use sysinfo::{ProcessExt, ProcessRefreshKind, RefreshKind, Signal, System, SystemExt};
let mut interrupted = false;
let sys =
System::new_with_specifics(RefreshKind::new().with_processes(ProcessRefreshKind::new()));
for process in sys.processes().values() {
match process.name() {
"scdaemon" | "scdaemon.exe" => {
// gpg-agent runs scdaemon to interact with smart cards. The canonical way
// to reload it is `gpgconf --reload scdaemon`, which kills and restarts
// the process. We emulate that here with SIGINT (which it listens to).
if process
.kill_with(Signal::Interrupt)
.unwrap_or_else(|| process.kill())
{
debug!("Stopped scdaemon (PID {})", process.pid());
interrupted = true;
}
}
"yubikey-agent" | "yubikey-agent.exe" => {
// yubikey-agent releases all YubiKey locks when it receives a SIGHUP.
match process.kill_with(Signal::Hangup) {
Some(true) => {
debug!("Sent SIGHUP to yubikey-agent (PID {})", process.pid());
interrupted = true;
}
Some(false) => (),
None => debug!(
"Found yubikey-agent (PID {}) but platform doesn't support SIGHUP",
process.pid(),
),
}
}
_ => (),
}
}
// If we did interrupt an agent, pause briefly to allow it to finish up.
if interrupted {
sleep(Duration::from_millis(100));
}
interrupted
}
fn open_sesame(
op: impl Fn() -> Result<YubiKey, yubikey::Error>,
) -> Result<YubiKey, yubikey::Error> {
op().or_else(|e| match e {
yubikey::Error::PcscError {
inner: Some(pcsc::Error::SharingViolation),
} if hunt_agents() => op(),
_ => Err(e),
})
}
/// Opens a connection to this reader, returning a `YubiKey` if successful.
///
/// This is equivalent to [`Reader::open`], but additionally handles the presence of
/// agents (which can indefinitely hold exclusive access to a YubiKey).
pub(crate) fn open_connection(reader: &Reader) -> Result<YubiKey, yubikey::Error> {
open_sesame(|| reader.open())
}
/// Opens a YubiKey with a specific serial number.
///
/// This is equivalent to [`YubiKey::open_by_serial`], but additionally handles the
/// presence of agents (which can indefinitely hold exclusive access to a YubiKey).
fn open_by_serial(serial: Serial) -> Result<YubiKey, yubikey::Error> {
// `YubiKey::open_by_serial` has a bug where it ignores all opening errors, even if
// it potentially could have found a matching YubiKey if not for an error, and thus
// returns `Error::NotFound` if another agent is holding exclusive access to the
// required YubiKey. This gives misleading UX behaviour where age-plugin-yubikey asks
// the user to insert a YubiKey they have already inserted.
//
// For now, we instead implement the correct behaviour manually. Once MSRV has been
// raised to 1.60, we can upstream this into the `yubikey` crate.
open_sesame(|| {
let mut readers = Context::open()?;
let mut open_error = None;
for reader in readers.iter()? {
let yubikey = match reader.open() {
Ok(yk) => yk,
Err(e) => {
// Save the first error we see that indicates we might have been able
// to find a matching YubiKey.
if open_error.is_none() {
if let yubikey::Error::PcscError {
inner: Some(pcsc::Error::SharingViolation),
} = e
{
open_error = Some(e);
}
}
continue;
}
};
if serial == yubikey.serial() {
return Ok(yubikey);
} else {
// We didn't want this YubiKey; don't reset it.
disconnect_without_reset(yubikey);
}
}
Err(if let Some(e) = open_error {
e
} else {
error!("no YubiKey detected with serial: {}", serial);
yubikey::Error::NotFound
})
})
}
pub(crate) fn open(serial: Option<Serial>) -> Result<YubiKey, Error> {
if !Context::open()?.iter()?.any(is_connected) {
if let Some(serial) = serial {
eprintln!(
"{}",
fl!("open-yk-with-serial", yubikey_serial = serial.to_string())
);
} else {
eprintln!("{}", fl!("open-yk-without-serial"));
}
}
let mut readers = wait_for_readers()?;
let mut readers_iter = readers.iter()?.filter(filter_connected);
// --serial selects the YubiKey to use. If not provided, and more than one YubiKey is
// connected, an error is returned.
let yubikey = match (readers_iter.next(), readers_iter.next(), serial) {
(None, _, _) => unreachable!(),
(Some(reader), None, None) => open_connection(&reader)?,
(Some(reader), None, Some(serial)) => {
let yubikey = open_connection(&reader)?;
if yubikey.serial() != serial {
return Err(Error::NoMatchingSerial(serial));
}
yubikey
}
(Some(a), Some(b), Some(serial)) => {
let reader = iter::empty()
.chain(Some(a))
.chain(Some(b))
.chain(readers_iter)
.find(|reader| match open_connection(reader) {
Ok(yk) => yk.serial() == serial,
_ => false,
})
.ok_or(Error::NoMatchingSerial(serial))?;
open_connection(&reader)?
}
(Some(_), Some(_), None) => return Err(Error::MultipleYubiKeys),
};
Ok(yubikey)
}
/// Disconnect from the YubiKey without resetting it.
///
/// This can be used to preserve the YubiKey's PIN and touch caches. There are two cases
/// where we want to do this:
///
/// - We connected to this YubiKey in a read-only context, so we have not made any changes
/// to the YubiKey's state. However, we might have asked an agent to release the YubiKey
/// in `key::open_connection`, and we want to allow any state it may have left behind
/// (such as cached PINs or touches) to persist beyond our execution, for usability.
/// - We opened this connection in a decryption context, so the only changes to the
/// YubiKey's state were to potentially cache the PIN and/or touch (depending on the
/// policies of the slot). We want to allow these to persist beyond our execution, for
/// usability.
pub(crate) fn disconnect_without_reset(yubikey: YubiKey) {
let _ = yubikey.disconnect(pcsc::Disposition::LeaveCard);
}
fn request_pin<E>(
mut prompt: impl FnMut(Option<String>) -> io::Result<Result<SecretString, E>>,
serial: Serial,
) -> io::Result<Result<SecretString, E>> {
let mut prev_error = None;
loop {
prev_error = Some(match prompt(prev_error)? {
Ok(pin) => match pin.expose_secret().len() {
// A PIN must be between 6 and 8 characters.
6..=8 => break Ok(Ok(pin)),
// If the string is 44 bytes and starts with the YubiKey's serial
// encoded as 12-byte modhex, the user probably touched the YubiKey
// early and "typed" an OTP.
44 if pin.expose_secret().starts_with(&otp_serial_prefix(serial)) => {
fl!("plugin-err-accidental-touch")
}
// Otherwise, the PIN is either too short or too long.
0..=5 => fl!("plugin-err-pin-too-short"),
_ => fl!("plugin-err-pin-too-long"),
},
Err(e) => break Ok(Err(e)),
});
}
}
pub(crate) fn manage(yubikey: &mut YubiKey) -> Result<(), Error> {
const DEFAULT_PIN: &str = "123456";
const DEFAULT_PUK: &str = "12345678";
eprintln!();
let pin = Password::new()
.with_prompt(fl!(
"mgr-enter-pin",
yubikey_serial = yubikey.serial().to_string(),
default_pin = DEFAULT_PIN,
))
.report(true)
.interact()?;
yubikey.verify_pin(pin.as_bytes())?;
// If the user is using the default PIN, help them to change it.
if pin == DEFAULT_PIN {
eprintln!();
eprintln!("{}", fl!("mgr-change-default-pin"));
eprintln!();
let current_puk = Password::new()
.with_prompt(fl!("mgr-enter-current-puk", default_puk = DEFAULT_PUK))
.interact()?;
let new_pin = loop {
let pin = request_pin(
|prev_error| {
if let Some(err) = prev_error {
eprintln!("{}", err);
}
Password::new()
.with_prompt(fl!("mgr-choose-new-pin"))
.with_confirmation(fl!("mgr-repeat-new-pin"), fl!("mgr-pin-mismatch"))
.interact()
.map(|pin| Result::<_, Infallible>::Ok(SecretString::new(pin)))
},
yubikey.serial(),
)?
.unwrap();
if pin.expose_secret() == DEFAULT_PIN {
eprintln!("{}", fl!("mgr-nope-default-pin"));
} else {
break pin;
}
};
let new_pin = new_pin.expose_secret();
yubikey
.change_puk(current_puk.as_bytes(), new_pin.as_bytes())
.map_err(|e| match e {
yubikey::Error::PinLocked => Error::PukLocked,
yubikey::Error::WrongPin { tries } => Error::WrongPuk(tries),
_ => Error::YubiKey(e),
})?;
yubikey.change_pin(pin.as_bytes(), new_pin.as_bytes())?;
}
if let Ok(mgm_key) = MgmKey::get_protected(yubikey) {
yubikey.authenticate(mgm_key)?;
} else {
// Try to authenticate with the default management key.
yubikey
.authenticate(MgmKey::default())
.map_err(|_| Error::CustomManagementKey)?;
// Migrate to a PIN-protected management key.
let mgm_key = MgmKey::generate();
eprintln!();
eprintln!("{}", fl!("mgr-changing-mgmt-key"));
eprint!("... ");
mgm_key.set_protected(yubikey).map_err(|e| {
eprintln!(
"{}",
fl!(
"mgr-changing-mgmt-key-error",
management_key = hex::encode(mgm_key.as_ref()),
)
);
e
})?;
eprintln!("{}", fl!("mgr-changing-mgmt-key-success"));
}
Ok(())
}
/// Returns an iterator of keys that are occupying plugin-compatible slots, along with the
/// corresponding recipient if the key is compatible with this plugin.
pub(crate) fn list_slots(
yubikey: &mut YubiKey,
) -> Result<impl Iterator<Item = (Key, RetiredSlotId, Option<Recipient>)>, Error> {
Ok(Key::list(yubikey)?.into_iter().filter_map(|key| {
// We only use the retired slots.
match key.slot() {
SlotId::Retired(slot) => {
// Only P-256 keys are compatible with us.
let recipient = Recipient::from_certificate(key.certificate());
Some((key, slot, recipient))
}
_ => None,
}
}))
}
/// Returns an iterator of keys that are compatible with this plugin.
pub(crate) fn list_compatible(
yubikey: &mut YubiKey,
) -> Result<impl Iterator<Item = (Key, RetiredSlotId, Recipient)>, Error> {
list_slots(yubikey)
.map(|iter| iter.filter_map(|(key, slot, res)| res.map(|recipient| (key, slot, recipient))))
}
/// A reference to an age key stored in a YubiKey.
#[derive(Debug)]
pub struct Stub {
pub(crate) serial: Serial,
pub(crate) slot: RetiredSlotId,
pub(crate) tag: [u8; TAG_BYTES],
pub(crate) identity_index: usize,
}
impl fmt::Display for Stub {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(
bech32::encode(
IDENTITY_PREFIX,
self.to_bytes().to_base32(),
Variant::Bech32,
)
.expect("HRP is valid")
.to_uppercase()
.as_str(),
)
}
}
impl PartialEq for Stub {
fn eq(&self, other: &Self) -> bool {
self.to_bytes().eq(&other.to_bytes())
}
}
impl Stub {
/// Returns a key stub and recipient for this `(Serial, SlotId, PublicKey)` tuple.
///
/// Does not check that the `PublicKey` matches the given `(Serial, SlotId)` tuple;
/// this is checked at decryption time.
pub(crate) fn new(serial: Serial, slot: RetiredSlotId, recipient: &Recipient) -> Self {
Stub {
serial,
slot,
tag: recipient.tag(),
identity_index: 0,
}
}
pub(crate) fn from_bytes(bytes: &[u8], identity_index: usize) -> Option<Self> {
if bytes.len() < 9 {
return None;
}
let serial = Serial::from(u32::from_le_bytes(bytes[0..4].try_into().unwrap()));
let slot: RetiredSlotId = bytes[4].try_into().ok()?;
Some(Stub {
serial,
slot,
tag: bytes[5..9].try_into().unwrap(),
identity_index,
})
}
fn to_bytes(&self) -> Vec<u8> {
let mut bytes = Vec::with_capacity(9);
bytes.extend_from_slice(&self.serial.0.to_le_bytes());
bytes.push(self.slot.into());
bytes.extend_from_slice(&self.tag);
bytes
}
pub(crate) fn matches(&self, line: &RecipientLine) -> bool {
self.tag == line.tag
}
/// Returns:
/// - `Ok(Ok(Some(connection)))` if we successfully connected to this YubiKey.
/// - `Ok(Ok(None))` if the user told us to skip this YubiKey.
/// - `Ok(Err(_))` if we encountered an error while trying to connect to the YubiKey.
/// - `Err(_)` on communication errors with the age client.
pub(crate) fn connect<E>(
&self,
callbacks: &mut dyn Callbacks<E>,
) -> io::Result<Result<Option<Connection>, identity::Error>> {
let mut yubikey = match open_by_serial(self.serial) {
Ok(yk) => yk,
Err(yubikey::Error::NotFound) => {
let mut message = fl!("plugin-insert-yk", yubikey_serial = self.serial.to_string());
// If the `confirm` command is available, we loop until either the YubiKey
// we want is inserted, or the used explicitly skips.
let yubikey = loop {
match callbacks.confirm(
&message,
&fl!("plugin-yk-is-plugged-in"),
Some(&fl!("plugin-skip-this-yk")),
)? {
// `confirm` command is not available.
Err(age_core::plugin::Error::Unsupported) => break None,
// User told us to skip this key.
Ok(false) => return Ok(Ok(None)),
// User said they plugged it in; try it.
Ok(true) => match open_by_serial(self.serial) {
Ok(yubikey) => break Some(yubikey),
Err(yubikey::Error::NotFound) => (),
Err(_) => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-opening",
yubikey_serial = self.serial.to_string(),
),
}));
}
},
// We can't communicate with the user.
Err(age_core::plugin::Error::Fail) => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-opening",
yubikey_serial = self.serial.to_string(),
),
}))
}
}
// We're going to loop around, meaning that the first attempt failed.
// Change the message to indicate this to the user.
message = fl!(
"plugin-insert-yk-retry",
yubikey_serial = self.serial.to_string(),
);
};
if let Some(yk) = yubikey {
yk
} else {
// `confirm` is not available; fall back to `message` with a timeout.
if callbacks.message(&message)?.is_err() {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-not-found",
yubikey_serial = self.serial.to_string(),
),
}));
}
// Start a 15-second timer waiting for the YubiKey to be inserted
let start = SystemTime::now();
loop {
match open_by_serial(self.serial) {
Ok(yubikey) => break yubikey,
Err(yubikey::Error::NotFound) => (),
Err(_) => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-opening",
yubikey_serial = self.serial.to_string(),
),
}));
}
}
match SystemTime::now().duration_since(start) {
Ok(end) if end >= FIFTEEN_SECONDS => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-timed-out",
yubikey_serial = self.serial.to_string(),
),
}))
}
_ => sleep(ONE_SECOND),
}
}
}
}
Err(_) => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-yk-opening",
yubikey_serial = self.serial.to_string(),
),
}))
}
};
// Read the pubkey from the YubiKey slot and check it still matches.
let (cert, pk) = match Certificate::read(&mut yubikey, SlotId::Retired(self.slot))
.ok()
.and_then(|cert| {
Recipient::from_certificate(&cert)
.filter(|pk| pk.tag() == self.tag)
.map(|pk| (cert, pk))
}) {
Some(pk) => pk,
None => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!("plugin-err-yk-stub-mismatch"),
}))
}
};
Ok(Ok(Some(Connection {
yubikey,
cert,
pk,
slot: self.slot,
tag: self.tag,
identity_index: self.identity_index,
cached_metadata: None,
last_touch: None,
})))
}
}
pub(crate) struct Connection {
yubikey: YubiKey,
cert: Certificate,
pk: Recipient,
slot: RetiredSlotId,
tag: [u8; 4],
identity_index: usize,
cached_metadata: Option<Metadata>,
last_touch: Option<Instant>,
}
impl Connection {
pub(crate) fn recipient(&self) -> &Recipient {
&self.pk
}
pub(crate) fn request_pin_if_necessary<E>(
&mut self,
callbacks: &mut dyn Callbacks<E>,
) -> io::Result<Result<(), identity::Error>> {
// Check if we can skip requesting a PIN.
if self.cached_metadata.is_none() {
self.cached_metadata =
match Metadata::extract(&mut self.yubikey, self.slot, &self.cert, true) {
None => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!("plugin-err-yk-invalid-pin-policy"),
}))
}
metadata => metadata,
};
}
match self.cached_metadata.as_ref().and_then(|m| m.pin_policy) {
Some(PinPolicy::Never) => return Ok(Ok(())),
Some(PinPolicy::Once) if self.yubikey.verify_pin(&[]).is_ok() => return Ok(Ok(())),
_ => (),
}
// The policy requires a PIN, so request it.
let pin = match request_pin(
|prev_error| {
callbacks.request_secret(&format!(
"{}{}{}",
prev_error.as_deref().unwrap_or(""),
prev_error.as_deref().map(|_| " ").unwrap_or(""),
fl!(
"plugin-enter-pin",
yubikey_serial = self.yubikey.serial().to_string(),
)
))
},
self.yubikey.serial(),
)? {
Ok(pin) => pin,
Err(_) => {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: fl!(
"plugin-err-pin-required",
yubikey_serial = self.yubikey.serial().to_string(),
),
}))
}
};
if let Err(e) = self.yubikey.verify_pin(pin.expose_secret().as_bytes()) {
return Ok(Err(identity::Error::Identity {
index: self.identity_index,
message: format!("{:?}", Error::YubiKey(e)),
}));
}
Ok(Ok(()))
}
pub(crate) fn unwrap_file_key(&mut self, line: &RecipientLine) -> Result<FileKey, ()> {
assert_eq!(self.tag, line.tag);
// Check if the touch policy requires a touch.
let needs_touch = match (
self.cached_metadata.as_ref().and_then(|m| m.touch_policy),
self.last_touch,
) {
(Some(TouchPolicy::Always), _) | (Some(TouchPolicy::Cached), None) => true,
(Some(TouchPolicy::Cached), Some(last)) if last.elapsed() >= FIFTEEN_SECONDS => true,
_ => false,
};
// The YubiKey API for performing scalar multiplication takes the point in its
// uncompressed SEC-1 encoding.
let shared_secret = match decrypt_data(
&mut self.yubikey,
line.epk_bytes.decompress().as_bytes(),
AlgorithmId::EccP256,
SlotId::Retired(self.slot),
) {
Ok(res) => res,
Err(_) => return Err(()),
};
// If we requested a touch and reached here, the user touched the YubiKey.
if needs_touch {
if let Some(TouchPolicy::Cached) =
self.cached_metadata.as_ref().and_then(|m| m.touch_policy)
{
self.last_touch = Some(Instant::now());
}
}
let mut salt = vec![];
salt.extend_from_slice(line.epk_bytes.as_bytes());
salt.extend_from_slice(self.pk.to_encoded().as_bytes());
let enc_key = hkdf(&salt, STANZA_KEY_LABEL, shared_secret.as_ref());
// A failure to decrypt is fatal, because we assume that we won't
// encounter 32-bit collisions on the key tag embedded in the header.
match aead_decrypt(&enc_key, FILE_KEY_BYTES, &line.encrypted_file_key) {
Ok(pt) => Ok(TryInto::<[u8; FILE_KEY_BYTES]>::try_into(&pt[..])
.unwrap()
.into()),
Err(_) => Err(()),
}
}
/// Close this connection without resetting the YubiKey.
///
/// This can be used to preserve the YubiKey's PIN and touch caches.
pub(crate) fn disconnect_without_reset(self) {
disconnect_without_reset(self.yubikey);
}
}
#[cfg(test)]
mod tests {
use yubikey::{piv::RetiredSlotId, Serial};
use super::Stub;
#[test]
fn stub_round_trip() {
let stub = Stub {
serial: Serial::from(42),
slot: RetiredSlotId::R1,
tag: [7; 4],
identity_index: 0,
};
let encoded = stub.to_bytes();
assert_eq!(Stub::from_bytes(&[], 0), None);
assert_eq!(Stub::from_bytes(&encoded, 0), Some(stub));
assert_eq!(Stub::from_bytes(&encoded[..encoded.len() - 1], 0), None);
}
}

670
src/main.rs Normal file
View File

@@ -0,0 +1,670 @@
#![forbid(unsafe_code)]
use std::fs::{File, OpenOptions};
use std::io::{self, Write};
use age_plugin::run_state_machine;
use dialoguer::{Confirm, Input, Select};
use gumdrop::Options;
use i18n_embed::{
fluent::{fluent_language_loader, FluentLanguageLoader},
DesktopLanguageRequester,
};
use lazy_static::lazy_static;
use rust_embed::RustEmbed;
use yubikey::{piv::RetiredSlotId, reader::Context, PinPolicy, Serial, TouchPolicy};
mod builder;
mod error;
mod format;
mod key;
mod p256;
mod plugin;
mod util;
use error::Error;
const PLUGIN_NAME: &str = "yubikey";
const BINARY_NAME: &str = "age-plugin-yubikey";
const RECIPIENT_PREFIX: &str = "age1yubikey";
const IDENTITY_PREFIX: &str = "age-plugin-yubikey-";
const STANZA_TAG: &str = "piv-p256";
const USABLE_SLOTS: [RetiredSlotId; 20] = [
RetiredSlotId::R1,
RetiredSlotId::R2,
RetiredSlotId::R3,
RetiredSlotId::R4,
RetiredSlotId::R5,
RetiredSlotId::R6,
RetiredSlotId::R7,
RetiredSlotId::R8,
RetiredSlotId::R9,
RetiredSlotId::R10,
RetiredSlotId::R11,
RetiredSlotId::R12,
RetiredSlotId::R13,
RetiredSlotId::R14,
RetiredSlotId::R15,
RetiredSlotId::R16,
RetiredSlotId::R17,
RetiredSlotId::R18,
RetiredSlotId::R19,
RetiredSlotId::R20,
];
#[derive(RustEmbed)]
#[folder = "i18n"]
struct Translations;
const TRANSLATIONS: Translations = Translations {};
lazy_static! {
static ref LANGUAGE_LOADER: FluentLanguageLoader = fluent_language_loader!();
}
#[macro_export]
macro_rules! fl {
($message_id:literal) => {{
i18n_embed_fl::fl!($crate::LANGUAGE_LOADER, $message_id)
}};
($message_id:literal, $($kwarg:expr),* $(,)*) => {{
i18n_embed_fl::fl!($crate::LANGUAGE_LOADER, $message_id, $($kwarg,)*)
}};
}
#[derive(Debug, Options)]
struct PluginOptions {
#[options(help = "Print this help message and exit.")]
help: bool,
#[options(help = "Print version info and exit.", short = "V")]
version: bool,
#[options(
help = "Run the given age plugin state machine. Internal use only.",
meta = "STATE-MACHINE",
no_short
)]
age_plugin: Option<String>,
#[options(help = "Force --generate to overwrite a filled slot.")]
force: bool,
#[options(help = "Generate a new YubiKey identity.")]
generate: bool,
#[options(help = "Print identities stored in connected YubiKeys.")]
identity: bool,
#[options(help = "List recipients for age identities in connected YubiKeys.")]
list: bool,
#[options(
help = "List recipients for all YubiKey keys that are compatible with age.",
no_short
)]
list_all: bool,
#[options(
help = "Name for the generated identity. Defaults to 'age identity HEX_TAG'.",
no_short
)]
name: Option<String>,
#[options(help = "One of [always, once, never]. Defaults to 'once'.", no_short)]
pin_policy: Option<String>,
#[options(
help = "Specify which YubiKey to use, if more than one is plugged in.",
no_short
)]
serial: Option<u32>,
#[options(
help = "Specify which slot to use. Defaults to first usable slot.",
no_short
)]
slot: Option<u8>,
#[options(
help = "One of [always, cached, never]. Defaults to 'always'.",
no_short
)]
touch_policy: Option<String>,
}
struct PluginFlags {
serial: Option<Serial>,
slot: Option<RetiredSlotId>,
name: Option<String>,
pin_policy: Option<PinPolicy>,
touch_policy: Option<TouchPolicy>,
force: bool,
}
impl TryFrom<PluginOptions> for PluginFlags {
type Error = Error;
fn try_from(opts: PluginOptions) -> Result<Self, Self::Error> {
let serial = opts.serial.map(|s| s.into());
let slot = opts.slot.map(util::ui_to_slot).transpose()?;
let pin_policy = opts
.pin_policy
.map(util::pin_policy_from_string)
.transpose()?;
let touch_policy = opts
.touch_policy
.map(util::touch_policy_from_string)
.transpose()?;
Ok(PluginFlags {
serial,
slot,
name: opts.name,
pin_policy,
touch_policy,
force: opts.force,
})
}
}
fn generate(flags: PluginFlags) -> Result<(), Error> {
let mut yubikey = key::open(flags.serial)?;
let (stub, recipient, metadata) = builder::IdentityBuilder::new(flags.slot)
.with_name(flags.name)
.with_pin_policy(flags.pin_policy)
.with_touch_policy(flags.touch_policy)
.force(flags.force)
.build(&mut yubikey)?;
util::print_identity(stub, recipient, metadata);
// We have written to the YubiKey, which means we've authenticated with the management
// key. Out of an abundance of caution, we let the YubiKey be reset on disconnect,
// which will clear its PIN and touch caches. This has as small negative UX effect,
// but identity generation is a relatively infrequent occurrence, and users are more
// likely to see their cached PINs reset due to switching applets (e.g. from PIV to
// FIDO2).
Ok(())
}
fn print_single(
serial: Option<Serial>,
slot: RetiredSlotId,
printer: impl Fn(key::Stub, p256::Recipient, util::Metadata),
) -> Result<(), Error> {
let mut yubikey = key::open(serial)?;
let (key, slot, recipient) = key::list_compatible(&mut yubikey)?
.find(|(_, s, _)| s == &slot)
.ok_or(Error::SlotHasNoIdentity(slot))?;
let stub = key::Stub::new(yubikey.serial(), slot, &recipient);
let metadata = util::Metadata::extract(&mut yubikey, slot, key.certificate(), true).unwrap();
printer(stub, recipient, metadata);
key::disconnect_without_reset(yubikey);
Ok(())
}
fn print_multiple(
kind: &str,
serial: Option<Serial>,
all: bool,
printer: impl Fn(key::Stub, p256::Recipient, util::Metadata),
) -> Result<(), Error> {
let mut readers = Context::open()?;
let mut printed = 0;
for reader in readers.iter()?.filter(key::filter_connected) {
let mut yubikey = key::open_connection(&reader)?;
if let Some(serial) = serial {
if yubikey.serial() != serial {
continue;
}
}
for (key, slot, recipient) in key::list_compatible(&mut yubikey)? {
let stub = key::Stub::new(yubikey.serial(), slot, &recipient);
let metadata = match util::Metadata::extract(&mut yubikey, slot, key.certificate(), all)
{
Some(res) => res,
None => continue,
};
printer(stub, recipient, metadata);
printed += 1;
println!();
}
println!();
key::disconnect_without_reset(yubikey);
}
if printed > 1 {
eprintln!("{}", fl!("printed-multiple", kind = kind, count = printed));
}
Ok(())
}
fn print_details(
kind: &str,
flags: PluginFlags,
all: bool,
printer: impl Fn(key::Stub, p256::Recipient, util::Metadata),
) -> Result<(), Error> {
if let Some(slot) = flags.slot {
print_single(flags.serial, slot, printer)
} else {
print_multiple(kind, flags.serial, all, printer)
}
}
fn identity(flags: PluginFlags) -> Result<(), Error> {
if flags.force {
return Err(Error::InvalidFlagCommand(
"--force".into(),
"--identity".into(),
));
}
print_details(
&fl!("printed-kind-identities"),
flags,
false,
util::print_identity,
)
}
fn list(flags: PluginFlags, all: bool) -> Result<(), Error> {
if all && flags.slot.is_some() {
return Err(Error::UseListForSingleSlot);
}
if flags.force {
return Err(Error::InvalidFlagCommand(
"--force".into(),
format!("--list{}", if all { "-all" } else { "" }),
));
}
print_details(
&fl!("printed-kind-recipients"),
flags,
all,
|_, recipient, metadata| {
println!("{}", metadata);
println!("{}", recipient);
},
)
}
fn main() -> Result<(), Error> {
env_logger::builder()
.format_timestamp(None)
.filter_level(log::LevelFilter::Off)
.parse_default_env()
.init();
let requested_languages = DesktopLanguageRequester::requested_languages();
i18n_embed::select(&*LANGUAGE_LOADER, &TRANSLATIONS, &requested_languages).unwrap();
// Unfortunately the common Windows terminals don't support Unicode Directionality
// Isolation Marks, so we disable them for now.
LANGUAGE_LOADER.set_use_isolating(false);
let opts = PluginOptions::parse_args_default_or_exit();
if [opts.generate, opts.identity, opts.list, opts.list_all]
.iter()
.filter(|&&b| b)
.count()
> 1
{
return Err(Error::MultipleCommands);
}
if let Some(state_machine) = opts.age_plugin {
run_state_machine(
&state_machine,
plugin::RecipientPlugin::default,
plugin::IdentityPlugin::default,
)?;
Ok(())
} else if opts.version {
println!("age-plugin-yubikey {}", env!("CARGO_PKG_VERSION"));
Ok(())
} else if opts.generate {
generate(opts.try_into()?)
} else if opts.identity {
identity(opts.try_into()?)
} else if opts.list {
list(opts.try_into()?, false)
} else if opts.list_all {
list(opts.try_into()?, true)
} else {
if opts.force {
return Err(Error::InvalidFlagTui("--force".into()));
}
let flags: PluginFlags = opts.try_into()?;
eprintln!(
"{}",
fl!(
"cli-setup-intro",
generate_usage = "age-plugin-yubikey --generate",
)
);
eprintln!();
if !Context::open()?.iter()?.any(key::is_connected) {
eprintln!("{}", fl!("cli-setup-insert-yk"));
};
let mut readers = key::wait_for_readers()?;
// Filter out readers we can't connect to.
let readers_list: Vec<_> = readers.iter()?.filter(key::filter_connected).collect();
let reader_names = readers_list
.iter()
.map(|reader| {
key::open_connection(reader).map(|yk| {
let name = fl!(
"cli-setup-yk-name",
yubikey_name = reader.name(),
yubikey_serial = yk.serial().to_string(),
);
key::disconnect_without_reset(yk);
name
})
})
.collect::<Result<Vec<_>, _>>()?;
let mut yubikey = match Select::new()
.with_prompt(fl!("cli-setup-select-yk"))
.items(&reader_names)
.default(0)
.report(true)
.interact_opt()?
{
Some(yk) => readers_list[yk].open()?,
None => return Ok(()),
};
let keys = key::list_slots(&mut yubikey)?.collect::<Vec<_>>();
// Identify slots that we can't allow the user to select.
let slot_details: Vec<_> = USABLE_SLOTS
.iter()
.map(|&slot| {
keys.iter()
.find(|(_, s, _)| s == &slot)
.map(|(key, _, recipient)| {
recipient.as_ref().map(|_| {
// Cache the details we need to display to the user.
let (_, cert) =
x509_parser::parse_x509_certificate(key.certificate().as_ref())
.unwrap();
let (name, _) = util::extract_name(&cert, true).unwrap();
let created = cert
.validity()
.not_before
.to_rfc2822()
.unwrap_or_else(|e| format!("Invalid date: {}", e));
format!("{}, created: {}", name, created)
})
})
})
.collect();
let slots: Vec<_> = slot_details
.iter()
.enumerate()
.map(|(i, occupied)| {
// Use 1-indexing in the UI for niceness
let i = i + 1;
match occupied {
Some(Some(name)) => fl!(
"cli-setup-slot-usable",
slot_index = i,
slot_name = name.as_str(),
),
Some(None) => fl!("cli-setup-slot-unusable", slot_index = i),
None => fl!("cli-setup-slot-empty", slot_index = i),
}
})
.collect();
let ((stub, recipient, metadata), is_new) = {
let (slot_index, slot) = loop {
match Select::new()
.with_prompt(fl!("cli-setup-select-slot"))
.items(&slots)
.default(0)
.report(true)
.interact_opt()?
{
Some(slot) => {
if let Some(None) = slot_details[slot] {
} else {
break (slot + 1, USABLE_SLOTS[slot]);
}
}
None => return Ok(()),
}
};
if let Some((key, _, recipient)) = keys.into_iter().find(|(_, s, _)| s == &slot) {
let recipient = recipient.expect("We checked this above");
if Confirm::new()
.with_prompt(fl!("cli-setup-use-existing", slot_index = slot_index))
.report(true)
.interact()?
{
let stub = key::Stub::new(yubikey.serial(), slot, &recipient);
let metadata =
util::Metadata::extract(&mut yubikey, slot, key.certificate(), true)
.unwrap();
key::disconnect_without_reset(yubikey);
((stub, recipient, metadata), false)
} else {
key::disconnect_without_reset(yubikey);
return Ok(());
}
} else {
let name = Input::<String>::new()
.with_prompt(format!(
"{} [{}]",
fl!("cli-setup-name-identity"),
flags.name.as_deref().unwrap_or("age identity TAG_HEX")
))
.allow_empty(true)
.report(true)
.interact_text()?;
let mut displayed_yk4_warning = false;
let pin_policy = loop {
let pin_policy = match Select::new()
.with_prompt(fl!("cli-setup-select-pin-policy"))
.items(&[
fl!("pin-policy-always"),
fl!("pin-policy-once"),
fl!("pin-policy-never"),
])
.default(
[PinPolicy::Always, PinPolicy::Once, PinPolicy::Never]
.iter()
.position(|p| {
p == &flags.pin_policy.unwrap_or(builder::DEFAULT_PIN_POLICY)
})
.unwrap(),
)
.report(true)
.interact_opt()?
{
Some(0) => PinPolicy::Always,
Some(1) => PinPolicy::Once,
Some(2) => PinPolicy::Never,
Some(_) => unreachable!(),
None => return Ok(()),
};
// We can't preserve the PIN cache for YubiKey 4 series, because to
// retrieve the serial we switch to the OTP applet.
match (pin_policy, yubikey.version().major) {
(PinPolicy::Once, 4) => {
if !displayed_yk4_warning {
eprintln!();
eprintln!("{}", fl!("cli-setup-yk4-pin-policy"));
eprintln!();
displayed_yk4_warning = true;
}
if Confirm::new()
.with_prompt(fl!("cli-setup-yk4-pin-policy-confirm"))
.report(true)
.interact()?
{
break pin_policy;
}
}
_ => break pin_policy,
}
};
let touch_policy = match Select::new()
.with_prompt(fl!("cli-setup-select-touch-policy"))
.items(&[
fl!("touch-policy-always"),
fl!("touch-policy-cached"),
fl!("touch-policy-never"),
])
.default(
[TouchPolicy::Always, TouchPolicy::Cached, TouchPolicy::Never]
.iter()
.position(|p| {
p == &flags.touch_policy.unwrap_or(builder::DEFAULT_TOUCH_POLICY)
})
.unwrap(),
)
.report(true)
.interact_opt()?
{
Some(0) => TouchPolicy::Always,
Some(1) => TouchPolicy::Cached,
Some(2) => TouchPolicy::Never,
Some(_) => unreachable!(),
None => return Ok(()),
};
if Confirm::new()
.with_prompt(fl!("cli-setup-generate-new", slot_index = slot_index))
.report(true)
.interact()?
{
eprintln!();
(
builder::IdentityBuilder::new(Some(slot))
.with_name(match name {
s if s.is_empty() => flags.name,
s => Some(s),
})
.with_pin_policy(Some(pin_policy))
.with_touch_policy(Some(touch_policy))
.build(&mut yubikey)?,
true,
)
} else {
key::disconnect_without_reset(yubikey);
return Ok(());
}
}
};
eprintln!();
let file_name = Input::<String>::new()
.with_prompt(fl!("cli-setup-identity-file-name"))
.default(format!(
"age-yubikey-identity-{}.txt",
hex::encode(stub.tag)
))
.report(true)
.interact_text()?;
let mut file = match OpenOptions::new()
.create_new(true)
.write(true)
.open(&file_name)
{
Ok(file) => file,
Err(e) if e.kind() == io::ErrorKind::AlreadyExists => {
if Confirm::new()
.with_prompt(fl!("cli-setup-identity-file-exists"))
.report(true)
.interact()?
{
File::create(&file_name)?
} else {
return Ok(());
}
}
Err(e) => return Err(e.into()),
};
writeln!(
file,
"{}",
fl!(
"yubikey-identity",
yubikey_metadata = metadata.to_string(),
recipient = recipient.to_string(),
identity = stub.to_string(),
)
)?;
file.sync_data()?;
// If `rage` binary is installed, use it in examples. Otherwise default to `age`.
let age_binary = which::which("rage").map(|_| "rage").unwrap_or("age");
let encrypt_usage = format!(
"$ cat foo.txt | {} -r {} -o foo.txt.age",
age_binary, recipient
);
let decrypt_usage = format!(
"$ cat foo.txt.age | {} -d -i {} > foo.txt",
age_binary, file_name
);
let identity_usage = format!(
"$ age-plugin-yubikey -i --serial {} --slot {} > {}",
stub.serial,
util::slot_to_ui(&stub.slot),
file_name,
);
let recipient_usage = format!(
"$ age-plugin-yubikey -l --serial {} --slot {}",
stub.serial,
util::slot_to_ui(&stub.slot),
);
eprintln!();
eprintln!(
"{}",
fl!(
"cli-setup-finished",
is_new = if is_new { "true" } else { "false" },
recipient = recipient.to_string(),
encrypt_usage = encrypt_usage,
decrypt_usage = decrypt_usage,
identity_usage = identity_usage,
recipient_usage = recipient_usage,
)
);
Ok(())
}
}

80
src/p256.rs Normal file
View File

@@ -0,0 +1,80 @@
use bech32::{ToBase32, Variant};
use p256::elliptic_curve::sec1::{FromEncodedPoint, ToEncodedPoint};
use sha2::{Digest, Sha256};
use yubikey::{certificate::PublicKeyInfo, Certificate};
use std::fmt;
use crate::RECIPIENT_PREFIX;
pub(crate) const TAG_BYTES: usize = 4;
/// Wrapper around a compressed secp256r1 curve point.
#[derive(Clone)]
pub struct Recipient(p256::PublicKey);
impl fmt::Debug for Recipient {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Recipient({:?})", self.to_encoded().as_bytes())
}
}
impl fmt::Display for Recipient {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.write_str(
bech32::encode(
RECIPIENT_PREFIX,
self.to_encoded().as_bytes().to_base32(),
Variant::Bech32,
)
.expect("HRP is valid")
.as_str(),
)
}
}
impl Recipient {
/// Attempts to parse a valid YubiKey recipient from its compressed SEC-1 byte encoding.
pub(crate) fn from_bytes(bytes: &[u8]) -> Option<Self> {
let encoded = p256::EncodedPoint::from_bytes(bytes).ok()?;
if encoded.is_compressed() {
Self::from_encoded(&encoded)
} else {
None
}
}
pub(crate) fn from_certificate(cert: &Certificate) -> Option<Self> {
Self::from_spki(cert.subject_pki())
}
pub(crate) fn from_spki(spki: &PublicKeyInfo) -> Option<Self> {
match spki {
PublicKeyInfo::EcP256(pubkey) => Self::from_encoded(pubkey),
_ => None,
}
}
/// Attempts to parse a valid YubiKey recipient from its SEC-1 encoding.
///
/// This accepts both compressed (as used by the plugin) and uncompressed (as used in
/// the YubiKey certificate) encodings.
fn from_encoded(encoded: &p256::EncodedPoint) -> Option<Self> {
Option::from(p256::PublicKey::from_encoded_point(encoded)).map(Recipient)
}
/// Returns the compressed SEC-1 encoding of this recipient.
pub(crate) fn to_encoded(&self) -> p256::EncodedPoint {
self.0.to_encoded_point(true)
}
pub(crate) fn tag(&self) -> [u8; TAG_BYTES] {
let tag = Sha256::digest(self.to_encoded().as_bytes());
(&tag[0..TAG_BYTES]).try_into().expect("length is correct")
}
/// Exposes the wrapped public key.
pub(crate) fn public_key(&self) -> &p256::PublicKey {
&self.0
}
}

257
src/plugin.rs Normal file
View File

@@ -0,0 +1,257 @@
use age_core::format::{FileKey, Stanza};
use age_plugin::{
identity::{self, IdentityPluginV1},
recipient::{self, RecipientPluginV1},
Callbacks,
};
use std::collections::HashMap;
use std::io;
use crate::{fl, format, key, p256::Recipient, PLUGIN_NAME};
#[derive(Debug, Default)]
pub(crate) struct RecipientPlugin {
recipients: Vec<Recipient>,
yubikeys: Vec<key::Stub>,
}
impl RecipientPluginV1 for RecipientPlugin {
fn add_recipient(
&mut self,
index: usize,
plugin_name: &str,
bytes: &[u8],
) -> Result<(), recipient::Error> {
if let Some(pk) = if plugin_name == PLUGIN_NAME {
Recipient::from_bytes(bytes)
} else {
None
} {
self.recipients.push(pk);
Ok(())
} else {
Err(recipient::Error::Recipient {
index,
message: fl!("plugin-err-invalid-recipient"),
})
}
}
fn add_identity(
&mut self,
index: usize,
plugin_name: &str,
bytes: &[u8],
) -> Result<(), recipient::Error> {
if let Some(stub) = if plugin_name == PLUGIN_NAME {
key::Stub::from_bytes(bytes, index)
} else {
None
} {
self.yubikeys.push(stub);
Ok(())
} else {
Err(recipient::Error::Identity {
index,
message: fl!("plugin-err-invalid-identity"),
})
}
}
fn wrap_file_keys(
&mut self,
file_keys: Vec<FileKey>,
mut callbacks: impl Callbacks<recipient::Error>,
) -> io::Result<Result<Vec<Vec<Stanza>>, Vec<recipient::Error>>> {
// Connect to any listed YubiKey identities to obtain the corresponding recipients.
let mut yk_recipients = vec![];
let mut yk_errors = vec![];
for stub in &self.yubikeys {
match stub.connect(&mut callbacks)? {
Ok(Some(conn)) => yk_recipients.push(conn.recipient().clone()),
Ok(None) => yk_errors.push(recipient::Error::Identity {
index: stub.identity_index,
message: fl!(
"plugin-err-yk-opening",
yubikey_serial = stub.serial.to_string(),
),
}),
Err(e) => yk_errors.push(match e {
identity::Error::Identity { index, message } => {
recipient::Error::Identity { index, message }
}
// stub.connect() only returns identity::Error::Identity
_ => unreachable!(),
}),
}
}
// If any errors occurred while fetching recipients from YubiKeys, don't encrypt
// the file to any of the other recipients.
Ok(if yk_errors.is_empty() {
Ok(file_keys
.into_iter()
.map(|file_key| {
self.recipients
.iter()
.chain(yk_recipients.iter())
.map(|pk| format::RecipientLine::wrap_file_key(&file_key, pk).into())
.collect()
})
.collect())
} else {
Err(yk_errors)
})
}
}
#[derive(Debug, Default)]
pub(crate) struct IdentityPlugin {
yubikeys: Vec<key::Stub>,
}
impl IdentityPluginV1 for IdentityPlugin {
fn add_identity(
&mut self,
index: usize,
plugin_name: &str,
bytes: &[u8],
) -> Result<(), identity::Error> {
if let Some(stub) = if plugin_name == PLUGIN_NAME {
key::Stub::from_bytes(bytes, index)
} else {
None
} {
self.yubikeys.push(stub);
Ok(())
} else {
Err(identity::Error::Identity {
index,
message: fl!("plugin-err-invalid-identity"),
})
}
}
fn unwrap_file_keys(
&mut self,
files: Vec<Vec<Stanza>>,
mut callbacks: impl Callbacks<identity::Error>,
) -> io::Result<HashMap<usize, Result<FileKey, Vec<identity::Error>>>> {
let mut file_keys = HashMap::with_capacity(files.len());
// Filter to files / stanzas for which we have matching YubiKeys
let mut candidate_stanzas: Vec<(&key::Stub, HashMap<usize, Vec<format::RecipientLine>>)> =
self.yubikeys
.iter()
.map(|stub| (stub, HashMap::new()))
.collect();
for (file, stanzas) in files.iter().enumerate() {
for (stanza_index, stanza) in stanzas.iter().enumerate() {
match (
format::RecipientLine::from_stanza(stanza).map(|res| {
res.map_err(|_| identity::Error::Stanza {
file_index: file,
stanza_index,
message: fl!("plugin-err-invalid-stanza"),
})
}),
file_keys.contains_key(&file),
) {
// Only record candidate stanzas for files without structural errors.
(Some(Ok(line)), false) => {
// A line will match at most one YubiKey.
if let Some(files) =
candidate_stanzas.iter_mut().find_map(|(stub, files)| {
if stub.matches(&line) {
Some(files)
} else {
None
}
})
{
files.entry(file).or_default().push(line);
}
}
(Some(Err(e)), _) => {
// This is a structurally-invalid stanza, so we MUST return errors
// and MUST NOT unwrap any stanzas in the same file. Let's collect
// these errors to return to the client.
match file_keys.entry(file).or_insert_with(|| Err(vec![])) {
Err(errors) => errors.push(e),
Ok(_) => unreachable!(),
}
// Drop any existing candidate stanzas from this file.
for (_, candidates) in candidate_stanzas.iter_mut() {
candidates.remove(&file);
}
}
_ => (),
}
}
}
// Sort by effectiveness (YubiKey that can trial-decrypt the most stanzas)
candidate_stanzas.sort_by_key(|(_, files)| {
files
.iter()
.map(|(_, stanzas)| stanzas.len())
.sum::<usize>()
});
candidate_stanzas.reverse();
// Remove any YubiKeys without stanzas.
candidate_stanzas.retain(|(_, files)| {
files
.iter()
.map(|(_, stanzas)| stanzas.len())
.sum::<usize>()
> 0
});
for (stub, files) in candidate_stanzas.iter() {
let mut conn = match stub.connect(&mut callbacks)? {
// The user skipped this YubiKey.
Ok(None) => continue,
// We connected to this YubiKey.
Ok(Some(conn)) => conn,
// We failed to connect to this YubiKey.
Err(e) => {
callbacks.error(e)?.unwrap();
continue;
}
};
if let Err(e) = conn.request_pin_if_necessary(&mut callbacks)? {
callbacks.error(e)?.unwrap();
continue;
}
for (&file_index, stanzas) in files {
if file_keys.contains_key(&file_index) {
// We decrypted this file with an earlier YubiKey.
continue;
}
for (stanza_index, line) in stanzas.iter().enumerate() {
match conn.unwrap_file_key(line) {
Ok(file_key) => {
// We've managed to decrypt this file!
file_keys.entry(file_index).or_insert(Ok(file_key));
break;
}
Err(_) => callbacks
.error(identity::Error::Stanza {
file_index,
stanza_index,
message: fl!("plugin-err-decryption-failed"),
})?
.unwrap(),
}
}
}
conn.disconnect_without_reset();
}
Ok(file_keys)
}
}

221
src/util.rs Normal file
View File

@@ -0,0 +1,221 @@
use std::fmt;
use std::iter;
use x509_parser::{certificate::X509Certificate, der_parser::oid::Oid};
use yubikey::{
piv::{RetiredSlotId, SlotId},
Certificate, PinPolicy, Serial, TouchPolicy, YubiKey,
};
use crate::fl;
use crate::{error::Error, key::Stub, p256::Recipient, BINARY_NAME, USABLE_SLOTS};
pub(crate) const POLICY_EXTENSION_OID: &[u64] = &[1, 3, 6, 1, 4, 1, 41482, 3, 8];
pub(crate) fn ui_to_slot(slot: u8) -> Result<RetiredSlotId, Error> {
// Use 1-indexing in the UI for niceness
USABLE_SLOTS
.get(slot as usize - 1)
.cloned()
.ok_or(Error::InvalidSlot(slot))
}
pub(crate) fn slot_to_ui(slot: &RetiredSlotId) -> u8 {
// Use 1-indexing in the UI for niceness
USABLE_SLOTS.iter().position(|s| s == slot).unwrap() as u8 + 1
}
pub(crate) fn pin_policy_from_string(s: String) -> Result<PinPolicy, Error> {
match s.as_str() {
"always" => Ok(PinPolicy::Always),
"once" => Ok(PinPolicy::Once),
"never" => Ok(PinPolicy::Never),
_ => Err(Error::InvalidPinPolicy(s)),
}
}
pub(crate) fn touch_policy_from_string(s: String) -> Result<TouchPolicy, Error> {
match s.as_str() {
"always" => Ok(TouchPolicy::Always),
"cached" => Ok(TouchPolicy::Cached),
"never" => Ok(TouchPolicy::Never),
_ => Err(Error::InvalidTouchPolicy(s)),
}
}
pub(crate) fn pin_policy_to_str(policy: Option<PinPolicy>) -> String {
match policy {
Some(PinPolicy::Always) => fl!("pin-policy-always"),
Some(PinPolicy::Once) => fl!("pin-policy-once"),
Some(PinPolicy::Never) => fl!("pin-policy-never"),
_ => fl!("unknown-policy"),
}
}
pub(crate) fn touch_policy_to_str(policy: Option<TouchPolicy>) -> String {
match policy {
Some(TouchPolicy::Always) => fl!("touch-policy-always"),
Some(TouchPolicy::Cached) => fl!("touch-policy-cached"),
Some(TouchPolicy::Never) => fl!("touch-policy-never"),
_ => fl!("unknown-policy"),
}
}
const MODHEX: &str = "cbdefghijklnrtuv";
pub(crate) fn otp_serial_prefix(serial: Serial) -> String {
iter::repeat(0)
.take(4)
.chain((0..8).rev().map(|i| (serial.0 >> (4 * i)) & 0x0f))
.map(|i| MODHEX.char_indices().nth(i as usize).unwrap().1)
.collect()
}
pub(crate) fn extract_name(cert: &X509Certificate, all: bool) -> Option<(String, bool)> {
// Look at Subject Organization to determine if we created this.
match cert.subject().iter_organization().next() {
Some(org) if org.as_str() == Ok(BINARY_NAME) => {
// We store the identity name as a Common Name attribute.
let name = cert
.subject()
.iter_common_name()
.next()
.and_then(|cn| cn.as_str().ok())
.map(|s| s.to_owned())
.unwrap_or_default(); // TODO: This should always be present.
Some((name, true))
}
_ => {
// Not one of ours, but we've already filtered for compatibility.
if !all {
return None;
}
// Display the entire subject.
let name = cert.subject().to_string();
Some((name, false))
}
}
}
pub(crate) struct Metadata {
serial: Serial,
slot: RetiredSlotId,
name: String,
created: String,
pub(crate) pin_policy: Option<PinPolicy>,
pub(crate) touch_policy: Option<TouchPolicy>,
}
impl Metadata {
pub(crate) fn extract(
yubikey: &mut YubiKey,
slot: RetiredSlotId,
cert: &Certificate,
all: bool,
) -> Option<Self> {
let (_, cert) = x509_parser::parse_x509_certificate(cert.as_ref()).ok()?;
// We store the PIN and touch policies for identities in their certificates
// using the same certificate extension as PIV attestations.
// https://developers.yubico.com/PIV/Introduction/PIV_attestation.html
let policies = |c: &X509Certificate| {
c.tbs_certificate
.get_extension_unique(&Oid::from(POLICY_EXTENSION_OID).unwrap())
// If the extension is duplicated, we assume it is invalid.
.ok()
.flatten()
// If the encoded extension doesn't have 2 bytes, we assume it is invalid.
.filter(|policy| policy.value.len() >= 2)
.map(|policy| {
// We should only ever see one of three values for either policy, but
// handle unknown values just in case.
let pin_policy = match policy.value[0] {
0x01 => Some(PinPolicy::Never),
0x02 => Some(PinPolicy::Once),
0x03 => Some(PinPolicy::Always),
_ => None,
};
let touch_policy = match policy.value[1] {
0x01 => Some(TouchPolicy::Never),
0x02 => Some(TouchPolicy::Always),
0x03 => Some(TouchPolicy::Cached),
_ => None,
};
(pin_policy, touch_policy)
})
.unwrap_or((None, None))
};
extract_name(&cert, all)
.map(|(name, ours)| {
if ours {
let (pin_policy, touch_policy) = policies(&cert);
(name, pin_policy, touch_policy)
} else {
// We can extract the PIN and touch policies via an attestation. This
// is slow, but the user has asked for all compatible keys, so...
let (pin_policy, touch_policy) =
yubikey::piv::attest(yubikey, SlotId::Retired(slot))
.ok()
.and_then(|buf| {
x509_parser::parse_x509_certificate(&buf)
.map(|(_, c)| policies(&c))
.ok()
})
.unwrap_or((None, None));
(name, pin_policy, touch_policy)
}
})
.map(|(name, pin_policy, touch_policy)| Metadata {
serial: yubikey.serial(),
slot,
name,
created: cert
.validity()
.not_before
.to_rfc2822()
.unwrap_or_else(|e| format!("Invalid date: {}", e)),
pin_policy,
touch_policy,
})
}
}
impl fmt::Display for Metadata {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(
f,
"{}",
fl!(
"yubikey-metadata",
serial = self.serial.to_string(),
slot = slot_to_ui(&self.slot),
name = self.name.as_str(),
created = self.created.as_str(),
pin_policy = pin_policy_to_str(self.pin_policy),
touch_policy = touch_policy_to_str(self.touch_policy),
)
)
}
}
pub(crate) fn print_identity(stub: Stub, recipient: Recipient, metadata: Metadata) {
let recipient = recipient.to_string();
if !console::user_attended() {
let recipient = recipient.as_str();
eprintln!("{}", fl!("print-recipient", recipient = recipient));
}
println!(
"{}",
fl!(
"yubikey-identity",
yubikey_metadata = metadata.to_string(),
recipient = recipient,
identity = stub.to_string(),
)
);
}

125
tests/integration.rs Normal file
View File

@@ -0,0 +1,125 @@
use std::env;
use std::io::Write;
use std::path::Path;
use std::process::{Command, Stdio};
const PLUGIN_BIN: &str = env!("CARGO_BIN_EXE_age-plugin-yubikey");
#[test_with::env(YUBIKEY_SERIAL, YUBIKEY_SLOT)]
#[cfg_attr(all(unix, not(target_os = "macos")), test_with::executable(pcscd))]
#[test]
fn recipient_and_identity_match() {
let recipient = Command::new(PLUGIN_BIN)
.arg("--list")
.arg("--serial")
.arg(env::var("YUBIKEY_SERIAL").unwrap())
.arg("--slot")
.arg(env::var("YUBIKEY_SLOT").unwrap())
.output()
.unwrap();
assert_eq!(recipient.status.code(), Some(0));
let identity = Command::new(PLUGIN_BIN)
.arg("--identity")
.arg("--serial")
.arg(env::var("YUBIKEY_SERIAL").unwrap())
.arg("--slot")
.arg(env::var("YUBIKEY_SLOT").unwrap())
.output()
.unwrap();
assert_eq!(identity.status.code(), Some(0));
let recipient_file = String::from_utf8_lossy(&recipient.stdout);
let recipient = recipient_file.lines().last().unwrap();
let identity = String::from_utf8_lossy(&identity.stdout);
assert!(identity.contains(recipient));
}
#[test_with::executable(rage)]
#[test]
fn plugin_encrypt() {
let enc_file = tempfile::NamedTempFile::new_in(env!("CARGO_TARGET_TMPDIR")).unwrap();
let mut process = Command::new(which::which("rage").unwrap())
.arg("-r")
.arg("age1yubikey1q2w7u3vpya839jxxuq8g0sedh3d740d4xvn639sqhr95ejj8vu3hyfumptt")
.arg("-o")
.arg(enc_file.path())
.stdin(Stdio::piped())
.env("PATH", Path::new(PLUGIN_BIN).parent().unwrap())
.spawn()
.unwrap();
// Scope to ensure stdin is closed.
{
let mut stdin = process.stdin.take().unwrap();
stdin.write_all(b"Testing YubiKey encryption").unwrap();
stdin.flush().unwrap();
}
let status = process.wait().unwrap();
assert_eq!(status.code(), Some(0));
}
#[test_with::env(YUBIKEY_SERIAL, YUBIKEY_SLOT)]
#[test_with::executable(rage)]
#[cfg_attr(all(unix, not(target_os = "macos")), test_with::executable(pcscd))]
#[test]
fn plugin_decrypt() {
let mut identity_file = tempfile::NamedTempFile::new_in(env!("CARGO_TARGET_TMPDIR")).unwrap();
let enc_file = tempfile::NamedTempFile::new_in(env!("CARGO_TARGET_TMPDIR")).unwrap();
let plaintext = "Testing YubiKey encryption";
// Write an identity file corresponding to this YubiKey slot.
let identity = Command::new(PLUGIN_BIN)
.arg("--identity")
.arg("--serial")
.arg(env::var("YUBIKEY_SERIAL").unwrap())
.arg("--slot")
.arg(env::var("YUBIKEY_SLOT").unwrap())
.output()
.unwrap();
assert_eq!(identity.status.code(), Some(0));
identity_file.write_all(&identity.stdout).unwrap();
identity_file.flush().unwrap();
// Encrypt to the YubiKey slot.
let mut enc_process = Command::new(which::which("rage").unwrap())
.arg("-e")
.arg("-i")
.arg(identity_file.path())
.arg("-o")
.arg(enc_file.path())
.stdin(Stdio::piped())
.env("PATH", Path::new(PLUGIN_BIN).parent().unwrap())
.spawn()
.unwrap();
// Scope to ensure stdin is closed.
{
let mut stdin = enc_process.stdin.take().unwrap();
stdin.write_all(plaintext.as_bytes()).unwrap();
stdin.flush().unwrap();
}
let enc_status = enc_process.wait().unwrap();
assert_eq!(enc_status.code(), Some(0));
// Decrypt with the YubiKey.
let dec_process = Command::new(which::which("rage").unwrap())
.arg("-d")
.arg("-i")
.arg(identity_file.path())
.arg(enc_file.path())
.stdin(Stdio::piped())
.env("PATH", Path::new(PLUGIN_BIN).parent().unwrap())
.output()
.unwrap();
let stderr = String::from_utf8_lossy(&dec_process.stderr);
if !stderr.is_empty() {
assert!(stderr.contains("age-plugin-yubikey"));
assert!(stderr.ends_with("...\n"));
}
assert_eq!(String::from_utf8_lossy(&dec_process.stdout), plaintext);
}