From 748d4c451cac73b683f04dea92eee306f2a9588a Mon Sep 17 00:00:00 2001 From: "J.L.M" <57787248+JMarkstrom@users.noreply.github.com> Date: Wed, 25 Dec 2024 21:46:36 +0100 Subject: [PATCH] =?UTF-8?q?Added=20command=20feedback=20using=20WriteObjec?= =?UTF-8?q?t=20on=20'Yubikey'=20and=20'Fido'=20cmdl=E2=80=A6=20(#83)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Added command feedback using WriteWarning/WriteObject/WriteInformation on 'Yubikey' and 'Fido' cmdlets. * Minor changes to language including punctuation. --------- Co-authored-by: Oscar Virot --- Module/Cmdlets/Fido/ConnectYubikeyFIDO2.cs | 10 +++--- Module/Cmdlets/Fido/GetYubikeyFIDO2.cs | 4 +-- .../Fido/GetYubikeyFIDO2Credentials.cs | 33 ++++++++++++------- Module/Cmdlets/Fido/ResetYubikeyFIDO2.cs | 5 +-- Module/Cmdlets/Fido/SetYubikeyFIDO2.cs | 18 ++++++---- Module/Cmdlets/Fido/SetYubikeyFIDO2PIN.cs | 9 ++--- Module/Cmdlets/OATH/ConnectYubikeyOATH.cs | 4 +-- Module/Cmdlets/OATH/GetYubikeyOATH.cs | 4 +-- Module/Cmdlets/OATH/GetYubikeyOATHAccount.cs | 4 +-- Module/Cmdlets/OATH/NewYubikeyOATHAccount.cs | 4 +-- Module/Cmdlets/OATH/ProtectYubikeyOATH.cs | 4 +-- .../Cmdlets/OATH/RemoveYubikeyOATHAccount.cs | 4 +-- .../Cmdlets/OATH/RenameYubikeyOATHAccount.cs | 4 +-- Module/Cmdlets/OATH/RequestYubikeyOATHCode.cs | 4 +-- Module/Cmdlets/OATH/ResetYubikeyOATH.cs | 4 +-- Module/Cmdlets/OATH/UnprotectYubikeyOATH.cs | 4 +-- Module/Cmdlets/OTP/GetYubikeyOTP.cs | 4 +-- Module/Cmdlets/OTP/RemoveYubikeyOTP.cs | 4 +-- .../Cmdlets/OTP/RequestYubikeyOTPChallange.cs | 4 +-- Module/Cmdlets/OTP/SetYubikeyOTP.cs | 4 +-- Module/Cmdlets/OTP/SwitchYubikeyOTP.cs | 4 +-- .../Cmdlets/Other/ConfirmYubikeyAttestion.cs | 12 +++---- Module/Cmdlets/Other/ConvertToAltSecurity.cs | 14 ++++---- Module/Cmdlets/PIV/AssertYubiKeyPIV.cs | 4 +-- Module/Cmdlets/PIV/BlockYubikeyPIV.cs | 8 ++--- ...uildYubiKeyPIVCertificateSigningRequest.cs | 7 ++-- .../PIV/BuildYubikeyPIVSignCertificate.cs | 4 +-- Module/Cmdlets/PIV/ConnectYubikeyPIV.cs | 4 +-- .../PIV/ExportYubiKeyPIVCertificate.cs | 4 +-- Module/Cmdlets/PIV/GetYubikeyPIV.cs | 4 +-- Module/Cmdlets/PIV/ImportYubiKeyPIV.cs | 30 ++++++++--------- Module/Cmdlets/PIV/MoveYubikeyPIV.cs | 8 ++--- Module/Cmdlets/PIV/NewYubiKeyPIVSelfSign.cs | 6 ++-- Module/Cmdlets/PIV/NewYubikeyPIVKey.cs | 2 +- Module/Cmdlets/PIV/RemoveYubikeyPIVKey.cs | 2 +- Module/Cmdlets/PIV/ResetYubikeyPIV.cs | 4 +-- Module/Cmdlets/PIV/SetYubikeyPIV.cs | 18 +++++----- Module/Cmdlets/PIV/UnblockYubikeyPIV.cs | 8 ++--- .../Cmdlets/UV/RemoveYubikeyUVFingerprint.cs | 2 +- .../Cmdlets/UV/RenameYubikeyUVFingerprint.cs | 2 +- Module/Cmdlets/Yubikey/ConnectYubikey.cs | 8 ++--- Module/Cmdlets/Yubikey/DisconnectYubikey.cs | 1 + Module/Cmdlets/Yubikey/FindYubikey.cs | 4 +-- Module/Cmdlets/Yubikey/GetYubikey.cs | 6 ++-- Module/Cmdlets/Yubikey/LockYubikey.cs | 10 +++--- Module/Cmdlets/Yubikey/SetYubikey.cs | 12 +++---- Module/Cmdlets/Yubikey/UnlockYubikey.cs | 6 ++-- 47 files changed, 173 insertions(+), 156 deletions(-) diff --git a/Module/Cmdlets/Fido/ConnectYubikeyFIDO2.cs b/Module/Cmdlets/Fido/ConnectYubikeyFIDO2.cs index d9cb97c..490485e 100644 --- a/Module/Cmdlets/Fido/ConnectYubikeyFIDO2.cs +++ b/Module/Cmdlets/Fido/ConnectYubikeyFIDO2.cs @@ -66,7 +66,7 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); WriteDebug($"Successfully connected"); @@ -75,8 +75,8 @@ protected override void BeginProcessing() // Check if Connect-YubikeyFIDO2 was called without a PIN (only possible with Yubikey that doesnt have a PIN configured) if (this.MyInvocation.BoundParameters.ContainsKey("PIN") == false) { - WriteWarning("FIDO2 has no PIN, please set PIN before continuing."); - WriteDebug("FIDO2 has no PIN, invokating Set-YubikeyFIDO2 -SetPIN"); + WriteWarning("FIDO2 has no PIN, please set PIN before continuing:"); + WriteDebug("FIDO2 has no PIN, invokating Set-YubikeyFIDO2 -SetPIN..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Set-YubikeyFIDO2").AddParameter("SetPIN"); myPowersShellInstance.Invoke(); } @@ -98,12 +98,12 @@ protected override void ProcessRecord() { if (fido2Session.AuthenticatorInfo.GetOptionValue(AuthenticatorOptions.clientPin) == OptionValue.False) { - WriteObject("Client PIN is not set"); + WriteWarning("Client PIN is not set."); return; } else if (fido2Session.AuthenticatorInfo.ForcePinChange == true) { - WriteWarning("YubiKey requires PIN change to continue, see Set-YubikeyFIDO2 -SetPIN "); + WriteWarning("YubiKey requires PIN change to continue, see Set-YubikeyFIDO2 -SetPIN."); return; } if (this.MyInvocation.BoundParameters["PIN"] is not null) diff --git a/Module/Cmdlets/Fido/GetYubikeyFIDO2.cs b/Module/Cmdlets/Fido/GetYubikeyFIDO2.cs index 08df276..ca827c0 100644 --- a/Module/Cmdlets/Fido/GetYubikeyFIDO2.cs +++ b/Module/Cmdlets/Fido/GetYubikeyFIDO2.cs @@ -16,11 +16,11 @@ protected override void BeginProcessing() // If no FIDO2 PIN exists, we need to connect to the FIDO2 application if (YubiKeyModule._fido2PIN is null) { - WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2"); + WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-YubikeyFIDO2").Invoke(); if (YubiKeyModule._fido2PIN is null) { - throw new Exception("Connect-YubikeyFIDO2 failed to connect FIDO2 application."); + throw new Exception("Connect-YubikeyFIDO2 failed to the FIDO2 applet!"); } } diff --git a/Module/Cmdlets/Fido/GetYubikeyFIDO2Credentials.cs b/Module/Cmdlets/Fido/GetYubikeyFIDO2Credentials.cs index d58eaa3..3156e1d 100644 --- a/Module/Cmdlets/Fido/GetYubikeyFIDO2Credentials.cs +++ b/Module/Cmdlets/Fido/GetYubikeyFIDO2Credentials.cs @@ -16,11 +16,11 @@ protected override void BeginProcessing() // If no FIDO2 PIN exists, we need to connect to the FIDO2 application if (YubiKeyModule._fido2PIN is null) { - WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2"); + WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-YubikeyFIDO2").Invoke(); if (YubiKeyModule._fido2PIN is null) { - throw new Exception("Connect-YubikeyFIDO2 failed to connect FIDO2 application."); + throw new Exception("Connect-YubikeyFIDO2 failed to connect to the FIDO2 applet!"); } } @@ -38,21 +38,32 @@ protected override void ProcessRecord() fido2Session.KeyCollector = YubiKeyModule._KeyCollector.YKKeyCollectorDelegate; var RelyingParties = fido2Session.EnumerateRelyingParties(); - foreach (RelyingParty RelyingParty in RelyingParties) + + if (!RelyingParties.Any()) // Check if there are no relying parties + { + WriteWarning("No credentials found on the YubiKey."); + return; + } + else { - var relayCredentials = fido2Session.EnumerateCredentialsForRelyingParty(RelyingParty); - foreach (CredentialUserInfo user in relayCredentials) + foreach (RelyingParty RelyingParty in RelyingParties) { - Credentials credentials = new Credentials + var relayCredentials = fido2Session.EnumerateCredentialsForRelyingParty(RelyingParty); + + foreach (CredentialUserInfo user in relayCredentials) { - Site = RelyingParty.Id, - Name = user.User.Name, - DisplayName = user.User.DisplayName, - }; - WriteObject(credentials); + Credentials credentials = new Credentials + { + Site = RelyingParty.Id, + Name = user.User.Name, + DisplayName = user.User.DisplayName, + }; + WriteObject(credentials); + } } } } } + } } \ No newline at end of file diff --git a/Module/Cmdlets/Fido/ResetYubikeyFIDO2.cs b/Module/Cmdlets/Fido/ResetYubikeyFIDO2.cs index aa98071..ef7c0ff 100644 --- a/Module/Cmdlets/Fido/ResetYubikeyFIDO2.cs +++ b/Module/Cmdlets/Fido/ResetYubikeyFIDO2.cs @@ -25,10 +25,10 @@ protected override void BeginProcessing() if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } @@ -102,6 +102,7 @@ protected override void ProcessRecord() } YubiKeyModule._fido2PIN = null; + WriteObject("YubiKey FIDO applet successfully reset."); } } } diff --git a/Module/Cmdlets/Fido/SetYubikeyFIDO2.cs b/Module/Cmdlets/Fido/SetYubikeyFIDO2.cs index a0adc0d..7e2a36b 100644 --- a/Module/Cmdlets/Fido/SetYubikeyFIDO2.cs +++ b/Module/Cmdlets/Fido/SetYubikeyFIDO2.cs @@ -90,10 +90,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No Yubikey selected, calling Connect-Yubikey"); + WriteDebug("No Yubikey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } else @@ -101,11 +101,11 @@ protected override void BeginProcessing() // If no FIDO2 PIN exists, we need to connect to the FIDO2 application if (YubiKeyModule._fido2PIN is null) { - WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2"); + WriteDebug("No FIDO2 session has been authenticated, calling Connect-YubikeyFIDO2..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-YubikeyFIDO2").Invoke(); if (YubiKeyModule._fido2PIN is null) { - throw new Exception("Connect-YubikeyFIDO2 failed to connect FIDO2 application."); + throw new Exception("Connect-YubikeyFIDO2 failed to connect to the FIDO2 applet!"); } } } @@ -128,7 +128,7 @@ protected override void ProcessRecord() case "Set PIN minimum length": if (fido2Session.AuthenticatorInfo.GetOptionValue(AuthenticatorOptions.setMinPINLength) == OptionValue.True) { - // Code to increase min PIN length here. + // Code to set minimum PIN length here. if (!fido2Session.TrySetPinConfig(MinimumPINLength, null, null)) { @@ -136,6 +136,7 @@ protected override void ProcessRecord() } // Do it once more to force PIN change. fido2Session.TrySetPinConfig(null, null, null); + WriteObject("Minimum PIN length set."); } else { @@ -151,6 +152,7 @@ protected override void ProcessRecord() // Use TrySetPinConfig to enable Force PIN Change. bool? forceChangePin = true; if (!fido2Session.TrySetPinConfig(null, null, forceChangePin)) + WriteObject("Force PIN change set."); { // Throw an exception if applying the setting fails. throw new InvalidOperationException("Failed to enforce PIN change."); @@ -175,12 +177,12 @@ protected override void ProcessRecord() { if (fido2Session.AuthenticatorInfo.GetOptionValue(AuthenticatorOptions.clientPin) == OptionValue.False) { - WriteDebug("No FIDO2 PIN set, setting new PIN"); + WriteDebug("No FIDO PIN set, setting new PIN..."); fido2Session.SetPin(); } else { - WriteDebug("FIDO2 PIN set, changing PIN"); + WriteDebug("FIDO2 PIN set, changing PIN..."); fido2Session.ChangePin(); } } @@ -194,6 +196,8 @@ protected override void ProcessRecord() YubiKeyModule._fido2PINNew = null; } YubiKeyModule._fido2PIN = (SecureString)this.MyInvocation.BoundParameters["NewPIN"]; + WriteObject("FIDO PIN updated."); + break; case "Send MinimumPIN to RelyingParty": var rpidList = new List(1); diff --git a/Module/Cmdlets/Fido/SetYubikeyFIDO2PIN.cs b/Module/Cmdlets/Fido/SetYubikeyFIDO2PIN.cs index ad04521..7dae3ac 100644 --- a/Module/Cmdlets/Fido/SetYubikeyFIDO2PIN.cs +++ b/Module/Cmdlets/Fido/SetYubikeyFIDO2PIN.cs @@ -41,7 +41,7 @@ public object GetDynamicParameters() } newPIN = new Collection() { - new ParameterAttribute() { Mandatory = true, HelpMessage = "New PIN code to set for the FIDO2 module.", ParameterSetName = "Set PIN", ValueFromPipeline = false}, + new ParameterAttribute() { Mandatory = true, HelpMessage = "New PIN code to set for the FIDO applet.", ParameterSetName = "Set PIN", ValueFromPipeline = false}, new ValidateYubikeyPIN(minPinLength, 63) }; } @@ -53,7 +53,7 @@ public object GetDynamicParameters() new ValidateYubikeyPIN(4, 63) }; newPIN = new Collection() { - new ParameterAttribute() { Mandatory = true, HelpMessage = "New PIN code to set for the FIDO2 module.", ParameterSetName = "Set PIN", ValueFromPipeline = false}, + new ParameterAttribute() { Mandatory = true, HelpMessage = "New PIN code to set for the FIDO applet.", ParameterSetName = "Set PIN", ValueFromPipeline = false}, new ValidateYubikeyPIN(4, 63) }; } @@ -90,14 +90,15 @@ protected override void ProcessRecord() { if (fido2Session.AuthenticatorInfo.GetOptionValue(AuthenticatorOptions.clientPin) == OptionValue.False) { - WriteDebug("No FIDO2 PIN set, setting new PIN"); + WriteDebug("No FIDO2 PIN set, setting new PIN..."); fido2Session.SetPin(); } else { - WriteDebug("FIDO2 PIN set, changing PIN"); + WriteDebug("FIDO2 PIN set, changing PIN..."); fido2Session.ChangePin(); } + WriteObject("FIDO PIN updated."); } catch (Exception e) { diff --git a/Module/Cmdlets/OATH/ConnectYubikeyOATH.cs b/Module/Cmdlets/OATH/ConnectYubikeyOATH.cs index b693f80..712c1a4 100644 --- a/Module/Cmdlets/OATH/ConnectYubikeyOATH.cs +++ b/Module/Cmdlets/OATH/ConnectYubikeyOATH.cs @@ -21,10 +21,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } protected override void ProcessRecord() diff --git a/Module/Cmdlets/OATH/GetYubikeyOATH.cs b/Module/Cmdlets/OATH/GetYubikeyOATH.cs index b872c10..4a63d82 100644 --- a/Module/Cmdlets/OATH/GetYubikeyOATH.cs +++ b/Module/Cmdlets/OATH/GetYubikeyOATH.cs @@ -19,10 +19,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/GetYubikeyOATHAccount.cs b/Module/Cmdlets/OATH/GetYubikeyOATHAccount.cs index 1a061b2..6dfa9c5 100644 --- a/Module/Cmdlets/OATH/GetYubikeyOATHAccount.cs +++ b/Module/Cmdlets/OATH/GetYubikeyOATHAccount.cs @@ -18,10 +18,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/NewYubikeyOATHAccount.cs b/Module/Cmdlets/OATH/NewYubikeyOATHAccount.cs index 86aed8e..8eb0031 100644 --- a/Module/Cmdlets/OATH/NewYubikeyOATHAccount.cs +++ b/Module/Cmdlets/OATH/NewYubikeyOATHAccount.cs @@ -52,10 +52,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/ProtectYubikeyOATH.cs b/Module/Cmdlets/OATH/ProtectYubikeyOATH.cs index 1b0c723..c4ad5f3 100644 --- a/Module/Cmdlets/OATH/ProtectYubikeyOATH.cs +++ b/Module/Cmdlets/OATH/ProtectYubikeyOATH.cs @@ -26,10 +26,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/RemoveYubikeyOATHAccount.cs b/Module/Cmdlets/OATH/RemoveYubikeyOATHAccount.cs index b0cc319..a5e0f4e 100644 --- a/Module/Cmdlets/OATH/RemoveYubikeyOATHAccount.cs +++ b/Module/Cmdlets/OATH/RemoveYubikeyOATHAccount.cs @@ -16,10 +16,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/RenameYubikeyOATHAccount.cs b/Module/Cmdlets/OATH/RenameYubikeyOATHAccount.cs index 27c8e11..2a4e3d7 100644 --- a/Module/Cmdlets/OATH/RenameYubikeyOATHAccount.cs +++ b/Module/Cmdlets/OATH/RenameYubikeyOATHAccount.cs @@ -21,10 +21,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); }; } diff --git a/Module/Cmdlets/OATH/RequestYubikeyOATHCode.cs b/Module/Cmdlets/OATH/RequestYubikeyOATHCode.cs index 7b8905b..edffe19 100644 --- a/Module/Cmdlets/OATH/RequestYubikeyOATHCode.cs +++ b/Module/Cmdlets/OATH/RequestYubikeyOATHCode.cs @@ -24,10 +24,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/ResetYubikeyOATH.cs b/Module/Cmdlets/OATH/ResetYubikeyOATH.cs index c1ceee7..222cb87 100644 --- a/Module/Cmdlets/OATH/ResetYubikeyOATH.cs +++ b/Module/Cmdlets/OATH/ResetYubikeyOATH.cs @@ -18,10 +18,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OATH/UnprotectYubikeyOATH.cs b/Module/Cmdlets/OATH/UnprotectYubikeyOATH.cs index 42e704e..f11ce4d 100644 --- a/Module/Cmdlets/OATH/UnprotectYubikeyOATH.cs +++ b/Module/Cmdlets/OATH/UnprotectYubikeyOATH.cs @@ -28,10 +28,10 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } } diff --git a/Module/Cmdlets/OTP/GetYubikeyOTP.cs b/Module/Cmdlets/OTP/GetYubikeyOTP.cs index 1af7246..ed3b353 100644 --- a/Module/Cmdlets/OTP/GetYubikeyOTP.cs +++ b/Module/Cmdlets/OTP/GetYubikeyOTP.cs @@ -17,12 +17,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/OTP/RemoveYubikeyOTP.cs b/Module/Cmdlets/OTP/RemoveYubikeyOTP.cs index 9db3fa5..c376768 100644 --- a/Module/Cmdlets/OTP/RemoveYubikeyOTP.cs +++ b/Module/Cmdlets/OTP/RemoveYubikeyOTP.cs @@ -19,12 +19,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/OTP/RequestYubikeyOTPChallange.cs b/Module/Cmdlets/OTP/RequestYubikeyOTPChallange.cs index 3aac856..8a562aa 100644 --- a/Module/Cmdlets/OTP/RequestYubikeyOTPChallange.cs +++ b/Module/Cmdlets/OTP/RequestYubikeyOTPChallange.cs @@ -30,12 +30,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/OTP/SetYubikeyOTP.cs b/Module/Cmdlets/OTP/SetYubikeyOTP.cs index 5cc656f..27e601e 100644 --- a/Module/Cmdlets/OTP/SetYubikeyOTP.cs +++ b/Module/Cmdlets/OTP/SetYubikeyOTP.cs @@ -57,12 +57,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/OTP/SwitchYubikeyOTP.cs b/Module/Cmdlets/OTP/SwitchYubikeyOTP.cs index 2b16c8f..97e4d16 100644 --- a/Module/Cmdlets/OTP/SwitchYubikeyOTP.cs +++ b/Module/Cmdlets/OTP/SwitchYubikeyOTP.cs @@ -12,12 +12,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/Other/ConfirmYubikeyAttestion.cs b/Module/Cmdlets/Other/ConfirmYubikeyAttestion.cs index 4dba5df..fe5f490 100644 --- a/Module/Cmdlets/Other/ConfirmYubikeyAttestion.cs +++ b/Module/Cmdlets/Other/ConfirmYubikeyAttestion.cs @@ -167,7 +167,7 @@ protected override void ProcessRecord() } else { - throw new Exception("Intermediate Certificate is missing"); + throw new Exception("Intermediate Certificate is missing!"); } } @@ -175,7 +175,7 @@ protected override void ProcessRecord() if (_AttestionCertificate is null || _IntermediateCertificate is null) { // Is this still needed?? - throw new Exception("Attestion Certificate or Intermediate Certificate is missing"); + throw new Exception("Attestion Certificate or Intermediate Certificate is missing!"); } // Check the entire chain up to Yubico's root CA @@ -211,22 +211,22 @@ protected override void ProcessRecord() switch (extension.Oid!.Value) { case "1.3.6.1.4.1.41482.3.3": // Firmware version - WriteDebug("Extracting Firmware version"); + WriteDebug("Extracting Firmware version..."); _out_FirmwareVersion = new FirmwareVersion(extension.RawData[0], extension.RawData[1], extension.RawData[2]); break; case "1.3.6.1.4.1.41482.3.7": // Serial number - WriteDebug("Extracting Serial number"); + WriteDebug("Extracting Serial number..."); byte[] tempSerialBytes = extension.RawData; Array.Reverse(tempSerialBytes); _out_SerialNumber = BitConverter.ToUInt32(tempSerialBytes, 0); break; case "1.3.6.1.4.1.41482.3.8": // Pin / Touch Policies - WriteDebug("Extracting Pin / Touch Policies"); + WriteDebug("Extracting Pin / Touch Policies..."); _out_PinPolicy = (PivPinPolicy)extension.RawData[0]; _out_TouchPolicy = (PivTouchPolicy)extension.RawData[1]; break; case "1.3.6.1.4.1.41482.3.9": // Form factor - WriteDebug("Extracting Form factor"); + WriteDebug("Extracting Form factor..."); _out_FormFactor = (FormFactor)(extension.RawData[0] & (byte)0x7F); break; } diff --git a/Module/Cmdlets/Other/ConvertToAltSecurity.cs b/Module/Cmdlets/Other/ConvertToAltSecurity.cs index f2ddb19..312488a 100644 --- a/Module/Cmdlets/Other/ConvertToAltSecurity.cs +++ b/Module/Cmdlets/Other/ConvertToAltSecurity.cs @@ -37,20 +37,20 @@ protected override void ProcessRecord() if (_certificate is not null) { string sshkey = ""; - WriteDebug("Certificate successfully loaded"); + WriteDebug("Certificate successfully loaded."); if (_certificate.PublicKey.Oid.FriendlyName == "RSA") { - WriteDebug("Certificate public key is of type RSA"); + WriteDebug("Certificate public key is of type RSA."); sshkey = GenerateIdentifier.SSHIdentifier(_certificate.PublicKey.GetRSAPublicKey()!, _certificate.Subject); } else if (_certificate.PublicKey.Oid.FriendlyName == "ECC") { - WriteDebug("Certificate public key is of type ECC"); + WriteDebug("Certificate public key is of type ECC."); sshkey = GenerateIdentifier.SSHIdentifier(_certificate.PublicKey.GetECDsaPublicKey()!, _certificate.Subject); } else { - throw new Exception("Unknown publickey format"); + throw new Exception("Unknown public key format!"); } //Extract the Subject Key Identifier / 2.5.29.14 @@ -103,17 +103,17 @@ protected override void ProcessRecord() string sshkey = ""; if (_certificateRequest.PublicKey.Oid.FriendlyName == "RSA") { - WriteDebug("Certificate public key is of type RSA"); + WriteDebug("Certificate public key is of type RSA."); sshkey = GenerateIdentifier.SSHIdentifier(_certificateRequest.PublicKey.GetRSAPublicKey()!, ""); } else if (_certificateRequest.PublicKey.Oid.FriendlyName == "ECC") { - WriteDebug("Certificate public key is of type ECC"); + WriteDebug("Certificate public key is of type ECC."); sshkey = GenerateIdentifier.SSHIdentifier(_certificateRequest.PublicKey.GetECDsaPublicKey()!, ""); } else { - throw new Exception("Unknown public key format"); + throw new Exception("Unknown public key format!"); } X509Extension stringSKI = new X509SubjectKeyIdentifierExtension(_certificateRequest.PublicKey, false); diff --git a/Module/Cmdlets/PIV/AssertYubiKeyPIV.cs b/Module/Cmdlets/PIV/AssertYubiKeyPIV.cs index 250195e..b694839 100644 --- a/Module/Cmdlets/PIV/AssertYubiKeyPIV.cs +++ b/Module/Cmdlets/PIV/AssertYubiKeyPIV.cs @@ -28,12 +28,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/BlockYubikeyPIV.cs b/Module/Cmdlets/PIV/BlockYubikeyPIV.cs index e9b6877..191ae80 100644 --- a/Module/Cmdlets/PIV/BlockYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/BlockYubikeyPIV.cs @@ -23,12 +23,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -58,7 +58,7 @@ protected override void ProcessRecord() { if (e.Message != "There are no retries remaining for a PIN, PUK, or other authentication element.") { - throw new Exception("Failed to block PUK", e); + throw new Exception("Failed to block PUK!", e); } } } @@ -80,7 +80,7 @@ protected override void ProcessRecord() { if (e.Message != "There are no retries remaining for a PIN, PUK, or other authentication element.") { - throw new Exception("Failed to block PUK", e); + throw new Exception("Failed to block PUK!", e); } } } diff --git a/Module/Cmdlets/PIV/BuildYubiKeyPIVCertificateSigningRequest.cs b/Module/Cmdlets/PIV/BuildYubiKeyPIVCertificateSigningRequest.cs index 425b238..4c396d3 100644 --- a/Module/Cmdlets/PIV/BuildYubiKeyPIVCertificateSigningRequest.cs +++ b/Module/Cmdlets/PIV/BuildYubiKeyPIVCertificateSigningRequest.cs @@ -35,12 +35,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -64,7 +64,6 @@ protected override void ProcessRecord() { metadata = pivSession.GetMetadata(Slot); publicKey = metadata.PublicKey; - } catch (Exception e) { @@ -96,7 +95,7 @@ protected override void ProcessRecord() { PivAlgorithm.EccP256 => HashAlgorithmName.SHA256, PivAlgorithm.EccP384 => HashAlgorithmName.SHA384, - _ => throw new Exception("Unknown PublicKey algorithm") + _ => throw new Exception("Unknown Public key algorithm") }; WriteDebug($"Using Hash based on ECC size: {HashAlgorithm.ToString()}"); request = new CertificateRequest(Subjectname, (ECDsa)dotNetPublicKey, HashAlgorithm); diff --git a/Module/Cmdlets/PIV/BuildYubikeyPIVSignCertificate.cs b/Module/Cmdlets/PIV/BuildYubikeyPIVSignCertificate.cs index 02d5248..15a5c77 100644 --- a/Module/Cmdlets/PIV/BuildYubikeyPIVSignCertificate.cs +++ b/Module/Cmdlets/PIV/BuildYubikeyPIVSignCertificate.cs @@ -53,12 +53,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/ConnectYubikeyPIV.cs b/Module/Cmdlets/PIV/ConnectYubikeyPIV.cs index 66a1ffe..c9d59f9 100644 --- a/Module/Cmdlets/PIV/ConnectYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/ConnectYubikeyPIV.cs @@ -31,12 +31,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/ExportYubiKeyPIVCertificate.cs b/Module/Cmdlets/PIV/ExportYubiKeyPIVCertificate.cs index 84ec065..3652435 100644 --- a/Module/Cmdlets/PIV/ExportYubiKeyPIVCertificate.cs +++ b/Module/Cmdlets/PIV/ExportYubiKeyPIVCertificate.cs @@ -28,12 +28,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/GetYubikeyPIV.cs b/Module/Cmdlets/PIV/GetYubikeyPIV.cs index a0ea249..3b0477f 100644 --- a/Module/Cmdlets/PIV/GetYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/GetYubikeyPIV.cs @@ -21,12 +21,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/ImportYubiKeyPIV.cs b/Module/Cmdlets/PIV/ImportYubiKeyPIV.cs index d473ac9..ee07b15 100644 --- a/Module/Cmdlets/PIV/ImportYubiKeyPIV.cs +++ b/Module/Cmdlets/PIV/ImportYubiKeyPIV.cs @@ -59,12 +59,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -126,7 +126,7 @@ protected override void ProcessRecord() { if (pemContent.Contains("BEGIN ENCRYPTED PRIVATE KEY")) { - WriteDebug("Trying to read encrypted RSA key"); + WriteDebug("Trying to read encrypted RSA key..."); RSA newRSAPrivateKey = RSA.Create(); newRSAPrivateKey.ImportFromEncryptedPem(pemContent.ToCharArray(), System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(Password!))!)); RSAParameters rsaParam = newRSAPrivateKey.ExportParameters(true); @@ -140,7 +140,7 @@ protected override void ProcessRecord() } else if (pemContent.Contains("BEGIN EC PRIVATE KEY")) { - WriteDebug("Trying to read encrypted ECDSA key"); + WriteDebug("Trying to read encrypted ECDSA key..."); ECDsa newECDsaPrivateKey = ECDsa.Create(); newECDsaPrivateKey.ImportFromEncryptedPem(pemContent.ToCharArray(), System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(Password!))!)); int keySize = newECDsaPrivateKey.KeySize / 8; @@ -153,7 +153,7 @@ protected override void ProcessRecord() } else { - throw new Exception("No private key found in file"); + throw new Exception("No private key found in file!"); } } else @@ -162,7 +162,7 @@ protected override void ProcessRecord() { try { - WriteDebug("Trying to read unencrypted RSA key"); + WriteDebug("Trying to read unencrypted RSA key..."); RSA newRSAPrivateKey = RSA.Create(); newRSAPrivateKey.ImportFromPem(pemContent.ToCharArray()); RSAParameters rsaParam = newRSAPrivateKey.ExportParameters(true); @@ -177,7 +177,7 @@ protected override void ProcessRecord() catch { } try { - WriteDebug("Trying to read unencrypted ECDSA key"); + WriteDebug("Trying to read unencrypted ECDSA key..."); ECDsa newECDsaPrivateKey = ECDsa.Create(); newECDsaPrivateKey.ImportFromPem(pemContent.ToCharArray()); int keySize = newECDsaPrivateKey.KeySize / 8; @@ -191,7 +191,7 @@ protected override void ProcessRecord() catch { } if (this._newPrivateKey is null) { - throw new Exception("No private key found in file"); + throw new Exception("No private key found in file."); } } } @@ -238,16 +238,16 @@ protected override void ProcessRecord() // Check that the certificate matches the public key in the slot if (publicKey is null) { - throw new Exception("No public key found, not uploading certificate"); + throw new Exception("No public key found, not uploading certificate."); } else if ((_newcertificate.PublicKey.Oid.FriendlyName == "RSA" && publicKey is PivEccPublicKey) || (_newcertificate.PublicKey.Oid.FriendlyName == "ECC" && publicKey is PivRsaPublicKey)) { - throw new Exception("Private key does match certificate type. RSA / ECDSA"); + throw new Exception("Private key does match certificate type: RSA / ECDSA."); } else if (publicKey is PivRsaPublicKey) { - WriteDebug("Verifying that the RSA key matches the public key"); + WriteDebug("Verifying that the RSA key matches the public key..."); RSA certificatePublicKey = _newcertificate.GetRSAPublicKey()!; RSA keypublicKey; var rsaParams = new RSAParameters @@ -260,11 +260,11 @@ protected override void ProcessRecord() if (certificatePublicKey.ExportParameters(false).Modulus!.SequenceEqual(keypublicKey.ExportParameters(false).Modulus!) && certificatePublicKey.ExportParameters(false).Exponent!.SequenceEqual(keypublicKey.ExportParameters(false).Exponent!)) { - WriteDebug("Public key matches certificate key"); + WriteDebug("Public key matches certificate key."); } else { - throw new Exception("Public key does not match certificate key"); + throw new Exception("Public key DOES NOT match certificate key!"); } } else @@ -275,11 +275,11 @@ protected override void ProcessRecord() if (certificatePublicKey.ExportParameters(false).Q.X!.SequenceEqual(((ECDsa)dotNetPublicKey).ExportParameters(false).Q.X!) && certificatePublicKey.ExportParameters(false).Q.Y!.SequenceEqual(((ECDsa)dotNetPublicKey).ExportParameters(false).Q.Y!)) { - WriteDebug("Public key matches certificate key"); + WriteDebug("Public key matches certificate key."); } else { - throw new Exception("Public key does not match certificate key"); + throw new Exception("Public key DOES NOT match certificate key!"); } } diff --git a/Module/Cmdlets/PIV/MoveYubikeyPIV.cs b/Module/Cmdlets/PIV/MoveYubikeyPIV.cs index 7db86e9..7d50bc0 100644 --- a/Module/Cmdlets/PIV/MoveYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/MoveYubikeyPIV.cs @@ -28,7 +28,7 @@ protected override void ProcessRecord() { if (SourceSlot == DestinationSlot) { - throw new ArgumentException("Source and destination slot cannot be the same"); + throw new ArgumentException("Source and destination slot cannot be the same."); } using (var pivSession = new PivSession((YubiKeyDevice)YubiKeyModule._yubikey!)) { @@ -36,7 +36,7 @@ protected override void ProcessRecord() if (!((YubiKeyDevice)YubiKeyModule._yubikey!).HasFeature(YubiKeyFeature.PivMoveOrDeleteKey)) { - throw new Exception("YubiKey version does not support moving keys"); + throw new Exception("YubiKey version does not support moving keys."); } X509Certificate2? slotCert = null; @@ -45,7 +45,7 @@ protected override void ProcessRecord() { try { - WriteDebug("MigrateCertificate is requested, getting certificate from source slot"); + WriteDebug("MigrateCertificate is requested, getting certificate from source slot..."); slotCert = pivSession.GetCertificate(SourceSlot); } catch { } @@ -56,7 +56,7 @@ protected override void ProcessRecord() { if (slotCert is X509Certificate2) { - WriteDebug("MigrateCertificate is requested, trying to import certificate"); + WriteDebug("MigrateCertificate is requested, trying to import certificate..."); pivSession.ImportCertificate(DestinationSlot, slotCert); } } diff --git a/Module/Cmdlets/PIV/NewYubiKeyPIVSelfSign.cs b/Module/Cmdlets/PIV/NewYubiKeyPIVSelfSign.cs index 276b8ce..15a2bdc 100644 --- a/Module/Cmdlets/PIV/NewYubiKeyPIVSelfSign.cs +++ b/Module/Cmdlets/PIV/NewYubiKeyPIVSelfSign.cs @@ -26,12 +26,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -58,7 +58,7 @@ protected override void ProcessRecord() publicKey = pivSession.GetMetadata(Slot).PublicKey; if (publicKey is null) { - throw new Exception("Public key is null"); + throw new Exception("Public key is null!"); } } catch (Exception e) diff --git a/Module/Cmdlets/PIV/NewYubikeyPIVKey.cs b/Module/Cmdlets/PIV/NewYubikeyPIVKey.cs index 8a28716..418cd3f 100644 --- a/Module/Cmdlets/PIV/NewYubikeyPIVKey.cs +++ b/Module/Cmdlets/PIV/NewYubikeyPIVKey.cs @@ -100,7 +100,7 @@ protected override void ProcessRecord() } else { - throw new Exception("Could not create keypair"); + throw new Exception("Could not create keypair!"); } } } diff --git a/Module/Cmdlets/PIV/RemoveYubikeyPIVKey.cs b/Module/Cmdlets/PIV/RemoveYubikeyPIVKey.cs index c30f51f..cd1ada7 100644 --- a/Module/Cmdlets/PIV/RemoveYubikeyPIVKey.cs +++ b/Module/Cmdlets/PIV/RemoveYubikeyPIVKey.cs @@ -25,7 +25,7 @@ protected override void ProcessRecord() if (!((YubiKeyDevice)YubiKeyModule._yubikey!).HasFeature(YubiKeyFeature.PivMoveOrDeleteKey)) { - throw new Exception("YubiKey version does not support removing keys"); + throw new Exception("YubiKey version does not support removing keys."); } if (ShouldProcess($"Key in slot {Slot}", "Remove")) diff --git a/Module/Cmdlets/PIV/ResetYubikeyPIV.cs b/Module/Cmdlets/PIV/ResetYubikeyPIV.cs index 11b8755..dc218cb 100644 --- a/Module/Cmdlets/PIV/ResetYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/ResetYubikeyPIV.cs @@ -18,12 +18,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { diff --git a/Module/Cmdlets/PIV/SetYubikeyPIV.cs b/Module/Cmdlets/PIV/SetYubikeyPIV.cs index 3a3485b..91e1a74 100644 --- a/Module/Cmdlets/PIV/SetYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/SetYubikeyPIV.cs @@ -78,12 +78,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -104,14 +104,14 @@ protected override void ProcessRecord() case "ChangeRetries": if (new List { FormFactor.UsbABiometricKeychain, FormFactor.UsbCBiometricKeychain }.Contains(((YubiKeyDevice)YubiKeyModule._yubikey!).FormFactor)) { - throw new Exception("Biometric YubiKeys does not support changing the number of PIN retries"); + throw new Exception("Biometric YubiKeys does not support changing the number of PIN retries."); } // powershellYK does more than the SDK here, it also blocks the PUK if the Management key is PIN protected. pivSession.ChangePinAndPukRetryCounts((byte)PinRetries!, (byte)PukRetries!); // Yubikey disables the PUK if the Management key is PIN protected, we do the same if not KeepPUKUnlocked is set if (pivSession.GetPinOnlyMode().HasFlag(PivPinOnlyMode.PinProtected) && !(KeepPukUnlocked.IsPresent)) { - WriteDebug("Management Key is PIN protected, Blocking PUK"); + WriteDebug("Management Key is PIN protected, Blocking PUK..."); retriesLeft = 1; while (retriesLeft > 0) { @@ -119,7 +119,7 @@ protected override void ProcessRecord() } if (YubiKeyModule._pivPIN is not null && YubiKeyModule._pivPIN.Length > 0 && Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(YubiKeyModule._pivPIN!)) != "123456") { - WriteDebug("Trying to revert PIN"); + WriteDebug("Trying to revert PIN..."); pivSession.TryChangePin(System.Text.Encoding.UTF8.GetBytes("123456"), System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(YubiKeyModule._pivPIN!))!), out retriesLeft); } else @@ -143,12 +143,12 @@ protected override void ProcessRecord() } else { - throw new Exception("Incorrect PIN provided"); + throw new Exception("Incorrect PIN provided."); } } catch (Exception e) { - throw new Exception("Failed to change PIN", e); + throw new Exception("Failed to change PIN.", e); } finally { @@ -160,7 +160,7 @@ protected override void ProcessRecord() if (pivSession.TryChangePuk(System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(PUK))!), System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(NewPUK))!) , out retriesLeft) == false) { - throw new Exception("Incorrect PUK provided"); + throw new Exception("Incorrect PUK provided."); } } catch (Exception e) @@ -196,7 +196,7 @@ protected override void ProcessRecord() { if (pivSession.TryChangeManagementKey(ManagementKeyarray, NewManagementKeyarray, (PivTouchPolicy)TouchPolicy, (PivAlgorithm)Algorithm)) { - WriteDebug("ManagementKey changed"); + WriteDebug("Management Key changed"); } else { diff --git a/Module/Cmdlets/PIV/UnblockYubikeyPIV.cs b/Module/Cmdlets/PIV/UnblockYubikeyPIV.cs index ba8e236..31fc6a6 100644 --- a/Module/Cmdlets/PIV/UnblockYubikeyPIV.cs +++ b/Module/Cmdlets/PIV/UnblockYubikeyPIV.cs @@ -28,12 +28,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -55,12 +55,12 @@ protected override void ProcessRecord() , System.Text.Encoding.UTF8.GetBytes(Marshal.PtrToStringUni(Marshal.SecureStringToGlobalAllocUnicode(NewPIN))!) , out retriesLeft) == false) { - throw new Exception("Incorrect PUK provided"); + throw new Exception("Incorrect PUK provided."); } } catch (Exception e) { - throw new Exception("Failed to reset PIN", e); + throw new Exception("Failed to reset PIN!", e); } finally { diff --git a/Module/Cmdlets/UV/RemoveYubikeyUVFingerprint.cs b/Module/Cmdlets/UV/RemoveYubikeyUVFingerprint.cs index ade0c1c..e90ec79 100644 --- a/Module/Cmdlets/UV/RemoveYubikeyUVFingerprint.cs +++ b/Module/Cmdlets/UV/RemoveYubikeyUVFingerprint.cs @@ -56,7 +56,7 @@ protected override void ProcessRecord() } else { - throw new Exception("No fingerprint found"); + throw new Exception("No fingerprint found."); } } } diff --git a/Module/Cmdlets/UV/RenameYubikeyUVFingerprint.cs b/Module/Cmdlets/UV/RenameYubikeyUVFingerprint.cs index c540c92..07034f2 100644 --- a/Module/Cmdlets/UV/RenameYubikeyUVFingerprint.cs +++ b/Module/Cmdlets/UV/RenameYubikeyUVFingerprint.cs @@ -58,7 +58,7 @@ protected override void ProcessRecord() } else { - throw new Exception("No fingerprint found"); + throw new Exception("No fingerprint found."); } } } diff --git a/Module/Cmdlets/Yubikey/ConnectYubikey.cs b/Module/Cmdlets/Yubikey/ConnectYubikey.cs index 1ecb6e9..9a1bc1f 100644 --- a/Module/Cmdlets/Yubikey/ConnectYubikey.cs +++ b/Module/Cmdlets/Yubikey/ConnectYubikey.cs @@ -43,11 +43,11 @@ protected override void ProcessRecord() if (yubikeys.Count() == 1) { _yubikey = (YubiKeyDevice)yubikeys.First(); - WriteDebug($"Found only one device, using {_yubikey.SerialNumber}"); + WriteDebug($"Found only one device, using {_yubikey.SerialNumber}."); } break; case "Connect Yubikey with Serialnumber": - WriteDebug($"Looking for YubiKey with serial: {Serialnumber}"); + WriteDebug($"Looking for YubiKey with serial: {Serialnumber}."); _yubikey = (YubiKeyDevice)YubiKeyDevice.FindAll().Where(x => x.SerialNumber == Serialnumber).First(); break; default: @@ -56,11 +56,11 @@ protected override void ProcessRecord() if (_yubikey is not null) { YubiKeyModule._yubikey = _yubikey; - Console.WriteLine($"Connected to {PowershellYKText.FriendlyName(_yubikey)} with serial: {_yubikey.SerialNumber}"); + WriteInformation($"Connected to {PowershellYKText.FriendlyName(_yubikey)} with serial: {_yubikey.SerialNumber}.", new string[] { "YubiKey" }); } else { - throw new Exception("None or multiple YubiKeys found, Use Connect-Yubikey to specify which Yubikey to use"); + throw new Exception("None or multiple YubiKeys found, Use Connect-Yubikey to specify which Yubikey to use."); } } } diff --git a/Module/Cmdlets/Yubikey/DisconnectYubikey.cs b/Module/Cmdlets/Yubikey/DisconnectYubikey.cs index f5fc02d..7271bab 100644 --- a/Module/Cmdlets/Yubikey/DisconnectYubikey.cs +++ b/Module/Cmdlets/Yubikey/DisconnectYubikey.cs @@ -10,6 +10,7 @@ protected override void BeginProcessing() { YubiKeyModule._yubikey = null; YubiKeyModule.clearPassword(); + WriteInformation("Disconnected from YubiKey.", new string[] { "YubiKey" }); } } } \ No newline at end of file diff --git a/Module/Cmdlets/Yubikey/FindYubikey.cs b/Module/Cmdlets/Yubikey/FindYubikey.cs index 50d7525..55ec3d2 100644 --- a/Module/Cmdlets/Yubikey/FindYubikey.cs +++ b/Module/Cmdlets/Yubikey/FindYubikey.cs @@ -31,10 +31,10 @@ protected override void BeginProcessing() if (yubiKeys.ToArray().Length == 0) { - WriteWarning("No YubiKeys found, FIDO-only YubiKeys requires Administrator permissions in Windows (elevate if needed)"); + WriteWarning("No YubiKeys found, FIDO-only YubiKeys on Windows requires running as Administrator."); if (Serialnumber is not null) { - throw new Exception("No YubiKeys found with the specified serial number"); + throw new Exception("No YubiKey found with the specified serial number."); } } } diff --git a/Module/Cmdlets/Yubikey/GetYubikey.cs b/Module/Cmdlets/Yubikey/GetYubikey.cs index 15f8518..1a52665 100644 --- a/Module/Cmdlets/Yubikey/GetYubikey.cs +++ b/Module/Cmdlets/Yubikey/GetYubikey.cs @@ -11,12 +11,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -32,7 +32,7 @@ protected override void ProcessRecord() } catch (System.InvalidOperationException e) { - WriteWarning("No yubikeys found, Yubikeys with ONLY FIDO interfaces enabled requires Administrator permissions in Windows"); + WriteWarning("No YubiKeys found, FIDO-only YubiKeys on Windows requires running as Administrator."); throw new Exception(e.Message, e); } } diff --git a/Module/Cmdlets/Yubikey/LockYubikey.cs b/Module/Cmdlets/Yubikey/LockYubikey.cs index a7cd973..39a4cfb 100644 --- a/Module/Cmdlets/Yubikey/LockYubikey.cs +++ b/Module/Cmdlets/Yubikey/LockYubikey.cs @@ -13,12 +13,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -37,17 +37,17 @@ protected override void ProcessRecord() { YubiKeyModule._yubikey!.LockConfiguration(LockCode); YubiKeyModule._yubikey = null; - WriteWarning("Please remove and reinsert the YubiKey"); + WriteWarning("Remove and re-insert the YubiKey to set lock code..."); } else { - throw new ArgumentException("Lock code cannot be all zeros"); + throw new ArgumentException("Lock code cannot be all zeros!"); } } } else { - WriteDebug("Yubikey already locked."); + WriteDebug("Yubikey already locked!"); } } diff --git a/Module/Cmdlets/Yubikey/SetYubikey.cs b/Module/Cmdlets/Yubikey/SetYubikey.cs index 68417d6..7a4683a 100644 --- a/Module/Cmdlets/Yubikey/SetYubikey.cs +++ b/Module/Cmdlets/Yubikey/SetYubikey.cs @@ -86,7 +86,7 @@ protected override void ProcessRecord() if ((UsbCapabilities.HasFlag(YubiKeyCapabilities.Otp) || ShouldProcess("powershellYK management", "Disable"))) { YubiKeyModule._yubikey!.SetEnabledUsbCapabilities((YubiKeyCapabilities)UsbCapabilities); - WriteWarning("YubiKey will reboot, diconnecting powershellYK."); + WriteWarning("YubiKey will reboot, diconnecting powershellYK!"); } break; case "Update USB capabilities": @@ -98,13 +98,13 @@ protected override void ProcessRecord() if ((requestedUSBCapabilities.HasFlag(YubiKeyCapabilities.Otp) || ShouldProcess("powershellYK management", "Disable"))) { YubiKeyModule._yubikey!.SetEnabledUsbCapabilities(requestedUSBCapabilities); - WriteWarning("YubiKey will reboot, diconnecting powershellYK."); + WriteWarning("YubiKey will reboot, diconnecting powershellYK!"); } } break; case "Replace NFC capabilities": YubiKeyModule._yubikey!.SetEnabledUsbCapabilities((YubiKeyCapabilities)UsbCapabilities); - WriteWarning("YubiKey will reboot, diconnecting powershellYK."); + WriteWarning("YubiKey will reboot, diconnecting powershellYK!"); break; case "Update NFC capabilities": if (EnableNFCCapabilities != YubiKeyCapabilities.None || DisableNFCCapabilities != YubiKeyCapabilities.None) @@ -113,7 +113,7 @@ protected override void ProcessRecord() requestedNFCCapabilities |= EnableNFCCapabilities; requestedNFCCapabilities &= ~DisableNFCCapabilities; YubiKeyModule._yubikey!.SetEnabledNfcCapabilities(requestedNFCCapabilities); - WriteWarning("YubiKey will reboot, diconnecting powershellYK."); + WriteWarning("YubiKey will reboot, diconnecting powershellYK!"); } break; @@ -129,7 +129,7 @@ protected override void ProcessRecord() // Attempt to set restricted NFC YubiKeyModule._yubikey!.SetIsNfcRestricted(true); - Console.WriteLine("YubiKey NFC now disabled. NFC will be re-enabled automatically the next time the YubiKey is connected to USB power."); + WriteObject("YubiKey NFC now disabled. NFC will be re-enabled automatically the next time the YubiKey is connected to USB power."); } catch (NotSupportedException) { @@ -152,7 +152,7 @@ protected override void ProcessRecord() } else { - throw new Exception("Configuration is locked, See Unlock-Yubikey"); + throw new Exception("Configuration is locked, See Unlock-Yubikey!"); } } diff --git a/Module/Cmdlets/Yubikey/UnlockYubikey.cs b/Module/Cmdlets/Yubikey/UnlockYubikey.cs index 90b8d12..56278d8 100644 --- a/Module/Cmdlets/Yubikey/UnlockYubikey.cs +++ b/Module/Cmdlets/Yubikey/UnlockYubikey.cs @@ -12,12 +12,12 @@ protected override void BeginProcessing() { if (YubiKeyModule._yubikey is null) { - WriteDebug("No YubiKey selected, calling Connect-Yubikey"); + WriteDebug("No YubiKey selected, calling Connect-Yubikey..."); try { var myPowersShellInstance = PowerShell.Create(RunspaceMode.CurrentRunspace).AddCommand("Connect-Yubikey"); myPowersShellInstance.Invoke(); - WriteDebug($"Successfully connected"); + WriteDebug($"Successfully connected."); } catch (Exception e) { @@ -33,7 +33,7 @@ protected override void ProcessRecord() if (YubiKeyModule._yubikey!.FirmwareVersion.Major >= 5) { YubiKeyModule._yubikey!.UnlockConfiguration(LockCode); - WriteWarning("Please remove and reinsert the YubiKey"); + WriteWarning("Remove and re-insert the YubiKey to undo the lock code..."); } } }