hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: v1.8.2, piv verify works for rsa

Browse Source
This commit is contained in:
Hatter Jiang
2023-11-19 18:02:40 +08:00
parent 753e1b0c38
commit 030ccd6cfb
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.lock generated
View File

@@ -332,7 +332,7 @@ dependencies = [
[[package]] [[package]]
name = "card-cli" name = "card-cli"
version = "1.8.1" version = "1.8.2"
dependencies = [ dependencies = [
"authenticator", "authenticator",
"base64 0.21.5", "base64 0.21.5",

2
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "card-cli" name = "card-cli"
version = "1.8.1" version = "1.8.2"
authors = ["Hatter Jiang <jht5945@gmail.com>"] authors = ["Hatter Jiang <jht5945@gmail.com>"]
edition = "2018" edition = "2018"

17
src/cmd_pivverify.rs
View File

@@ -1,6 +1,7 @@
use std::collections::BTreeMap; use std::collections::BTreeMap;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use openssl::rsa::{Padding, Rsa};
use rust_util::{util_msg, XResult}; use rust_util::{util_msg, XResult};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use yubikey::{Key, YubiKey}; use yubikey::{Key, YubiKey};
@@ -78,9 +79,21 @@ impl Command for CommandImpl {
} }
AlgorithmId::Rsa1024 | AlgorithmId::Rsa2048 => { AlgorithmId::Rsa1024 | AlgorithmId::Rsa2048 => {
let pk_rsa = public_key_bit_string.raw_bytes(); let pk_rsa = public_key_bit_string.raw_bytes();
// TODO ...
let keypair = opt_result!(Rsa::public_key_from_der_pkcs1(&pk_rsa), "Parse RSA failed: {}");
// let pub_key_der = opt_result!(keypair.public_key_to_der(), "RSA public key to der failed: {}");
// let pub_key_fingerprint = hex::encode(sha256_bytes(&pub_key_der));
let mut dmesg = vec![0; ((keypair.n().num_bits() + 7) / 8) as usize];
let len = opt_result!(keypair.public_decrypt(&signature, &mut dmesg, Padding::NONE), "RSA public key calc failed: {}");
debugging!("RSA public key pem: {}", hex::encode(pk_rsa)); debugging!("RSA public key pem: {}", hex::encode(pk_rsa));
failure!("Current NOT supported."); debugging!("Public key calc: {}, len: {}", hex::encode(&dmesg), len);
// TODO SHOULD IMPROVE VERIFICATION METHOD IN THE FUTURE
if hex::encode(dmesg).ends_with(&hex::encode(&hash_bytes)) {
success!("Verify RSA Sign succeed.");
} else {
failure!("Verify RSA Sign failed.");
}
} }
} }
} }