feat: v1.13.13

2025-06-09 22:42:12 +08:00
parent a698a852fd
commit 0bc671be7b
3 changed files with 33 additions and 33 deletions
--- a/src/cmd_ssh_agent.rs
+++ b/src/cmd_ssh_agent.rs
@@ -1,9 +1,8 @@
 use std::fs::remove_file;
 use std::path::PathBuf;

-use crate::ecdsautil::{
-    generate_ecdsa_keypair, parse_ec_public_key_to_point, parse_ecdsa_r_and_s, EcdsaAlgorithm,
-};
+use crate::cmdutil;
+use crate::ecdsautil::{parse_ec_public_key_to_point, parse_ecdsa_r_and_s};
 use crate::util::base64_encode;
 use clap::{App, Arg, ArgMatches, SubCommand};
 use rsa::RsaPublicKey;
@@ -23,16 +22,15 @@ use tokio::net::UnixListener as Listener;

 #[derive(Default, Clone)]
 struct MySshAgent {
-    private_key_pem: String,
+    parameter: String,
    comment: String,
 }

 impl MySshAgent {
-    fn new() -> XResult<Self> {
-        let (_, private_key_pem, _, _, _) = generate_ecdsa_keypair(EcdsaAlgorithm::P256)?;
+    fn new(parameter: &str) -> XResult<Self> {
        Ok(MySshAgent {
-            private_key_pem,
-            comment: "test".to_string(),
+            parameter: parameter.to_string(),
+            comment: parameter.to_string(),
        })
    }
 }
@@ -41,16 +39,12 @@ impl MySshAgent {
 impl Session for MySshAgent {
    async fn request_identities(&mut self) -> Result<Vec<Identity>, AgentError> {
        information!("request_identities");
-        // let p256_private_key_d = ecdsautil::parse_p256_private_key(&self.private_key_pem).unwrap();
-        let public_key_point = hex::decode(
-            "04\
-f17326c188b9d0cffeddd8ff935f24f2074bbef128ac5b04b9cac05de967df5dbfd065698dce3b8c1f451bb9a1593ace\
-13360bbc49c51f5213777fd873932efa44763bfcc1c764b122a8a8977bcb3e0ad099d652e63db1c5a1bda02120a16dc5",
-        )
-        .unwrap();
-        let identity = Identity {
-            pubkey: KeyData::Ecdsa(EcdsaPublicKey::from_sec1_bytes(&public_key_point).unwrap()),
-            comment: "test".to_string(),
+        let identity = match get_identity(&self.parameter, &self.comment) {
+            Ok(identity) => identity,
+            Err(e) => {
+                failure!("Get identity failed: {}", e);
+                return Err(AgentError::Failure);
+            }
        };
        let mut writer = vec![];
        identity.pubkey.encode(&mut writer).unwrap();
@@ -96,7 +90,7 @@ f17326c188b9d0cffeddd8ff935f24f2074bbef128ac5b04b9cac05de967df5dbfd065698dce3b8c

        let signature = external_command_rs::external_sign(
            "card-cli",
-            "key://yubikey4-5010220:piv/p384::authentication",
+            self.parameter.as_str(),
            "ES384",
            &request.data,
        )
@@ -123,20 +117,24 @@ f17326c188b9d0cffeddd8ff935f24f2074bbef128ac5b04b9cac05de967df5dbfd065698dce3b8c
    }
 }

-fn get_identity(uri: &str) -> XResult<Identity> {
+fn get_identity(uri: &str, comment: &str) -> XResult<Identity> {
    let public_key_bytes = external_command_rs::external_public_key("card-cli", uri)?;

-    let ec_point = parse_ec_public_key_to_point(&public_key_bytes).unwrap(); // TODO ...
-    let identity = Identity {
-        pubkey: KeyData::Ecdsa(EcdsaPublicKey::from_sec1_bytes(&ec_point).unwrap()),
-        comment: "test".to_string(),
-    };
+    if let Ok(ec_point) = parse_ec_public_key_to_point(&public_key_bytes) {
+        let identity = Identity {
+            pubkey: KeyData::Ecdsa(EcdsaPublicKey::from_sec1_bytes(&ec_point).unwrap()),
+            comment: comment.to_string(),
+        };
+        return Ok(identity);
+    }

-    let rsa_public_key = RsaPublicKey::from_public_key_der(&public_key_bytes).unwrap();
-    let identity = Identity {
-        pubkey: KeyData::Rsa(ssh_key::public::RsaPublicKey::try_from(&rsa_public_key).unwrap()),
-        comment: "test".to_string(),
-    };
+    if let Ok(rsa_public_key) = RsaPublicKey::from_public_key_der(&public_key_bytes) {
+        let identity = Identity {
+            pubkey: KeyData::Rsa(ssh_key::public::RsaPublicKey::try_from(&rsa_public_key).unwrap()),
+            comment: comment.to_string(),
+        };
+        return Ok(identity);
+    }

    simple_error!("Unknown uri algorithm: {}", uri)
 }
@@ -157,6 +155,7 @@ impl Command for CommandImpl {
                    .default_value("connect.ssh")
                    .help("Sock file, usage SSH_AUTH_SOCK=sock-file ssh ..."),
            )
+            .arg(cmdutil::build_parameter_arg())
    }

    fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
@@ -164,6 +163,7 @@ impl Command for CommandImpl {

        debugging!("Sub args: {:?}", sub_arg_matches);

+        let parameter = sub_arg_matches.value_of("parameter").unwrap();
        let sock_file = sub_arg_matches.value_of("sock-file").unwrap();
        information!("Sock file: {}", sock_file);

@@ -192,7 +192,7 @@ impl Command for CommandImpl {
        rt.block_on(async move {
            listen(
                Listener::bind(sock_file).unwrap(),
-                MySshAgent::new().unwrap(),
+                MySshAgent::new(parameter).unwrap(),
            )
            .await
            .unwrap();