hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: 1.11.5

Browse Source
This commit is contained in:
Hatter Jiang
2025-03-26 07:35:38 +08:00
parent 3848b65ff1
commit 1582f76cae
4 changed files with 288 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

510
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

6
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "card-cli" name = "card-cli"
version = "1.11.4" version = "1.11.5"
authors = ["Hatter Jiang <jht5945@gmail.com>"] authors = ["Hatter Jiang <jht5945@gmail.com>"]
edition = "2018" edition = "2018"
@@ -38,8 +38,8 @@ yubico_manager = "0.9"
x509 = "0.2" x509 = "0.2"
x509-parser = { version = "0.15", features = ["verify"] } x509-parser = { version = "0.15", features = ["verify"] }
ssh-agent = { version = "0.2", features = ["agent"] } ssh-agent = { version = "0.2", features = ["agent"] }
p256 = { version = "0.13", features = ["pem", "ecdh", "ecdsa"] } p256 = { version = "0.13", features = ["pem", "ecdh", "ecdsa", "jwk"] }
p384 = { version = "0.13", features = ["pem", "ecdh", "ecdsa"] } p384 = { version = "0.13", features = ["pem", "ecdh", "ecdsa", "jwk"] }
spki = { version = "0.7", features = ["pem"] } spki = { version = "0.7", features = ["pem"] }
tabled = "0.14" tabled = "0.14"
env_logger = "0.10" env_logger = "0.10"

4
src/cmd_generatekeypair.rs
View File

@@ -38,7 +38,7 @@ impl Command for CommandImpl {
util_msg::set_logger_std_out(false); util_msg::set_logger_std_out(false);
} }
let (pkcs8_base64, secret_key_pem, public_key_pem) = match key_type.as_str() { let (pkcs8_base64, secret_key_pem, public_key_pem, jwk_ec_key) = match key_type.as_str() {
"p256" => ecdsautil::generate_p256_keypair()?, "p256" => ecdsautil::generate_p256_keypair()?,
"p384" => ecdsautil::generate_p384_keypair()?, "p384" => ecdsautil::generate_p384_keypair()?,
_ => { _ => {
@@ -59,12 +59,14 @@ impl Command for CommandImpl {
json.insert("private_key_base64", pkcs8_base64); json.insert("private_key_base64", pkcs8_base64);
json.insert("private_key_pem", secret_key_pem); json.insert("private_key_pem", secret_key_pem);
json.insert("public_key_pem", public_key_pem); json.insert("public_key_pem", public_key_pem);
json.insert("public_key_jwk", jwk_ec_key.to_string());
println!("{}", serde_json::to_string_pretty(&json).unwrap()); println!("{}", serde_json::to_string_pretty(&json).unwrap());
} else { } else {
information!("Private key base64:\n{}\n", pkcs8_base64); information!("Private key base64:\n{}\n", pkcs8_base64);
information!("Private key PEM:\n{}\n", secret_key_pem); information!("Private key PEM:\n{}\n", secret_key_pem);
information!("Public key PEM:\n{}", public_key_pem); information!("Public key PEM:\n{}", public_key_pem);
information!("Public key JWK:\n{}", jwk_ec_key.to_string());
} }
Ok(None) Ok(None)

11
src/ecdsautil.rs
View File

@@ -3,6 +3,7 @@ use ecdsa::elliptic_curve::pkcs8::LineEnding;
use ecdsa::VerifyingKey; use ecdsa::VerifyingKey;
use p256::NistP256; use p256::NistP256;
use p256::ecdsa::signature::hazmat::PrehashVerifier; use p256::ecdsa::signature::hazmat::PrehashVerifier;
use p256::elliptic_curve::JwkEcKey;
use p384::NistP384; use p384::NistP384;
use p256::pkcs8::EncodePrivateKey; use p256::pkcs8::EncodePrivateKey;
use rust_util::XResult; use rust_util::XResult;
@@ -55,20 +56,22 @@ pub fn parse_ecdsa_r_and_s(signature_der: &[u8]) -> XResult<(Vec<u8>, Vec<u8>)>
Ok((vec_r, vec_s)) Ok((vec_r, vec_s))
} }
pub fn generate_p256_keypair() -> XResult<(String, String, String)> { pub fn generate_p256_keypair() -> XResult<(String, String, String, JwkEcKey)> {
let secret_key = p256::SecretKey::random(&mut rand::thread_rng()); let secret_key = p256::SecretKey::random(&mut rand::thread_rng());
let secret_key_der_base64 = base64_encode(secret_key.to_pkcs8_der()?.as_bytes()); let secret_key_der_base64 = base64_encode(secret_key.to_pkcs8_der()?.as_bytes());
let secret_key_pem = secret_key.to_pkcs8_pem(LineEnding::LF)?.to_string(); let secret_key_pem = secret_key.to_pkcs8_pem(LineEnding::LF)?.to_string();
let public_key_pem = secret_key.public_key().to_public_key_pem(LineEnding::LF)?; let public_key_pem = secret_key.public_key().to_public_key_pem(LineEnding::LF)?;
Ok((secret_key_der_base64, secret_key_pem, public_key_pem)) let jwk_ec_key = secret_key.public_key().to_jwk();
Ok((secret_key_der_base64, secret_key_pem, public_key_pem, jwk_ec_key))
} }
pub fn generate_p384_keypair() -> XResult<(String, String, String)> { pub fn generate_p384_keypair() -> XResult<(String, String, String, JwkEcKey)> {
let secret_key = p384::SecretKey::random(&mut rand::thread_rng()); let secret_key = p384::SecretKey::random(&mut rand::thread_rng());
let secret_key_der_base64 = base64_encode(secret_key.to_pkcs8_der()?.as_bytes()); let secret_key_der_base64 = base64_encode(secret_key.to_pkcs8_der()?.as_bytes());
let secret_key_pem = secret_key.to_pkcs8_pem(LineEnding::LF)?.to_string(); let secret_key_pem = secret_key.to_pkcs8_pem(LineEnding::LF)?.to_string();
let public_key_pem = secret_key.public_key().to_public_key_pem(LineEnding::LF)?; let public_key_pem = secret_key.public_key().to_public_key_pem(LineEnding::LF)?;
Ok((secret_key_der_base64, secret_key_pem, public_key_pem)) let jwk_ec_key = secret_key.public_key().to_jwk();
Ok((secret_key_der_base64, secret_key_pem, public_key_pem, jwk_ec_key))
} }
macro_rules! parse_ecdsa_private_key { macro_rules! parse_ecdsa_private_key {