feat: chall json output

Cargo.lock

@@ -1727,6 +1727,12 @@ dependencies = [
  "opaque-debug 0.3.0",
 ]
 
+[[package]]
+name = "sha1"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2579985fda508104f7587689507983eadd6a6e84dd35d6d115361f530916fa0d"
+
 [[package]]
 name = "sha1collisiondetection"
 version = "0.2.3"
@@ -2191,6 +2197,7 @@ dependencies = [
  "sequoia-openpgp",
  "serde",
  "serde_json",
+ "sha1",
  "sha2",
  "simpledateformat",
  "u2f",

Cargo.toml

@@ -10,6 +10,7 @@ edition = "2018"
 authenticator = "0.3"
 clap = "2.33"
 rust_util = { version = "0.6", features = ["use_clap"] }
+sha1 = "0.6.0"
 sha2 = "0.9"
 rand = "0.8"
 base64 = "0.13"

src/chall.rs

@@ -3,6 +3,7 @@ use clap::{ArgMatches, SubCommand, App, Arg};
 use yubico_manager::Yubico;
 use yubico_manager::config::{Config, Mode, Slot};
 use rust_util::util_clap::{Command, CommandError};
+use std::collections::BTreeMap;
 
 pub struct CommandImpl;
 
@@ -13,10 +14,20 @@ impl Command for CommandImpl {
         SubCommand::with_name(self.name()).about("Yubikey challenge-response hmac")
             .arg(Arg::with_name("challenge").short("c").long("challenge").takes_value(true).help("Challenge"))
             .arg(Arg::with_name("challenge-hex").short("x").long("challenge-hex").takes_value(true).help("Challenge HEX"))
+            .arg(Arg::with_name("sha256").short("2").long("sha256").help("Output SHA256"))
+            .arg(Arg::with_name("sha384").short("3").long("sha384").help("Output SHA256"))
+            .arg(Arg::with_name("sha512").short("5").long("sha512").help("Output SHA256"))
             .arg(Arg::with_name("json").long("json").help("JSON output"))
     }
 
     fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
+        let json_output = sub_arg_matches.is_present("json");
+        if json_output {
+            rust_util::util_msg::set_logger_std_out(false);
+        }
+        let sha256_output = sub_arg_matches.is_present("sha256");
+        let sha384_output = sub_arg_matches.is_present("sha384");
+        let sha512_output = sub_arg_matches.is_present("sha512");
         let challenge_bytes: Vec<u8>;
         if let Some(challenge) = sub_arg_matches.value_of("challenge") {
             challenge_bytes = challenge.as_bytes().to_vec();
@@ -33,6 +44,8 @@ impl Command for CommandImpl {
 
         let mut yubi = Yubico::new();
 
+        let mut json = BTreeMap::<&'_ str, String>::new();
+
         if let Ok(device) = yubi.find_yubikey() {
             success!("Found key, Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id);
 
@@ -49,12 +62,31 @@ impl Command for CommandImpl {
             // Just for debug, lets check the hex
             let v: &[u8] = hmac_result.deref();
             let hex_string = hex::encode(v);
+            let hex_sha256 = iff!(sha256_output, Some(crate::digest::sha256_bytes(v)), None);
+            let hex_sha384 = iff!(sha384_output, Some(crate::digest::sha384_bytes(v)), None);
+            let hex_sha512 = iff!(sha512_output, Some(crate::digest::sha512_bytes(v)), None);
 
-            success!("{}", hex_string);
+            if json_output {
+                json.insert("challenge_hex", hex::encode(challenge_bytes));
+                json.insert("response_hex", hex_string);
+                hex_sha256.map(|hex_sha256| json.insert("response_sha256_hex", hex::encode(hex_sha256)));
+                hex_sha384.map(|hex_sha384| json.insert("response_sha384_hex", hex::encode(hex_sha384)));
+                hex_sha512.map(|hex_sha512| json.insert("response_sha512_hex", hex::encode(hex_sha512)));
+            } else {
+                success!("Challenge HEX: {}", hex::encode(challenge_bytes));
+                success!("Response HEX: {}", hex_string);
+                hex_sha256.map(|hex_sha256| success!("Response SHA256 HEX: {}", hex::encode(hex_sha256)));
+                hex_sha384.map(|hex_sha384| success!("Response SHA384 HEX: {}", hex::encode(hex_sha384)));
+                hex_sha512.map(|hex_sha512| success!("Response SHA512 HEX: {}", hex::encode(hex_sha512)));
+            }
         } else {
             warning!("Yubikey not found");
         }
 
+        if json_output {
+            println!("{}", serde_json::to_string_pretty(&json).unwrap());
+        }
+
         Ok(None)
     }
 }

src/digest.rs

@@ -1,7 +1,38 @@
-use sha2::{Digest, Sha256};
+use sha2::{Digest, Sha256, Sha384, Sha512};
+// use sha1::Sha1;
+
+// pub fn sha1(input: &str) -> Vec<u8> {
+//     let mut challenge = Sha1::default();
+//     challenge.update(input.as_bytes());
+//     challenge.digest().bytes().to_vec()
+// }
 
 pub fn sha256(input: &str) -> Vec<u8> {
     let mut challenge = Sha256::default();
     Digest::update(&mut challenge, input.as_bytes());
     challenge.finalize().to_vec()
+}
+
+// pub fn sha1_bytes(input: &[u8]) -> Vec<u8> {
+//     let mut challenge = Sha1::default();
+//     challenge.update(input);
+//     challenge.digest().bytes().to_vec()
+// }
+
+pub fn sha256_bytes(input: &[u8]) -> Vec<u8> {
+    let mut challenge = Sha256::default();
+    Digest::update(&mut challenge, input);
+    challenge.finalize().to_vec()
+}
+
+pub fn sha384_bytes(input: &[u8]) -> Vec<u8> {
+    let mut challenge = Sha384::default();
+    Digest::update(&mut challenge, input);
+    challenge.finalize().to_vec()
+}
+
+pub fn sha512_bytes(input: &[u8]) -> Vec<u8> {
+    let mut challenge = Sha512::default();
+    Digest::update(&mut challenge, input);
+    challenge.finalize().to_vec()
 }