diff --git a/Cargo.lock b/Cargo.lock index e7a0d4b..7604487 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -511,7 +511,7 @@ dependencies = [ [[package]] name = "card-cli" -version = "1.11.3" +version = "1.11.4" dependencies = [ "aes-gcm-stream", "authenticator 0.3.1", diff --git a/Cargo.toml b/Cargo.toml index a70aee0..abc7a9d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "card-cli" -version = "1.11.3" +version = "1.11.4" authors = ["Hatter Jiang "] edition = "2018" diff --git a/src/cmd_generatekeypair.rs b/src/cmd_generatekeypair.rs index a16fc1a..c9b9c34 100644 --- a/src/cmd_generatekeypair.rs +++ b/src/cmd_generatekeypair.rs @@ -1,4 +1,4 @@ -use crate::ecdsautil; +use crate::{ecdsautil, hmacutil}; use clap::{App, Arg, ArgMatches, SubCommand}; use rust_util::util_clap::{Command, CommandError}; use rust_util::util_msg; @@ -21,10 +21,16 @@ impl Command for CommandImpl { .takes_value(true) .help("Key type (e.g. p256, p384)"), ) + .arg( + Arg::with_name("with-hmac-encrypt") + .long("with-hmac-encrypt") + .help("With HMAC encrypt"), + ) .arg(Arg::with_name("json").long("json").help("JSON output")) } fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { + let with_hmac_encrypt = sub_arg_matches.is_present("with-hmac-encrypt"); let key_type = sub_arg_matches.value_of("type").unwrap().to_lowercase(); let json_output = sub_arg_matches.is_present("json"); @@ -39,6 +45,14 @@ impl Command for CommandImpl { return simple_error!("Key type must be p256 or p384"); } }; + let (pkcs8_base64, secret_key_pem) = if with_hmac_encrypt { + ( + hmacutil::hmac_encrypt_from_string(&pkcs8_base64)?, + hmacutil::hmac_encrypt_from_string(&secret_key_pem)?, + ) + } else { + (pkcs8_base64, secret_key_pem) + }; if json_output { let mut json = BTreeMap::<&'_ str, String>::new();