diff --git a/src/cmd_se_ecdh.rs b/src/cmd_se_ecdh.rs index cd29185..d17c523 100644 --- a/src/cmd_se_ecdh.rs +++ b/src/cmd_se_ecdh.rs @@ -17,13 +17,7 @@ impl Command for CommandImpl { fn subcommand<'a>(&self) -> App<'a, 'a> { SubCommand::with_name(self.name()) .about("Secure Enclave ECDH subcommand") - .arg( - Arg::with_name("key") - .long("key") - .required(true) - .takes_value(true) - .help("Key uri"), - ) + .arg(cmdutil::build_key_uri_arg()) .arg( Arg::with_name("epk") .long("epk") diff --git a/src/cmd_se_ecsign.rs b/src/cmd_se_ecsign.rs index 269b241..ea83eff 100644 --- a/src/cmd_se_ecsign.rs +++ b/src/cmd_se_ecsign.rs @@ -15,13 +15,7 @@ impl Command for CommandImpl { fn subcommand<'a>(&self) -> App<'a, 'a> { SubCommand::with_name(self.name()) .about("Secure Enclave EC sign subcommand") - .arg( - Arg::with_name("key") - .long("key") - .required(true) - .takes_value(true) - .help("Key uri"), - ) + .arg(cmdutil::build_key_uri_arg()) .arg( Arg::with_name("input") .short("i") diff --git a/src/cmd_se_recover.rs b/src/cmd_se_recover.rs index 550d8f4..0dafeb3 100644 --- a/src/cmd_se_recover.rs +++ b/src/cmd_se_recover.rs @@ -1,7 +1,7 @@ use crate::cmd_se_generate::print_se_key; use crate::keyutil::{parse_key_uri, KeyUsage}; -use crate::{cmdutil, seutil}; -use clap::{App, Arg, ArgMatches, SubCommand}; +use crate::{cmd_hmac_decrypt, cmdutil, seutil}; +use clap::{App, ArgMatches, SubCommand}; use rust_util::util_clap::{Command, CommandError}; pub struct CommandImpl; @@ -14,13 +14,7 @@ impl Command for CommandImpl { fn subcommand<'a>(&self) -> App<'a, 'a> { SubCommand::with_name(self.name()) .about("Secure Enclave recover subcommand") - .arg( - Arg::with_name("key") - .long("key") - .required(true) - .takes_value(true) - .help("Key uri"), - ) + .arg(cmdutil::build_key_uri_arg()) .arg(cmdutil::build_json_arg()) } @@ -29,7 +23,8 @@ impl Command for CommandImpl { seutil::check_se_supported()?; let key = sub_arg_matches.value_of("key").unwrap(); - let key_uri = parse_key_uri(key)?; + let key = cmd_hmac_decrypt::try_hmac_decrypt(key)?; + let key_uri = parse_key_uri(&key)?; let se_key_uri = key_uri.as_secure_enclave_key()?; debugging!("Secure enclave key URI: {:?}", se_key_uri); @@ -39,7 +34,7 @@ impl Command for CommandImpl { se_key_uri.usage == KeyUsage::Singing, )?; - print_se_key(json_output, &public_key_point, &public_key_der, key); + print_se_key(json_output, &public_key_point, &public_key_der, &key); Ok(None) } diff --git a/src/cmd_sign_jwt_se.rs b/src/cmd_sign_jwt_se.rs index 8f6aed1..074bf6f 100644 --- a/src/cmd_sign_jwt_se.rs +++ b/src/cmd_sign_jwt_se.rs @@ -1,4 +1,4 @@ -use clap::{App, Arg, ArgMatches, SubCommand}; +use clap::{App, ArgMatches, SubCommand}; use jwt::{AlgorithmType, Header, ToBase64}; use rust_util::util_clap::{Command, CommandError}; @@ -22,7 +22,7 @@ impl Command for CommandImpl { fn subcommand<'a>(&self) -> App<'a, 'a> { let app = SubCommand::with_name(self.name()).about("Sign JWT subcommand") - .arg(Arg::with_name("key").long("key").required(true).takes_value(true).help("Key uri")) + .arg(cmdutil::build_key_uri_arg()) .arg(cmdutil::build_json_arg()); cmd_sign_jwt::fill_sign_jwt_app_args(app) } diff --git a/src/cmdutil.rs b/src/cmdutil.rs index 3e32c3c..988622f 100644 --- a/src/cmdutil.rs +++ b/src/cmdutil.rs @@ -29,6 +29,9 @@ pub fn build_serial_arg() -> Arg<'static, 'static> { Arg::with_name("serial").long("serial").takes_value(true).help("Serial number") } +pub fn build_key_uri_arg() -> Arg<'static, 'static> { + Arg::with_name("key").long("key").required(true).takes_value(true).help("Key uri") +} pub fn build_pin_arg() -> Arg<'static, 'static> { Arg::with_name("pin").short("p").long("pin").takes_value(true).help("PIV card user PIN")