hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: v1.4.1

Browse Source
This commit is contained in:
Hatter Jiang
2023-03-14 23:09:55 +08:00
parent 60847e8edf
commit 8a19502400
14 changed files with 37 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.lock generated
View File

@@ -330,7 +330,7 @@ dependencies = [
[[package]] [[package]]
name = "card-cli" name = "card-cli"
version = "1.4.0" version = "1.4.1"
dependencies = [ dependencies = [
"authenticator", "authenticator",
"base64 0.13.1", "base64 0.13.1",

2
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "card-cli" name = "card-cli"
version = "1.4.0" version = "1.4.1"
authors = ["Hatter Jiang <jht5945@gmail.com>"] authors = ["Hatter Jiang <jht5945@gmail.com>"]
edition = "2018" edition = "2018"

3
src/cmd_chall.rs
View File

@@ -3,6 +3,7 @@ use std::ops::Deref;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use yubico_manager::config::{Config, Mode, Slot}; use yubico_manager::config::{Config, Mode, Slot};
use yubico_manager::Yubico; use yubico_manager::Yubico;
@@ -24,7 +25,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let sha1_output = sub_arg_matches.is_present("sha1"); let sha1_output = sub_arg_matches.is_present("sha1");
let sha256_output = sub_arg_matches.is_present("sha256"); let sha256_output = sub_arg_matches.is_present("sha256");

3
src/cmd_list.rs
View File

@@ -2,6 +2,7 @@ use std::collections::BTreeMap;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use yubikey::YubiKey; use yubikey::YubiKey;
pub struct CommandImpl; pub struct CommandImpl;
@@ -16,7 +17,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}"); let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");

3
src/cmd_pgpcarddecrypt.rs
View File

@@ -4,6 +4,7 @@ use clap::{App, Arg, ArgMatches, SubCommand};
use openpgp_card::OpenPgp; use openpgp_card::OpenPgp;
use openpgp_card::crypto_data::Cryptogram; use openpgp_card::crypto_data::Cryptogram;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
pub struct CommandImpl; pub struct CommandImpl;
@@ -21,7 +22,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pin_opt = sub_arg_matches.value_of("pass").or_else(|| sub_arg_matches.value_of("pin")); let pin_opt = sub_arg_matches.value_of("pass").or_else(|| sub_arg_matches.value_of("pin"));
let pin = opt_value_result!(pin_opt, "User pin must be assigned"); let pin = opt_value_result!(pin_opt, "User pin must be assigned");

3
src/cmd_pgpcardlist.rs
View File

@@ -4,6 +4,7 @@ use clap::{App, Arg, ArgMatches, SubCommand};
use openpgp_card::{KeyType, OpenPgp}; use openpgp_card::{KeyType, OpenPgp};
use openpgp_card_pcsc::PcscBackend; use openpgp_card_pcsc::PcscBackend;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use crate::pkiutil::openpgp_card_public_key_pem as public_key_pem; use crate::pkiutil::openpgp_card_public_key_pem as public_key_pem;
@@ -21,7 +22,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let detail_output = sub_arg_matches.is_present("detail"); let detail_output = sub_arg_matches.is_present("detail");
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let mut jsons = vec![]; let mut jsons = vec![];
let cards = opt_result!(PcscBackend::cards(None), "Failed to list OpenPGP cards: {}"); let cards = opt_result!(PcscBackend::cards(None), "Failed to list OpenPGP cards: {}");

4
src/cmd_pgpcardsign.rs
View File

@@ -7,7 +7,7 @@ use digest::Digest;
use openpgp_card::crypto_data::Hash; use openpgp_card::crypto_data::Hash;
use openpgp_card::OpenPgp; use openpgp_card::OpenPgp;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::XResult; use rust_util::{util_msg, XResult};
use sha2::{Sha256, Sha384, Sha512}; use sha2::{Sha256, Sha384, Sha512};
const BUFF_SIZE: usize = 512 * 1024; const BUFF_SIZE: usize = 512 * 1024;
@@ -33,7 +33,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pin_opt = sub_arg_matches.value_of("pass").or_else(|| sub_arg_matches.value_of("pin")); let pin_opt = sub_arg_matches.value_of("pass").or_else(|| sub_arg_matches.value_of("pin"));
let pin = opt_value_result!(pin_opt, "User pin must be assigned"); let pin = opt_value_result!(pin_opt, "User pin must be assigned");

3
src/cmd_pivdecrypt.rs
View File

@@ -2,6 +2,7 @@ use std::collections::BTreeMap;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use yubikey::piv::{AlgorithmId, SlotId}; use yubikey::piv::{AlgorithmId, SlotId};
use yubikey::YubiKey; use yubikey::YubiKey;
@@ -19,7 +20,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pin_opt = sub_arg_matches.value_of("pin"); let pin_opt = sub_arg_matches.value_of("pin");
let pin = opt_value_result!(pin_opt, "User pin must be assigned"); let pin = opt_value_result!(pin_opt, "User pin must be assigned");

7
src/cmd_pivgenerate.rs
View File

@@ -1,6 +1,7 @@
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use yubikey::{PinPolicy, TouchPolicy, YubiKey}; use rust_util::util_msg;
use yubikey::{piv, PinPolicy, TouchPolicy, YubiKey};
use yubikey::piv::{AlgorithmId, SlotId}; use yubikey::piv::{AlgorithmId, SlotId};
pub struct CommandImpl; pub struct CommandImpl;
@@ -16,7 +17,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
warning!("This feature is not works"); warning!("This feature is not works");
let pin = opt_value_result!(sub_arg_matches.value_of("pin"), "User pin must be assigned"); let pin = opt_value_result!(sub_arg_matches.value_of("pin"), "User pin must be assigned");
@@ -24,7 +25,7 @@ impl Command for CommandImpl {
let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}"); let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");
opt_result!(yk.verify_pin(pin.as_bytes()), "YubiKey verify pin failed: {}"); opt_result!(yk.verify_pin(pin.as_bytes()), "YubiKey verify pin failed: {}");
let public_key_info = opt_result!(yubikey::piv::generate(&mut yk,SlotId::Signature, AlgorithmId::Rsa2048, let public_key_info = opt_result!(piv::generate(&mut yk,SlotId::Signature, AlgorithmId::Rsa2048,
PinPolicy::Default, TouchPolicy::Default), "Generate key failed: {}"); PinPolicy::Default, TouchPolicy::Default), "Generate key failed: {}");
success!("Generate key success: {:?}", public_key_info); success!("Generate key success: {:?}", public_key_info);

8
src/cmd_pivsign.rs
View File

@@ -3,9 +3,9 @@ use std::collections::BTreeMap;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg::MessageType; use rust_util::util_msg::MessageType;
use rust_util::XResult; use rust_util::{util_msg, XResult};
use yubikey::piv::{AlgorithmId, SlotId}; use yubikey::piv::{AlgorithmId, SlotId};
use yubikey::YubiKey; use yubikey::{piv, YubiKey};
pub struct CommandImpl; pub struct CommandImpl;
@@ -21,7 +21,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pin_opt = sub_arg_matches.value_of("pin"); let pin_opt = sub_arg_matches.value_of("pin");
let pin = opt_value_result!(pin_opt, "User pin must be assigned"); let pin = opt_value_result!(pin_opt, "User pin must be assigned");
@@ -53,7 +53,7 @@ impl Command for CommandImpl {
debugging!("PKCS1 padding: {}", hex::encode(&hash_padding)); debugging!("PKCS1 padding: {}", hex::encode(&hash_padding));
}); });
let raw_in = crate::digest::copy_rsa2048(&hash_padding).unwrap(); let raw_in = crate::digest::copy_rsa2048(&hash_padding).unwrap();
let sign_result = yubikey::piv::sign_data(&mut yk, &raw_in, AlgorithmId::Rsa2048, SlotId::Signature); let sign_result = piv::sign_data(&mut yk, &raw_in, AlgorithmId::Rsa2048, SlotId::Signature);
let sign = opt_result!(sign_result, "Sign data failed: {}"); let sign = opt_result!(sign_result, "Sign data failed: {}");
let sign_bytes = sign.as_slice(); let sign_bytes = sign.as_slice();

5
src/cmd_rsadecrypt.rs
View File

@@ -6,6 +6,7 @@ use openssl::encrypt::Decrypter;
use openssl::pkey::PKey; use openssl::pkey::PKey;
use openssl::rsa::Rsa; use openssl::rsa::Rsa;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use rust_util::util_msg::MessageType; use rust_util::util_msg::MessageType;
pub struct CommandImpl; pub struct CommandImpl;
@@ -25,7 +26,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pri_key_in = opt_value_result!(sub_arg_matches.value_of("pri-key-in"), "Require private key in"); let pri_key_in = opt_value_result!(sub_arg_matches.value_of("pri-key-in"), "Require private key in");
let pri_key_bytes = opt_result!(std::fs::read(pri_key_in), "Read file: {}, failed: {}", pri_key_in); let pri_key_bytes = opt_result!(std::fs::read(pri_key_in), "Read file: {}, failed: {}", pri_key_in);
@@ -45,7 +46,7 @@ impl Command for CommandImpl {
return simple_error!("Data is required, --data-hex or --data argument!"); return simple_error!("Data is required, --data-hex or --data argument!");
}; };
rust_util::util_msg::when(MessageType::DEBUG, || { util_msg::when(MessageType::DEBUG, || {
let rsa = keypair.rsa().unwrap(); let rsa = keypair.rsa().unwrap();
let n = rsa.n(); let n = rsa.n();
let d = rsa.d(); let d = rsa.d();

6
src/cmd_rsaencrypt.rs
View File

@@ -1,3 +1,4 @@
use std::fs;
use std::collections::BTreeMap; use std::collections::BTreeMap;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
@@ -5,6 +6,7 @@ use openssl::encrypt::Encrypter;
use openssl::pkey::PKey; use openssl::pkey::PKey;
use openssl::rsa::Rsa; use openssl::rsa::Rsa;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use crate::digest::sha256_bytes; use crate::digest::sha256_bytes;
@@ -26,10 +28,10 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let pub_key_in = opt_value_result!(sub_arg_matches.value_of("pub-key-in"), "Require public key in"); let pub_key_in = opt_value_result!(sub_arg_matches.value_of("pub-key-in"), "Require public key in");
let pub_key_bytes = opt_result!(std::fs::read(pub_key_in), "Read file: {}, failed: {}", pub_key_in); let pub_key_bytes = opt_result!(fs::read(pub_key_in), "Read file: {}, failed: {}", pub_key_in);
let padding_opt = sub_arg_matches.value_of("padding"); let padding_opt = sub_arg_matches.value_of("padding");
let padding = crate::rsautil::parse_padding(padding_opt)?; let padding = crate::rsautil::parse_padding(padding_opt)?;

10
src/cmd_rsaverify.rs
View File

@@ -1,3 +1,5 @@
use std::fs;
use std::io;
use std::fs::File; use std::fs::File;
use clap::{App, Arg, ArgMatches, SubCommand}; use clap::{App, Arg, ArgMatches, SubCommand};
@@ -8,7 +10,7 @@ use openssl::rsa::Rsa;
use openssl::sign::Verifier; use openssl::sign::Verifier;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg::MessageType; use rust_util::util_msg::MessageType;
use rust_util::XResult; use rust_util::{util_msg, XResult};
use crate::digest::sha256_bytes; use crate::digest::sha256_bytes;
@@ -34,7 +36,7 @@ impl Command for CommandImpl {
// if json_output { rust_util::util_msg::set_logger_std_out(false); } // if json_output { rust_util::util_msg::set_logger_std_out(false); }
let pub_key_in = opt_value_result!(sub_arg_matches.value_of("pub-key-in"), "Require public key in"); let pub_key_in = opt_value_result!(sub_arg_matches.value_of("pub-key-in"), "Require public key in");
let pub_key_bytes = opt_result!(std::fs::read(pub_key_in), "Read file: {}, failed: {}", pub_key_in); let pub_key_bytes = opt_result!(fs::read(pub_key_in), "Read file: {}, failed: {}", pub_key_in);
// let mut json = BTreeMap::new(); // let mut json = BTreeMap::new();
@@ -49,7 +51,7 @@ impl Command for CommandImpl {
return simple_error!("Signature is required, --signature argument!"); return simple_error!("Signature is required, --signature argument!");
}; };
rust_util::util_msg::when(MessageType::DEBUG, || { util_msg::when(MessageType::DEBUG, || {
let rsa = keypair.rsa().unwrap(); let rsa = keypair.rsa().unwrap();
let n = rsa.n(); let n = rsa.n();
let e = rsa.e(); let e = rsa.e();
@@ -68,7 +70,7 @@ impl Command for CommandImpl {
let digest = get_digest(hash)?; let digest = get_digest(hash)?;
let mut verifier = opt_result!(Verifier::new(digest, &keypair), "Verifier new failed: {}"); let mut verifier = opt_result!(Verifier::new(digest, &keypair), "Verifier new failed: {}");
let mut f = opt_result!(File::open(file_in), "Open file: {}, failed: {}", file_in); let mut f = opt_result!(File::open(file_in), "Open file: {}, failed: {}", file_in);
opt_result!(std::io::copy(&mut f, &mut verifier), "Verifier failed: {}"); opt_result!(io::copy(&mut f, &mut verifier), "Verifier failed: {}");
let result = opt_result!(verifier.verify(&signature), "Verifier verify failed: {}"); let result = opt_result!(verifier.verify(&signature), "Verifier verify failed: {}");
if result { if result {
success!("Verify success"); success!("Verify success");

3
src/cmd_u2fregister.rs
View File

@@ -9,6 +9,7 @@ use openssl::hash::MessageDigest;
use openssl::pkey::PKey; use openssl::pkey::PKey;
use openssl::sign::Verifier; use openssl::sign::Verifier;
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg;
use x509_parser::certificate::X509Certificate; use x509_parser::certificate::X509Certificate;
use x509_parser::prelude::FromDer; use x509_parser::prelude::FromDer;
@@ -32,7 +33,7 @@ impl Command for CommandImpl {
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let json_output = sub_arg_matches.is_present("json"); let json_output = sub_arg_matches.is_present("json");
if json_output { rust_util::util_msg::set_logger_std_out(false); } if json_output { util_msg::set_logger_std_out(false); }
let timeout_ms = match sub_arg_matches.value_of("timeout").unwrap().parse::<u32>() { let timeout_ms = match sub_arg_matches.value_of("timeout").unwrap().parse::<u32>() {
Ok(t) => (t * 1000) as u64, Ok(t) => (t * 1000) as u64,