feat: sign, verify

.gitignore

@@ -1,6 +1,7 @@
 test.txt
 enc.txt
 enc_key.pem
+sign_key.pem
 test_key.asc
 .idea/
 # ---> Rust

README.md

@@ -27,7 +27,7 @@ hW53WfImja+b5kwwyqUikyMCAwEAAQ==
 
 encrypt
 ```
-openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs
+$ openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs
 ```
 
 decrypt
@@ -35,6 +35,19 @@ decrypt
 $ cargo r -- pgp-card-decrypt -c $(cat enc.txt | xxd -ps -c 11111)
 ```
 
+## sign
+
+sign
+```
+$ cargo r -- pgp-card-sign -2 $(shasum -a 256 test.txt  | awk '{print $1}')
+```
+
+verify
+```
+$ openssl dgst -sha256 -verify sign_key.pem -signature sig test.txt 
+Verified OK
+```
+
 
 Awesome webauthn:
 * https://github.com/herrjemand/awesome-webauthn

src/pgpcardsign.rs

@@ -39,11 +39,11 @@ impl Command for CommandImpl {
         let mut json = BTreeMap::new();
         if let Some(sha256) = sha256 {
             let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
-            let sha256_hex = opt_result!(hex::decode(sha256), "Decode sha256 failed: {}");
+            let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}");
             let sha256_hex = copy_sha256(&sha256_hex)?;
             let sig = user.signature_for_hash(Hash::SHA256(sha256_hex))?;
-            success!("SHA256 signature: {}", hex::encode(&sig));
-            // success!("SHA256 signature: {}", base64::encode(&sig));
+            success!("SHA256 signature HEX: {}", hex::encode(&sig));
+            success!("SHA256 signature base64: {}", base64::encode(&sig));
             if json_output {
                 let mut entry = BTreeMap::new();
                 entry.insert("digest", hex::encode(&sha256_hex));
@@ -53,11 +53,11 @@ impl Command for CommandImpl {
         }
         if let Some(sha384) = sha384 {
             let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
-            let sha384_hex = opt_result!(hex::decode(sha384), "Decode sha384 failed: {}");
+            let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}");
             let sha384_hex = copy_sha384(&sha384_hex)?;
             let sig = user.signature_for_hash(Hash::SHA384(sha384_hex))?;
-            success!("SHA384 signature: {}", hex::encode(&sig));
-            // success!("SHA384 signature: {}", base64::encode(&sig));
+            success!("SHA384 signature HEX: {}", hex::encode(&sig));
+            success!("SHA384 signature base64: {}", base64::encode(&sig));
             if json_output {
                 let mut entry = BTreeMap::new();
                 entry.insert("digest", hex::encode(&sha384_hex));
@@ -67,11 +67,11 @@ impl Command for CommandImpl {
         }
         if let Some(sha512) = sha512 {
             let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
-            let sha512_hex = opt_result!(hex::decode(sha512), "Decode sha512 failed: {}");
+            let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}");
             let sha512_hex = copy_sha512(&sha512_hex)?;
             let sig = user.signature_for_hash(Hash::SHA512(sha512_hex))?;
-            success!("SHA512 signature: {}", hex::encode(&sig));
-            // success!("SHA512 signature: {}", base64::encode(&sig));
+            success!("SHA512 signature HEX: {}", hex::encode(&sig));
+            success!("SHA512 signature base64: {}", base64::encode(&sig));
             if json_output {
                 let mut entry = BTreeMap::new();
                 entry.insert("digest", hex::encode(&sha512_hex));