From 98ae7641d65cee13bee8676917c5defe3f18b50f Mon Sep 17 00:00:00 2001 From: Hatter Jiang Date: Sun, 18 Jul 2021 11:08:16 +0800 Subject: [PATCH] feat: sign, verify --- .gitignore | 1 + README.md | 15 ++++++++++++++- src/pgpcardsign.rs | 18 +++++++++--------- 3 files changed, 24 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index bd2996b..45ae1a8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ test.txt enc.txt enc_key.pem +sign_key.pem test_key.asc .idea/ # ---> Rust diff --git a/README.md b/README.md index 769bb2f..3e89113 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ hW53WfImja+b5kwwyqUikyMCAwEAAQ== encrypt ``` -openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs +$ openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs ``` decrypt @@ -35,6 +35,19 @@ decrypt $ cargo r -- pgp-card-decrypt -c $(cat enc.txt | xxd -ps -c 11111) ``` +## sign + +sign +``` +$ cargo r -- pgp-card-sign -2 $(shasum -a 256 test.txt | awk '{print $1}') +``` + +verify +``` +$ openssl dgst -sha256 -verify sign_key.pem -signature sig test.txt +Verified OK +``` + Awesome webauthn: * https://github.com/herrjemand/awesome-webauthn diff --git a/src/pgpcardsign.rs b/src/pgpcardsign.rs index 261e742..3f2917f 100644 --- a/src/pgpcardsign.rs +++ b/src/pgpcardsign.rs @@ -39,11 +39,11 @@ impl Command for CommandImpl { let mut json = BTreeMap::new(); if let Some(sha256) = sha256 { let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; - let sha256_hex = opt_result!(hex::decode(sha256), "Decode sha256 failed: {}"); + let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}"); let sha256_hex = copy_sha256(&sha256_hex)?; let sig = user.signature_for_hash(Hash::SHA256(sha256_hex))?; - success!("SHA256 signature: {}", hex::encode(&sig)); - // success!("SHA256 signature: {}", base64::encode(&sig)); + success!("SHA256 signature HEX: {}", hex::encode(&sig)); + success!("SHA256 signature base64: {}", base64::encode(&sig)); if json_output { let mut entry = BTreeMap::new(); entry.insert("digest", hex::encode(&sha256_hex)); @@ -53,11 +53,11 @@ impl Command for CommandImpl { } if let Some(sha384) = sha384 { let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; - let sha384_hex = opt_result!(hex::decode(sha384), "Decode sha384 failed: {}"); + let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}"); let sha384_hex = copy_sha384(&sha384_hex)?; let sig = user.signature_for_hash(Hash::SHA384(sha384_hex))?; - success!("SHA384 signature: {}", hex::encode(&sig)); - // success!("SHA384 signature: {}", base64::encode(&sig)); + success!("SHA384 signature HEX: {}", hex::encode(&sig)); + success!("SHA384 signature base64: {}", base64::encode(&sig)); if json_output { let mut entry = BTreeMap::new(); entry.insert("digest", hex::encode(&sha384_hex)); @@ -67,11 +67,11 @@ impl Command for CommandImpl { } if let Some(sha512) = sha512 { let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; - let sha512_hex = opt_result!(hex::decode(sha512), "Decode sha512 failed: {}"); + let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}"); let sha512_hex = copy_sha512(&sha512_hex)?; let sig = user.signature_for_hash(Hash::SHA512(sha512_hex))?; - success!("SHA512 signature: {}", hex::encode(&sig)); - // success!("SHA512 signature: {}", base64::encode(&sig)); + success!("SHA512 signature HEX: {}", hex::encode(&sig)); + success!("SHA512 signature base64: {}", base64::encode(&sig)); if json_output { let mut entry = BTreeMap::new(); entry.insert("digest", hex::encode(&sha512_hex));