hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: sign, verify

Browse Source
This commit is contained in:
Hatter Jiang
2021-07-18 11:08:16 +08:00
parent 24449711e9
commit 98ae7641d6
3 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,6 +1,7 @@
test.txt test.txt
enc.txt enc.txt
enc_key.pem enc_key.pem
sign_key.pem
test_key.asc test_key.asc
.idea/ .idea/
# ---> Rust # ---> Rust

15
README.md
View File

@@ -27,7 +27,7 @@ hW53WfImja+b5kwwyqUikyMCAwEAAQ==
encrypt encrypt
``` ```
openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs $ openssl rsautl -encrypt -pubin -inkey enc_key.pem -in test.txt -out enc.txt -pkcs
``` ```
decrypt decrypt
@@ -35,6 +35,19 @@ decrypt
$ cargo r -- pgp-card-decrypt -c $(cat enc.txt | xxd -ps -c 11111) $ cargo r -- pgp-card-decrypt -c $(cat enc.txt | xxd -ps -c 11111)
``` ```
## sign
sign
```
$ cargo r -- pgp-card-sign -2 $(shasum -a 256 test.txt | awk '{print $1}')
```
verify
```
$ openssl dgst -sha256 -verify sign_key.pem -signature sig test.txt
Verified OK
```
Awesome webauthn: Awesome webauthn:
* https://github.com/herrjemand/awesome-webauthn * https://github.com/herrjemand/awesome-webauthn

18
src/pgpcardsign.rs
View File

@@ -39,11 +39,11 @@ impl Command for CommandImpl {
let mut json = BTreeMap::new(); let mut json = BTreeMap::new();
if let Some(sha256) = sha256 { if let Some(sha256) = sha256 {
let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
let sha256_hex = opt_result!(hex::decode(sha256), "Decode sha256 failed: {}"); let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}");
let sha256_hex = copy_sha256(&sha256_hex)?; let sha256_hex = copy_sha256(&sha256_hex)?;
let sig = user.signature_for_hash(Hash::SHA256(sha256_hex))?; let sig = user.signature_for_hash(Hash::SHA256(sha256_hex))?;
success!("SHA256 signature: {}", hex::encode(&sig)); success!("SHA256 signature HEX: {}", hex::encode(&sig));
// success!("SHA256 signature: {}", base64::encode(&sig)); success!("SHA256 signature base64: {}", base64::encode(&sig));
if json_output { if json_output {
let mut entry = BTreeMap::new(); let mut entry = BTreeMap::new();
entry.insert("digest", hex::encode(&sha256_hex)); entry.insert("digest", hex::encode(&sha256_hex));
@@ -53,11 +53,11 @@ impl Command for CommandImpl {
} }
if let Some(sha384) = sha384 { if let Some(sha384) = sha384 {
let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
let sha384_hex = opt_result!(hex::decode(sha384), "Decode sha384 failed: {}"); let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}");
let sha384_hex = copy_sha384(&sha384_hex)?; let sha384_hex = copy_sha384(&sha384_hex)?;
let sig = user.signature_for_hash(Hash::SHA384(sha384_hex))?; let sig = user.signature_for_hash(Hash::SHA384(sha384_hex))?;
success!("SHA384 signature: {}", hex::encode(&sig)); success!("SHA384 signature HEX: {}", hex::encode(&sig));
// success!("SHA384 signature: {}", base64::encode(&sig)); success!("SHA384 signature base64: {}", base64::encode(&sig));
if json_output { if json_output {
let mut entry = BTreeMap::new(); let mut entry = BTreeMap::new();
entry.insert("digest", hex::encode(&sha384_hex)); entry.insert("digest", hex::encode(&sha384_hex));
@@ -67,11 +67,11 @@ impl Command for CommandImpl {
} }
if let Some(sha512) = sha512 { if let Some(sha512) = sha512 {
let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?; let user = crate::pgpcardutil::get_card_user_sw1_81(pass)?;
let sha512_hex = opt_result!(hex::decode(sha512), "Decode sha512 failed: {}"); let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}");
let sha512_hex = copy_sha512(&sha512_hex)?; let sha512_hex = copy_sha512(&sha512_hex)?;
let sig = user.signature_for_hash(Hash::SHA512(sha512_hex))?; let sig = user.signature_for_hash(Hash::SHA512(sha512_hex))?;
success!("SHA512 signature: {}", hex::encode(&sig)); success!("SHA512 signature HEX: {}", hex::encode(&sig));
// success!("SHA512 signature: {}", base64::encode(&sig)); success!("SHA512 signature base64: {}", base64::encode(&sig));
if json_output { if json_output {
let mut entry = BTreeMap::new(); let mut entry = BTreeMap::new();
entry.insert("digest", hex::encode(&sha512_hex)); entry.insert("digest", hex::encode(&sha512_hex));