feat: u2f*
This commit is contained in:
@@ -47,12 +47,11 @@ impl Command for CommandImpl {
|
|||||||
register_tx.send(rv).unwrap();
|
register_tx.send(rv).unwrap();
|
||||||
}));
|
}));
|
||||||
|
|
||||||
information!("Start U2F register...");
|
information!("App id: {}, Start U2F register...", app_id);
|
||||||
information!("App id: {}", app_id);
|
|
||||||
debugging!("Wait timeout: {} ms", timeout_ms);
|
debugging!("Wait timeout: {} ms", timeout_ms);
|
||||||
let mut manager = AuthenticatorService::new()?;
|
let mut manager = opt_result!(AuthenticatorService::new(), "Create authenticator service failed: {}");
|
||||||
manager.add_u2f_usb_hid_platform_transports();
|
manager.add_u2f_usb_hid_platform_transports();
|
||||||
manager.register(
|
if let Err(e) = manager.register(
|
||||||
flags,
|
flags,
|
||||||
timeout_ms,
|
timeout_ms,
|
||||||
chall_bytes,
|
chall_bytes,
|
||||||
@@ -60,33 +59,29 @@ impl Command for CommandImpl {
|
|||||||
vec![],
|
vec![],
|
||||||
status_tx,
|
status_tx,
|
||||||
callback,
|
callback,
|
||||||
)?;
|
) {
|
||||||
|
return simple_error!("Couldn't register: {:?}", e);
|
||||||
|
};
|
||||||
|
|
||||||
let register_result = register_rx.recv()?;
|
let register_result = opt_result!(register_rx.recv()?, "Register U2F failed: {}");
|
||||||
|
|
||||||
let u2f_registration_data = U2fRegistrationData::from(app_id, &u2fv2_challenge_str, register_result?);
|
let u2f_registration_data = opt_result!(
|
||||||
|
U2fRegistrationData::from(app_id, &u2fv2_challenge_str, register_result), "Parse registration data failed: {}");
|
||||||
|
|
||||||
match u2f_registration_data {
|
if json_output {
|
||||||
Ok(data) => {
|
println!("{}", serde_json::to_string_pretty(&u2f_registration_data).unwrap());
|
||||||
if json_output {
|
} else {
|
||||||
println!("{}", serde_json::to_string_pretty(&data).unwrap());
|
success!("Device info: {}", u2f_registration_data.device_info);
|
||||||
} else {
|
success!("Register challenge: {}", u2fv2_challenge_str);
|
||||||
success!("Device info: {}", data.device_info);
|
success!("Register challenge base64: {}", base64::encode(&u2fv2_challenge_str));
|
||||||
success!("Register challenge: {}", u2fv2_challenge_str);
|
if let Some(cert) = u2f_registration_data.attestation_cert_pem {
|
||||||
success!("Register challenge base64: {}", base64::encode(&u2fv2_challenge_str));
|
success!("Attestation certificate: {}", cert);
|
||||||
if let Some(cert) = data.attestation_cert_pem {
|
|
||||||
success!("Certificate: {}", cert);
|
|
||||||
}
|
|
||||||
if let Some(device_name) = data.device_name {
|
|
||||||
success!("Device name: {}", device_name);
|
|
||||||
}
|
|
||||||
success!("Public key: {}", data.pub_key);
|
|
||||||
success!("Key handle: {}", data.key_handle);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
Err(e) => {
|
if let Some(device_name) = u2f_registration_data.device_name {
|
||||||
return simple_error!("Parse registration data failed: {}", e);
|
success!("Device name: {}", device_name);
|
||||||
}
|
}
|
||||||
|
success!("Public key: {}", u2f_registration_data.pub_key);
|
||||||
|
success!("Key handle: {}", u2f_registration_data.key_handle);
|
||||||
}
|
}
|
||||||
Ok(None)
|
Ok(None)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,6 +18,7 @@ impl Command for CommandImpl {
|
|||||||
SubCommand::with_name(self.name()).about("FIDO U2F Sign subcommand")
|
SubCommand::with_name(self.name()).about("FIDO U2F Sign subcommand")
|
||||||
.arg(Arg::with_name("app-id").short("a").long("app-id").default_value("https://example.com").help("App id"))
|
.arg(Arg::with_name("app-id").short("a").long("app-id").default_value("https://example.com").help("App id"))
|
||||||
.arg(Arg::with_name("timeout").short("t").long("timeout").default_value("10").help("Timeout in seconds"))
|
.arg(Arg::with_name("timeout").short("t").long("timeout").default_value("10").help("Timeout in seconds"))
|
||||||
|
.arg(Arg::with_name("public-key-hex").long("public-key-hex").takes_value(true).help("Public key hex"))
|
||||||
.arg(Arg::with_name("key-handle").short("k").long("key-handle").takes_value(true).multiple(true).help("Key handle"))
|
.arg(Arg::with_name("key-handle").short("k").long("key-handle").takes_value(true).multiple(true).help("Key handle"))
|
||||||
}
|
}
|
||||||
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
|
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
|
||||||
@@ -57,10 +58,9 @@ impl Command for CommandImpl {
|
|||||||
|
|
||||||
let status_tx = fido::start_status_updater();
|
let status_tx = fido::start_status_updater();
|
||||||
|
|
||||||
information!("Start sign...");
|
information!("App id: {}, Start sign...", app_id);
|
||||||
information!("App id: {}", app_id);
|
debugging!("Wait timeout: {} ms", timeout_ms);
|
||||||
let mut manager = opt_result!(
|
let mut manager = opt_result!(AuthenticatorService::new(), "Create authenticator service failed: {}");
|
||||||
AuthenticatorService::new(), "Create authenticator service failed: {}");
|
|
||||||
manager.add_u2f_usb_hid_platform_transports();
|
manager.add_u2f_usb_hid_platform_transports();
|
||||||
if let Err(e) = manager.sign(
|
if let Err(e) = manager.sign(
|
||||||
flags,
|
flags,
|
||||||
@@ -71,13 +71,11 @@ impl Command for CommandImpl {
|
|||||||
status_tx,
|
status_tx,
|
||||||
callback,
|
callback,
|
||||||
) {
|
) {
|
||||||
return simple_error!("Couldn't register: {:?}", e);
|
return simple_error!("Couldn't sign: {:?}", e);
|
||||||
}
|
}
|
||||||
|
|
||||||
let sign_result = opt_result!(sign_rx.recv(),
|
let sign_result = opt_result!(sign_rx.recv(), "Problem receiving, unable to continue: {}");
|
||||||
"Problem receiving, unable to continue: {}");
|
let (_, handle_used, sign_data, device_info) = opt_result!(sign_result, "Sign failed: {}");
|
||||||
let (_, handle_used, sign_data, device_info) =
|
|
||||||
opt_result!(sign_result, "Sign failed: {}");
|
|
||||||
|
|
||||||
success!("Device info: {}", &device_info);
|
success!("Device info: {}", &device_info);
|
||||||
success!("Sign challenge: {}", u2fv2_challenge_str);
|
success!("Sign challenge: {}", u2fv2_challenge_str);
|
||||||
@@ -86,7 +84,19 @@ impl Command for CommandImpl {
|
|||||||
success!("Key handle used: {}", base64::encode(&handle_used));
|
success!("Key handle used: {}", base64::encode(&handle_used));
|
||||||
success!("Key handle used: {}", hex::encode(&handle_used));
|
success!("Key handle used: {}", hex::encode(&handle_used));
|
||||||
|
|
||||||
// u2f::authorization::parse_sign_response(app_id.to_string(), u2fv2_challenge_str.as_bytes().to_vec(), )
|
if let Some(public_key_hex) = sub_arg_matches.value_of("public-key-hex") {
|
||||||
|
let public_key = opt_result!(hex::decode(public_key_hex), "Parse public key hex failed: {}");
|
||||||
|
let authorization = u2f::authorization::parse_sign_response(
|
||||||
|
app_id.to_string(),
|
||||||
|
u2fv2_challenge_str.as_bytes().to_vec(),
|
||||||
|
public_key,
|
||||||
|
sign_data,
|
||||||
|
);
|
||||||
|
match authorization {
|
||||||
|
Ok(authorization) => success!("Parse authorization success, counter: {}", authorization.counter),
|
||||||
|
Err(e) => failure!("Parse authorization failed: {}", e),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Ok(None)
|
Ok(None)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user