hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: bse64

Browse Source
This commit is contained in:
Hatter Jiang
2025-03-29 16:31:08 +08:00
parent e9388eb164
commit bb02c7c823
4 changed files with 18 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/seutil.rs
View File

@@ -1,11 +1,13 @@
use base64::engine::general_purpose::STANDARD;
use base64::Engine;
use rust_util::XResult;
use se_tool::KeyPurpose;
use swift_secure_enclave_tool_rs as se_tool;
use crate::util::{base64_decode, base64_encode};
pub fn is_support_se() -> bool {
se_tool::is_secure_enclave_supported().unwrap_or(false)
se_tool::is_secure_enclave_supported().unwrap_or_else(|e| {
failure!("Invoke command swift-secure-enclave-tool failed: {}", e);
false
})
}
pub fn generate_secure_enclave_p256_keypair(
@@ -20,7 +22,7 @@ pub fn generate_secure_enclave_p256_keypair(
Ok((
key_material.public_key_point,
key_material.public_key_der,
STANDARD.encode(&key_material.private_key_representation),
base64_encode(&key_material.private_key_representation),
))
}
@@ -28,7 +30,7 @@ pub fn recover_secure_enclave_p256_public_key(
private_key: &str,
sign: bool,
) -> XResult<(Vec<u8>, Vec<u8>, String)> {
let private_key_representation = STANDARD.decode(private_key)?;
let private_key_representation = base64_decode(private_key)?;
let key_material = if sign {
se_tool::recover_keypair(KeyPurpose::Signing, &private_key_representation)
} else {
@@ -37,7 +39,7 @@ pub fn recover_secure_enclave_p256_public_key(
Ok((
key_material.public_key_point,
key_material.public_key_der,
STANDARD.encode(&key_material.private_key_representation),
base64_encode(&key_material.private_key_representation),
))
}
@@ -45,14 +47,14 @@ pub fn secure_enclave_p256_dh(
private_key: &str,
ephemeral_public_key_bytes: &[u8],
) -> XResult<Vec<u8>> {
let private_key_representation = STANDARD.decode(private_key)?;
let private_key_representation = base64_decode(private_key)?;
let shared_secret =
se_tool::private_key_ecdh(&private_key_representation, ephemeral_public_key_bytes)?;
Ok(shared_secret)
}
pub fn secure_enclave_p256_sign(private_key: &str, content: &[u8]) -> XResult<Vec<u8>> {
let private_key_representation = STANDARD.decode(private_key)?;
let private_key_representation = base64_decode(private_key)?;
let signature = se_tool::private_key_sign(&private_key_representation, content)?;
Ok(signature)
}