feat: register works

src/register.rs

@@ -0,0 +1,135 @@
+use clap::{ArgMatches, SubCommand, App, Arg};
+use crate::cmd::{Command, CommandError};
+use authenticator::authenticatorservice::AuthenticatorService;
+use authenticator::statecallback::StateCallback;
+use authenticator::{RegisterFlags, StatusUpdate};
+use sha2::{Digest, Sha256};
+use std::sync::mpsc::{channel, RecvError};
+use std::thread;
+use rust_util::XResult;
+use rand::Rng;
+use base64::URL_SAFE_NO_PAD;
+use serde::{Deserialize, Serialize};
+
+#[derive(Clone, Debug, Serialize, Deserialize)]
+struct U2fV2Challenge {
+    challenge: String,
+    version: String,
+    #[serde(rename = "appId")]
+    app_id: String,
+}
+
+impl U2fV2Challenge {
+    fn new_random<S>(app_id: S) -> Self where S: Into<String> {
+        let mut rng = rand::thread_rng();
+        let mut rand_bytes = [0_u8; 32];
+        for i in 0..32 {
+            let b: u8 = rng.gen();
+            rand_bytes[i] = b;
+        }
+
+        let challenge = base64::encode_config(&rand_bytes, URL_SAFE_NO_PAD);
+        Self::new(challenge, app_id)
+    }
+
+    fn new<S1, S2>(challenge: S1, app_id: S2) -> Self where S1: Into<String>, S2: Into<String> {
+        Self {
+            challenge: challenge.into(),
+            version: "U2F_V2".into(),
+            app_id: app_id.into(),
+        }
+    }
+}
+
+pub struct CommandImpl;
+
+impl Command for CommandImpl {
+    fn name(&self) -> &str { "register" }
+
+    fn subcommand<'a>(&self) -> App<'a, 'a> {
+        SubCommand::with_name(self.name()).about("Register subcommand")
+            .arg(Arg::with_name("app-id").long("app-id").default_value("https://example.com").help("App id"))
+    }
+
+    fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
+        let mut manager = AuthenticatorService::new()?;
+        manager.add_u2f_usb_hid_platform_transports();
+
+        let app_id = sub_arg_matches.value_of("app-id").unwrap();
+        let timeout_ms = 10000;
+
+        let u2fv2_challenge = U2fV2Challenge::new_random(app_id);
+        let challenge_str = serde_json::to_string(&u2fv2_challenge).unwrap();
+
+        let mut challenge = Sha256::default();
+        Digest::update(&mut challenge, challenge_str.as_bytes());
+        let chall_bytes = challenge.finalize().to_vec();
+
+        let mut application = Sha256::default();
+        // application.update(app_id.as_bytes());
+        Digest::update(&mut application, app_id.as_bytes());
+        let app_bytes = application.finalize().to_vec();
+
+
+        let flags = RegisterFlags::empty();
+
+        let (status_tx, status_rx) = channel::<StatusUpdate>();
+        thread::spawn(move || loop {
+            match status_rx.recv() {
+                Ok(StatusUpdate::DeviceAvailable { dev_info }) => {
+                    debugging!("STATUS: device available: {}", dev_info)
+                }
+                Ok(StatusUpdate::DeviceUnavailable { dev_info }) => {
+                    debugging!("STATUS: device unavailable: {}", dev_info)
+                }
+                Ok(StatusUpdate::Success { dev_info }) => {
+                    debugging!("STATUS: success using device: {}", dev_info);
+                }
+                Err(RecvError) => {
+                    debugging!("STATUS: end");
+                    return;
+                }
+            }
+        });
+
+        let (register_tx, register_rx) = channel();
+        let callback = StateCallback::new(Box::new(move |rv| {
+            register_tx.send(rv).unwrap();
+        }));
+
+        information!("Start U2F register...");
+        information!("App id: {}", app_id);
+        manager.register(
+            flags,
+            timeout_ms,
+            chall_bytes.clone(),
+            app_bytes.clone(),
+            vec![],
+            status_tx.clone(),
+            callback,
+        )?;
+
+        let register_result = register_rx.recv()?;
+        let (register_data, device_info) = register_result?;
+
+        success!("Register result: {}", base64::encode(&register_data));
+        success!("Device info: {}", &device_info);
+        let credential = u2f_get_key_handle_from_register_response(&register_data).unwrap();
+        success!("Key handle: {}", base64::encode(&credential));
+
+        Ok(())
+    }
+}
+
+fn u2f_get_key_handle_from_register_response(register_response: &[u8]) -> XResult<Vec<u8>> {
+    if register_response[0] != 0x05 {
+        return simple_error!("Reserved byte not set correctly");
+    }
+
+    let key_handle_len = register_response[66] as usize;
+    let mut public_key = register_response.to_owned();
+    let mut key_handle = public_key.split_off(67);
+    let _attestation = key_handle.split_off(key_handle_len);
+
+    Ok(key_handle)
+}