hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: byte_to_pem

Browse Source
This commit is contained in:
Hatter Jiang
2022-04-04 15:59:35 +08:00
parent c9ab9820a8
commit d90223a8ca
2 changed files with 18 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/cmd_piv.rs
View File

@@ -3,15 +3,15 @@ use std::time::Duration;
use chrono::Local;
use clap::{App, Arg, ArgMatches, SubCommand};
use digest::Digest;
use pem::Pem;
use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg::MessageType;
use rust_util::XResult;
use sha2::Sha256;
use x509_parser::parse_x509_certificate;
use yubikey::{Certificate, YubiKey};
use yubikey::piv::SlotId;
use crate::pkiutil::bytes_to_pem;
pub struct CommandImpl;
impl Command for CommandImpl {
@@ -59,7 +59,10 @@ impl Command for CommandImpl {
Err(e) => failure!("Get PIV keys failed: {}", e)
}
for slot in yubikey::piv::SLOTS.iter().cloned() {
// replace of yubikey::piv::SLOTS
let slots = vec![SlotId::Authentication, SlotId::Signature,
SlotId::KeyManagement, SlotId::CardAuthentication];
for slot in slots {
print_cert_info(&mut yk, slot, detail_output).ok();
}
Ok(None)
@@ -84,16 +87,8 @@ fn print_cert_info(yubikey: &mut YubiKey, slot: SlotId, detail_output: bool) ->
let slot_id: u8 = slot.into();
success!("Slot: {:?}, id: {:x}, algorithm: {:?}", slot, slot_id, cert.subject_pki().algorithm());
let cert_pem_obj = Pem {
tag: String::from("CERTIFICATE"),
contents: buf.to_vec(),
};
if detail_output {
information!("{}", pem::encode(&cert_pem_obj).trim());
} else {
rust_util::util_msg::when(MessageType::DEBUG, || {
debugging!("{}", pem::encode(&cert_pem_obj).trim());
});
information!("{}", bytes_to_pem("CERTIFICATE", buf));
}
match parse_x509_certificate(&buf) {
@@ -101,16 +96,9 @@ fn print_cert_info(yubikey: &mut YubiKey, slot: SlotId, detail_output: bool) ->
information!("Algorithm: {}", cert.tbs_certificate.subject_pki.algorithm.algorithm);
let public_key_fingerprint_sha256 = Sha256::digest(cert.tbs_certificate.subject_pki.raw);
let cert_public_key_pem_obj = Pem {
tag: String::from("PUBLIC KEY"),
contents: cert.tbs_certificate.subject_pki.raw.to_vec(),
};
if detail_output {
information!("{}", pem::encode(&cert_public_key_pem_obj).trim());
} else {
rust_util::util_msg::when(MessageType::DEBUG, || {
debugging!("{}", pem::encode(&cert_pem_obj).trim());
});
information!("{}", bytes_to_pem("PUBLIC KEY", cert.tbs_certificate.subject_pki.raw));
}
information!("Subject: {}", cert.tbs_certificate.subject);

14
src/pkiutil.rs
View File

@@ -6,6 +6,14 @@ use sequoia_openpgp::crypto::mpi::PublicKey;
use crate::digest::sha256_bytes;
pub fn bytes_to_pem<T>(tag: &str, contents: T) -> String where T: Into<Vec<u8>> {
let cert_public_key_pem_obj = Pem {
tag: tag.to_string(),
contents: contents.into(),
};
pem::encode(&cert_public_key_pem_obj).trim().to_string()
}
pub fn sequoia_openpgp_public_key_pem(public_key: &PublicKey) -> Option<(Vec<u8>, String)> {
match public_key {
PublicKey::RSA { e, n } => {
@@ -37,9 +45,5 @@ fn internal_rsa_public_key_pem(n: &[u8], e: &[u8]) -> (Vec<u8>, String) {
);
let rsa_pub_key_bytes = rsa_pub_key.unwrap().public_key_to_der().unwrap();
let rsa_pub_key_bytes_sha256 = sha256_bytes(&rsa_pub_key_bytes);
let pub_key_pem_obj = Pem {
tag: String::from("PUBLIC KEY"),
contents: rsa_pub_key_bytes,
};
(rsa_pub_key_bytes_sha256, pem::encode(&pub_key_pem_obj))
(rsa_pub_key_bytes_sha256, bytes_to_pem("PUBLIC KEY", rsa_pub_key_bytes))
}