feat: byte_to_pem

2022-04-04 15:59:35 +08:00
parent c9ab9820a8
commit d90223a8ca
2 changed files with 18 additions and 26 deletions
--- a/src/cmd_piv.rs
+++ b/src/cmd_piv.rs
@@ -3,15 +3,15 @@ use std::time::Duration;
 use chrono::Local;
 use clap::{App, Arg, ArgMatches, SubCommand};
 use digest::Digest;
-use pem::Pem;
 use rust_util::util_clap::{Command, CommandError};
-use rust_util::util_msg::MessageType;
 use rust_util::XResult;
 use sha2::Sha256;
 use x509_parser::parse_x509_certificate;
 use yubikey::{Certificate, YubiKey};
 use yubikey::piv::SlotId;

+use crate::pkiutil::bytes_to_pem;
+
 pub struct CommandImpl;

 impl Command for CommandImpl {
@@ -59,7 +59,10 @@ impl Command for CommandImpl {
            Err(e) => failure!("Get PIV keys failed: {}", e)
        }

-        for slot in yubikey::piv::SLOTS.iter().cloned() {
+        // replace of yubikey::piv::SLOTS
+        let slots = vec![SlotId::Authentication, SlotId::Signature,
+                         SlotId::KeyManagement, SlotId::CardAuthentication];
+        for slot in slots {
            print_cert_info(&mut yk, slot, detail_output).ok();
        }
        Ok(None)
@@ -84,16 +87,8 @@ fn print_cert_info(yubikey: &mut YubiKey, slot: SlotId, detail_output: bool) ->
        let slot_id: u8 = slot.into();
        success!("Slot: {:?}, id: {:x}, algorithm: {:?}",  slot, slot_id, cert.subject_pki().algorithm());

-        let cert_pem_obj = Pem {
-            tag: String::from("CERTIFICATE"),
-            contents: buf.to_vec(),
-        };
        if detail_output {
-            information!("{}", pem::encode(&cert_pem_obj).trim());
-        } else {
-            rust_util::util_msg::when(MessageType::DEBUG, || {
-                debugging!("{}", pem::encode(&cert_pem_obj).trim());
-            });
+            information!("{}", bytes_to_pem("CERTIFICATE", buf));
        }

        match parse_x509_certificate(&buf) {
@@ -101,16 +96,9 @@ fn print_cert_info(yubikey: &mut YubiKey, slot: SlotId, detail_output: bool) ->
                information!("Algorithm: {}", cert.tbs_certificate.subject_pki.algorithm.algorithm);

                let public_key_fingerprint_sha256 = Sha256::digest(cert.tbs_certificate.subject_pki.raw);
-                let cert_public_key_pem_obj = Pem {
-                    tag: String::from("PUBLIC KEY"),
-                    contents: cert.tbs_certificate.subject_pki.raw.to_vec(),
-                };
+
                if detail_output {
-                    information!("{}", pem::encode(&cert_public_key_pem_obj).trim());
-                } else {
-                    rust_util::util_msg::when(MessageType::DEBUG, || {
-                        debugging!("{}", pem::encode(&cert_pem_obj).trim());
-                    });
+                    information!("{}", bytes_to_pem("PUBLIC KEY", cert.tbs_certificate.subject_pki.raw));
                }

                information!("Subject: {}", cert.tbs_certificate.subject);