hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: udptes

Browse Source
This commit is contained in:
Hatter Jiang
2025-03-29 16:16:38 +08:00
parent a6bff6d31c
commit e9388eb164
19 changed files with 42 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/argsutil.rs
View File

@@ -5,7 +5,7 @@ use std::io::Read;
use clap::ArgMatches;
use rust_util::XResult;
use crate::digest::{sha256, sha256_bytes};
use crate::digestutil::{sha256, sha256_bytes};
pub fn get_sha256_digest_or_hash(sub_arg_matches: &ArgMatches) -> XResult<Vec<u8>> {

2
src/cmd_file_sign.rs
View File

@@ -11,7 +11,7 @@ use yubikey::{Key, YubiKey};
use yubikey::piv::{sign_data, SlotId};
use crate::{argsutil, cmdutil, pinutil, pivutil};
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
use crate::signfile::{CERTIFICATES_SEARCH_URL, HASH_ALGORITHM_SHA256, SIGNATURE_ALGORITHM_SHA256_WITH_ECDSA, SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile, SimpleSignFileSignature};
use crate::util::base64_encode;

2
src/cmd_file_verify.rs
View File

@@ -11,7 +11,7 @@ use x509_parser::public_key::PublicKey;
use x509_parser::time::ASN1Time;
use crate::argsutil;
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
use crate::signfile::{SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile};
use crate::util::base64_decode;

6
src/cmd_pgp_card_sign.rs
View File

@@ -114,7 +114,7 @@ impl Command for CommandImpl {
if let Some(sha256) = sha256 {
let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}");
let sha256_hex = crate::digest::copy_sha256(&sha256_hex)?;
let sha256_hex = crate::digestutil::copy_sha256(&sha256_hex)?;
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
success!("User sign pin verify success!");
let sig = match algo {
@@ -133,7 +133,7 @@ impl Command for CommandImpl {
}
if let Some(sha384) = sha384 {
let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}");
let sha384_hex = crate::digest::copy_sha384(&sha384_hex)?;
let sha384_hex = crate::digestutil::copy_sha384(&sha384_hex)?;
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
success!("User sign pin verify success!");
let sig = match algo {
@@ -152,7 +152,7 @@ impl Command for CommandImpl {
}
if let Some(sha512) = sha512 {
let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}");
let sha512_hex = crate::digest::copy_sha512(&sha512_hex)?;
let sha512_hex = crate::digestutil::copy_sha512(&sha512_hex)?;
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
success!("User sign pin verify success!");
let sig = match algo {

2
src/cmd_rsa_encrypt.rs
View File

@@ -7,7 +7,7 @@ use openssl::pkey::PKey;
use openssl::rsa::Rsa;
use rust_util::util_clap::{Command, CommandError};
use crate::{cmdutil, util};
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
pub struct CommandImpl;

2
src/cmd_rsa_verify.rs
View File

@@ -12,7 +12,7 @@ use rust_util::util_clap::{Command, CommandError};
use rust_util::util_msg::MessageType;
use rust_util::{util_msg, XResult};
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
pub struct CommandImpl;

8
src/cmd_sign_jwt.rs
View File

@@ -11,7 +11,7 @@ use yubikey::piv::{sign_data, AlgorithmId, SlotId};
use yubikey::{Certificate, YubiKey};
use crate::ecdsautil::parse_ecdsa_to_rs;
use crate::{cmdutil, digest, pivutil, rsautil, util};
use crate::{cmdutil, digestutil, pivutil, rsautil, util};
const SEPARATOR: &str = ".";
@@ -111,10 +111,10 @@ fn sign_jwt(
let raw_in = match jwt_algorithm {
AlgorithmType::Rs256 => {
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digest::sha256_bytes(&tobe_signed))
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digestutil::sha256_bytes(&tobe_signed))
}
AlgorithmType::Es256 => digest::sha256_bytes(&tobe_signed),
AlgorithmType::Es384 => digest::sha384_bytes(&tobe_signed),
AlgorithmType::Es256 => digestutil::sha256_bytes(&tobe_signed),
AlgorithmType::Es384 => digestutil::sha384_bytes(&tobe_signed),
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
};

8
src/cmd_sign_jwt_soft.rs
View File

@@ -6,7 +6,7 @@ use serde_json::{Map, Value};
use crate::cmd_sign_jwt::{build_jwt_parts, merge_header_claims, merge_payload_claims, print_jwt_token};
use crate::keychain::{KeychainKey, KeychainKeyValue};
use crate::{cmd_sign_jwt, cmdutil, digest, ecdsautil, hmacutil, keychain, rsautil, util};
use crate::{cmd_sign_jwt, cmdutil, digestutil, ecdsautil, hmacutil, keychain, rsautil, util};
const SEPARATOR: &str = ".";
@@ -84,10 +84,10 @@ fn sign_jwt(
let raw_in = match jwt_algorithm {
AlgorithmType::Rs256 => {
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digest::sha256_bytes(&tobe_signed))
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digestutil::sha256_bytes(&tobe_signed))
}
AlgorithmType::Es256 => digest::sha256_bytes(&tobe_signed),
AlgorithmType::Es384 => digest::sha384_bytes(&tobe_signed),
AlgorithmType::Es256 => digestutil::sha256_bytes(&tobe_signed),
AlgorithmType::Es384 => digestutil::sha384_bytes(&tobe_signed),
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
};

2
src/cmd_ssh_agent.rs
View File

@@ -14,7 +14,7 @@ use ssh_agent::proto::{from_bytes, RsaPublicKey, signature, Signature, to_bytes}
use ssh_agent::proto::message::{self, Message};
use ssh_agent::proto::public_key::PublicKey;
use crate::digest::{copy_sha256, copy_sha512};
use crate::digestutil::{copy_sha256, copy_sha512};
use crate::pinutil;
use crate::sshutil::{generate_ssh_string, with_sign};

2
src/cmd_ssh_piv_cert.rs
View File

@@ -13,7 +13,7 @@ use std::time::SystemTime;
use yubikey::piv::{sign_data, AlgorithmId, SlotId};
use yubikey::{Key, YubiKey};
use crate::digest::{sha256_bytes, sha384_bytes};
use crate::digestutil::{sha256_bytes, sha384_bytes};
use crate::pivutil::slot_equals;
use crate::{cmdutil, pinutil, pivutil, util};

6
src/cmd_ssh_piv_sign.rs
View File

@@ -91,14 +91,14 @@ impl Command for CommandImpl {
sign_message.write_string(namespace.as_bytes());
sign_message.write_string("".as_bytes());
sign_message.write_string("sha512".as_bytes());
let data_digest = crate::digest::sha512_bytes(&data);
let data_digest = crate::digestutil::sha512_bytes(&data);
debugging!("Data digest: {} (sha512)", hex::encode(&data_digest));
sign_message.write_string(&data_digest);
debugging!("Singed message: {}", hex::encode(&sign_message));
let tobe_signed_data = if ec_bit_len == 256 {
crate::digest::sha256_bytes(&sign_message)
crate::digestutil::sha256_bytes(&sign_message)
} else {
crate::digest::sha384_bytes(&sign_message)
crate::digestutil::sha384_bytes(&sign_message)
};
debugging!("Digest of signed message: {}", hex::encode(&tobe_signed_data));

2
src/cmd_ssh_pub_key.rs
View File

@@ -1,4 +1,4 @@
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
use crate::pivutil::{get_algorithm_id_by_certificate, slot_equals, ToStr};
use crate::sshutil::SshVecWriter;
use crate::{cmdutil, pivutil, util};

12
src/cmd_u2f_register.rs
View File

@@ -12,9 +12,9 @@ use rust_util::util_clap::{Command, CommandError};
use x509_parser::certificate::X509Certificate;
use x509_parser::prelude::FromDer;
use crate::{cmdutil, digest, util};
use crate::fido;
use crate::fido::{U2fRegistrationData, U2fV2Challenge};
use crate::{cmdutil, digestutil, util};
use crate::fidoutil;
use crate::fidoutil::{U2fRegistrationData, U2fV2Challenge};
use crate::util::base64_encode;
pub struct CommandImpl;
@@ -46,12 +46,12 @@ impl Command for CommandImpl {
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
let u2fv2_challenge_str = u2fv2_challenge.to_json();
let app_id_hash = digest::sha256(app_id);
let challenge_hash = digest::sha256(&u2fv2_challenge_str);
let app_id_hash = digestutil::sha256(app_id);
let challenge_hash = digestutil::sha256(&u2fv2_challenge_str);
let flags = RegisterFlags::empty();
let status_tx = fido::start_status_updater();
let status_tx = fidoutil::start_status_updater();
let (register_tx, register_rx) = channel();
let callback = StateCallback::new(Box::new(move |rv| {

12
src/cmd_u2f_sign.rs
View File

@@ -13,9 +13,9 @@ use openssl::pkey::PKey;
use openssl::sign::Verifier;
use rust_util::util_clap::{Command, CommandError};
use crate::{cmdutil, digest, util};
use crate::fido;
use crate::fido::U2fV2Challenge;
use crate::{cmdutil, digestutil, util};
use crate::fidoutil;
use crate::fidoutil::U2fV2Challenge;
use crate::util::base64_encode;
pub struct CommandImpl;
@@ -71,10 +71,10 @@ impl Command for CommandImpl {
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
let u2fv2_challenge_str = u2fv2_challenge.to_json();
let app_id_hash = digest::sha256(app_id);
let challenge_hash = digest::sha256(&u2fv2_challenge_str);
let app_id_hash = digestutil::sha256(app_id);
let challenge_hash = digestutil::sha256(&u2fv2_challenge_str);
let status_tx = fido::start_status_updater();
let status_tx = fidoutil::start_status_updater();
information!("App id: {}, Start sign...", app_id);
debugging!("Wait timeout: {} ms", timeout_ms);

0
src/digest.rs → src/digestutil.rs
View File

0
src/fido.rs → src/fidoutil.rs
View File

10
src/hmacutil.rs
View File

@@ -8,7 +8,7 @@ use yubico_manager::config::{Config, Mode, Slot};
use yubico_manager::hmacmode::HmacKey;
use yubico_manager::sec::hmac_sha1;
use yubico_manager::Yubico;
use crate::digest::{copy_sha256, sha256_bytes};
use crate::digestutil::{copy_sha256, sha256_bytes};
use crate::util;
use crate::util::{base64_decode, base64_encode};
@@ -129,10 +129,10 @@ pub fn output_hmac_result(sub_arg_matches: &ArgMatches, json_output: bool, chall
let sha512_output = sub_arg_matches.is_present("sha512");
let hex_string = hex::encode(result);
let hex_sha1 = iff!(sha1_output, Some(crate::digest::sha1_bytes(result)), None);
let hex_sha256 = iff!(sha256_output, Some(crate::digest::sha256_bytes(result)), None);
let hex_sha384 = iff!(sha384_output, Some(crate::digest::sha384_bytes(result)), None);
let hex_sha512 = iff!(sha512_output, Some(crate::digest::sha512_bytes(result)), None);
let hex_sha1 = iff!(sha1_output, Some(crate::digestutil::sha1_bytes(result)), None);
let hex_sha256 = iff!(sha256_output, Some(crate::digestutil::sha256_bytes(result)), None);
let hex_sha384 = iff!(sha384_output, Some(crate::digestutil::sha384_bytes(result)), None);
let hex_sha512 = iff!(sha512_output, Some(crate::digestutil::sha512_bytes(result)), None);
if json_output {
let mut json = BTreeMap::<&'_ str, String>::new();

4
src/main.rs
View File

@@ -55,10 +55,10 @@ mod cmd_parseecdsasignature;
mod cmd_keypair_generate;
mod cmd_keypair_keychain_import;
mod cmd_keypair_keychain_export;
mod digest;
mod digestutil;
mod ecdhutil;
mod ecdsautil;
mod fido;
mod fidoutil;
mod hmacutil;
mod keyutil;
mod pgpcardutil;

2
src/pkiutil.rs
View File

@@ -7,7 +7,7 @@ use rust_util::XResult;
use sequoia_openpgp::crypto::mpi::PublicKey;
use x509_parser::x509::AlgorithmIdentifier;
use crate::digest::sha256_bytes;
use crate::digestutil::sha256_bytes;
#[derive(Clone, Copy, Debug)]
pub enum PkiAlgorithm {