feat: udptes
This commit is contained in:
@@ -5,7 +5,7 @@ use std::io::Read;
|
|||||||
use clap::ArgMatches;
|
use clap::ArgMatches;
|
||||||
use rust_util::XResult;
|
use rust_util::XResult;
|
||||||
|
|
||||||
use crate::digest::{sha256, sha256_bytes};
|
use crate::digestutil::{sha256, sha256_bytes};
|
||||||
|
|
||||||
|
|
||||||
pub fn get_sha256_digest_or_hash(sub_arg_matches: &ArgMatches) -> XResult<Vec<u8>> {
|
pub fn get_sha256_digest_or_hash(sub_arg_matches: &ArgMatches) -> XResult<Vec<u8>> {
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ use yubikey::{Key, YubiKey};
|
|||||||
use yubikey::piv::{sign_data, SlotId};
|
use yubikey::piv::{sign_data, SlotId};
|
||||||
|
|
||||||
use crate::{argsutil, cmdutil, pinutil, pivutil};
|
use crate::{argsutil, cmdutil, pinutil, pivutil};
|
||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
use crate::signfile::{CERTIFICATES_SEARCH_URL, HASH_ALGORITHM_SHA256, SIGNATURE_ALGORITHM_SHA256_WITH_ECDSA, SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile, SimpleSignFileSignature};
|
use crate::signfile::{CERTIFICATES_SEARCH_URL, HASH_ALGORITHM_SHA256, SIGNATURE_ALGORITHM_SHA256_WITH_ECDSA, SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile, SimpleSignFileSignature};
|
||||||
use crate::util::base64_encode;
|
use crate::util::base64_encode;
|
||||||
|
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ use x509_parser::public_key::PublicKey;
|
|||||||
use x509_parser::time::ASN1Time;
|
use x509_parser::time::ASN1Time;
|
||||||
|
|
||||||
use crate::argsutil;
|
use crate::argsutil;
|
||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
use crate::signfile::{SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile};
|
use crate::signfile::{SignFileRequest, SIMPLE_SIG_SCHEMA, SimpleSignFile};
|
||||||
use crate::util::base64_decode;
|
use crate::util::base64_decode;
|
||||||
|
|
||||||
|
|||||||
@@ -114,7 +114,7 @@ impl Command for CommandImpl {
|
|||||||
|
|
||||||
if let Some(sha256) = sha256 {
|
if let Some(sha256) = sha256 {
|
||||||
let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}");
|
let sha256_hex = opt_result!(hex::decode(sha256.trim()), "Decode sha256 failed: {}");
|
||||||
let sha256_hex = crate::digest::copy_sha256(&sha256_hex)?;
|
let sha256_hex = crate::digestutil::copy_sha256(&sha256_hex)?;
|
||||||
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
||||||
success!("User sign pin verify success!");
|
success!("User sign pin verify success!");
|
||||||
let sig = match algo {
|
let sig = match algo {
|
||||||
@@ -133,7 +133,7 @@ impl Command for CommandImpl {
|
|||||||
}
|
}
|
||||||
if let Some(sha384) = sha384 {
|
if let Some(sha384) = sha384 {
|
||||||
let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}");
|
let sha384_hex = opt_result!(hex::decode(sha384.trim()), "Decode sha384 failed: {}");
|
||||||
let sha384_hex = crate::digest::copy_sha384(&sha384_hex)?;
|
let sha384_hex = crate::digestutil::copy_sha384(&sha384_hex)?;
|
||||||
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
||||||
success!("User sign pin verify success!");
|
success!("User sign pin verify success!");
|
||||||
let sig = match algo {
|
let sig = match algo {
|
||||||
@@ -152,7 +152,7 @@ impl Command for CommandImpl {
|
|||||||
}
|
}
|
||||||
if let Some(sha512) = sha512 {
|
if let Some(sha512) = sha512 {
|
||||||
let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}");
|
let sha512_hex = opt_result!(hex::decode(sha512.trim()), "Decode sha512 failed: {}");
|
||||||
let sha512_hex = crate::digest::copy_sha512(&sha512_hex)?;
|
let sha512_hex = crate::digestutil::copy_sha512(&sha512_hex)?;
|
||||||
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
opt_result!(trans.verify_pw1_sign(pin.as_ref()), "User sign pin verify failed: {}");
|
||||||
success!("User sign pin verify success!");
|
success!("User sign pin verify success!");
|
||||||
let sig = match algo {
|
let sig = match algo {
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ use openssl::pkey::PKey;
|
|||||||
use openssl::rsa::Rsa;
|
use openssl::rsa::Rsa;
|
||||||
use rust_util::util_clap::{Command, CommandError};
|
use rust_util::util_clap::{Command, CommandError};
|
||||||
use crate::{cmdutil, util};
|
use crate::{cmdutil, util};
|
||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
|
|
||||||
pub struct CommandImpl;
|
pub struct CommandImpl;
|
||||||
|
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ use rust_util::util_clap::{Command, CommandError};
|
|||||||
use rust_util::util_msg::MessageType;
|
use rust_util::util_msg::MessageType;
|
||||||
use rust_util::{util_msg, XResult};
|
use rust_util::{util_msg, XResult};
|
||||||
|
|
||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
|
|
||||||
pub struct CommandImpl;
|
pub struct CommandImpl;
|
||||||
|
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ use yubikey::piv::{sign_data, AlgorithmId, SlotId};
|
|||||||
use yubikey::{Certificate, YubiKey};
|
use yubikey::{Certificate, YubiKey};
|
||||||
|
|
||||||
use crate::ecdsautil::parse_ecdsa_to_rs;
|
use crate::ecdsautil::parse_ecdsa_to_rs;
|
||||||
use crate::{cmdutil, digest, pivutil, rsautil, util};
|
use crate::{cmdutil, digestutil, pivutil, rsautil, util};
|
||||||
|
|
||||||
const SEPARATOR: &str = ".";
|
const SEPARATOR: &str = ".";
|
||||||
|
|
||||||
@@ -111,10 +111,10 @@ fn sign_jwt(
|
|||||||
|
|
||||||
let raw_in = match jwt_algorithm {
|
let raw_in = match jwt_algorithm {
|
||||||
AlgorithmType::Rs256 => {
|
AlgorithmType::Rs256 => {
|
||||||
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digest::sha256_bytes(&tobe_signed))
|
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digestutil::sha256_bytes(&tobe_signed))
|
||||||
}
|
}
|
||||||
AlgorithmType::Es256 => digest::sha256_bytes(&tobe_signed),
|
AlgorithmType::Es256 => digestutil::sha256_bytes(&tobe_signed),
|
||||||
AlgorithmType::Es384 => digest::sha384_bytes(&tobe_signed),
|
AlgorithmType::Es384 => digestutil::sha384_bytes(&tobe_signed),
|
||||||
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
|
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ use serde_json::{Map, Value};
|
|||||||
|
|
||||||
use crate::cmd_sign_jwt::{build_jwt_parts, merge_header_claims, merge_payload_claims, print_jwt_token};
|
use crate::cmd_sign_jwt::{build_jwt_parts, merge_header_claims, merge_payload_claims, print_jwt_token};
|
||||||
use crate::keychain::{KeychainKey, KeychainKeyValue};
|
use crate::keychain::{KeychainKey, KeychainKeyValue};
|
||||||
use crate::{cmd_sign_jwt, cmdutil, digest, ecdsautil, hmacutil, keychain, rsautil, util};
|
use crate::{cmd_sign_jwt, cmdutil, digestutil, ecdsautil, hmacutil, keychain, rsautil, util};
|
||||||
|
|
||||||
const SEPARATOR: &str = ".";
|
const SEPARATOR: &str = ".";
|
||||||
|
|
||||||
@@ -84,10 +84,10 @@ fn sign_jwt(
|
|||||||
|
|
||||||
let raw_in = match jwt_algorithm {
|
let raw_in = match jwt_algorithm {
|
||||||
AlgorithmType::Rs256 => {
|
AlgorithmType::Rs256 => {
|
||||||
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digest::sha256_bytes(&tobe_signed))
|
rsautil::pkcs15_sha256_rsa_2048_padding_for_sign(&digestutil::sha256_bytes(&tobe_signed))
|
||||||
}
|
}
|
||||||
AlgorithmType::Es256 => digest::sha256_bytes(&tobe_signed),
|
AlgorithmType::Es256 => digestutil::sha256_bytes(&tobe_signed),
|
||||||
AlgorithmType::Es384 => digest::sha384_bytes(&tobe_signed),
|
AlgorithmType::Es384 => digestutil::sha384_bytes(&tobe_signed),
|
||||||
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
|
_ => return simple_error!("SHOULD NOT HAPPEN: {:?}", jwt_algorithm),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ use ssh_agent::proto::{from_bytes, RsaPublicKey, signature, Signature, to_bytes}
|
|||||||
use ssh_agent::proto::message::{self, Message};
|
use ssh_agent::proto::message::{self, Message};
|
||||||
use ssh_agent::proto::public_key::PublicKey;
|
use ssh_agent::proto::public_key::PublicKey;
|
||||||
|
|
||||||
use crate::digest::{copy_sha256, copy_sha512};
|
use crate::digestutil::{copy_sha256, copy_sha512};
|
||||||
use crate::pinutil;
|
use crate::pinutil;
|
||||||
use crate::sshutil::{generate_ssh_string, with_sign};
|
use crate::sshutil::{generate_ssh_string, with_sign};
|
||||||
|
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ use std::time::SystemTime;
|
|||||||
use yubikey::piv::{sign_data, AlgorithmId, SlotId};
|
use yubikey::piv::{sign_data, AlgorithmId, SlotId};
|
||||||
use yubikey::{Key, YubiKey};
|
use yubikey::{Key, YubiKey};
|
||||||
|
|
||||||
use crate::digest::{sha256_bytes, sha384_bytes};
|
use crate::digestutil::{sha256_bytes, sha384_bytes};
|
||||||
use crate::pivutil::slot_equals;
|
use crate::pivutil::slot_equals;
|
||||||
use crate::{cmdutil, pinutil, pivutil, util};
|
use crate::{cmdutil, pinutil, pivutil, util};
|
||||||
|
|
||||||
|
|||||||
@@ -91,14 +91,14 @@ impl Command for CommandImpl {
|
|||||||
sign_message.write_string(namespace.as_bytes());
|
sign_message.write_string(namespace.as_bytes());
|
||||||
sign_message.write_string("".as_bytes());
|
sign_message.write_string("".as_bytes());
|
||||||
sign_message.write_string("sha512".as_bytes());
|
sign_message.write_string("sha512".as_bytes());
|
||||||
let data_digest = crate::digest::sha512_bytes(&data);
|
let data_digest = crate::digestutil::sha512_bytes(&data);
|
||||||
debugging!("Data digest: {} (sha512)", hex::encode(&data_digest));
|
debugging!("Data digest: {} (sha512)", hex::encode(&data_digest));
|
||||||
sign_message.write_string(&data_digest);
|
sign_message.write_string(&data_digest);
|
||||||
debugging!("Singed message: {}", hex::encode(&sign_message));
|
debugging!("Singed message: {}", hex::encode(&sign_message));
|
||||||
let tobe_signed_data = if ec_bit_len == 256 {
|
let tobe_signed_data = if ec_bit_len == 256 {
|
||||||
crate::digest::sha256_bytes(&sign_message)
|
crate::digestutil::sha256_bytes(&sign_message)
|
||||||
} else {
|
} else {
|
||||||
crate::digest::sha384_bytes(&sign_message)
|
crate::digestutil::sha384_bytes(&sign_message)
|
||||||
};
|
};
|
||||||
debugging!("Digest of signed message: {}", hex::encode(&tobe_signed_data));
|
debugging!("Digest of signed message: {}", hex::encode(&tobe_signed_data));
|
||||||
|
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
use crate::pivutil::{get_algorithm_id_by_certificate, slot_equals, ToStr};
|
use crate::pivutil::{get_algorithm_id_by_certificate, slot_equals, ToStr};
|
||||||
use crate::sshutil::SshVecWriter;
|
use crate::sshutil::SshVecWriter;
|
||||||
use crate::{cmdutil, pivutil, util};
|
use crate::{cmdutil, pivutil, util};
|
||||||
|
|||||||
@@ -12,9 +12,9 @@ use rust_util::util_clap::{Command, CommandError};
|
|||||||
use x509_parser::certificate::X509Certificate;
|
use x509_parser::certificate::X509Certificate;
|
||||||
use x509_parser::prelude::FromDer;
|
use x509_parser::prelude::FromDer;
|
||||||
|
|
||||||
use crate::{cmdutil, digest, util};
|
use crate::{cmdutil, digestutil, util};
|
||||||
use crate::fido;
|
use crate::fidoutil;
|
||||||
use crate::fido::{U2fRegistrationData, U2fV2Challenge};
|
use crate::fidoutil::{U2fRegistrationData, U2fV2Challenge};
|
||||||
use crate::util::base64_encode;
|
use crate::util::base64_encode;
|
||||||
|
|
||||||
pub struct CommandImpl;
|
pub struct CommandImpl;
|
||||||
@@ -46,12 +46,12 @@ impl Command for CommandImpl {
|
|||||||
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
|
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
|
||||||
let u2fv2_challenge_str = u2fv2_challenge.to_json();
|
let u2fv2_challenge_str = u2fv2_challenge.to_json();
|
||||||
|
|
||||||
let app_id_hash = digest::sha256(app_id);
|
let app_id_hash = digestutil::sha256(app_id);
|
||||||
let challenge_hash = digest::sha256(&u2fv2_challenge_str);
|
let challenge_hash = digestutil::sha256(&u2fv2_challenge_str);
|
||||||
|
|
||||||
let flags = RegisterFlags::empty();
|
let flags = RegisterFlags::empty();
|
||||||
|
|
||||||
let status_tx = fido::start_status_updater();
|
let status_tx = fidoutil::start_status_updater();
|
||||||
|
|
||||||
let (register_tx, register_rx) = channel();
|
let (register_tx, register_rx) = channel();
|
||||||
let callback = StateCallback::new(Box::new(move |rv| {
|
let callback = StateCallback::new(Box::new(move |rv| {
|
||||||
|
|||||||
@@ -13,9 +13,9 @@ use openssl::pkey::PKey;
|
|||||||
use openssl::sign::Verifier;
|
use openssl::sign::Verifier;
|
||||||
use rust_util::util_clap::{Command, CommandError};
|
use rust_util::util_clap::{Command, CommandError};
|
||||||
|
|
||||||
use crate::{cmdutil, digest, util};
|
use crate::{cmdutil, digestutil, util};
|
||||||
use crate::fido;
|
use crate::fidoutil;
|
||||||
use crate::fido::U2fV2Challenge;
|
use crate::fidoutil::U2fV2Challenge;
|
||||||
use crate::util::base64_encode;
|
use crate::util::base64_encode;
|
||||||
|
|
||||||
pub struct CommandImpl;
|
pub struct CommandImpl;
|
||||||
@@ -71,10 +71,10 @@ impl Command for CommandImpl {
|
|||||||
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
|
let u2fv2_challenge = U2fV2Challenge::new_challenge(challenge_hex, app_id, challenge_with_timestamp_prefix)?;
|
||||||
let u2fv2_challenge_str = u2fv2_challenge.to_json();
|
let u2fv2_challenge_str = u2fv2_challenge.to_json();
|
||||||
|
|
||||||
let app_id_hash = digest::sha256(app_id);
|
let app_id_hash = digestutil::sha256(app_id);
|
||||||
let challenge_hash = digest::sha256(&u2fv2_challenge_str);
|
let challenge_hash = digestutil::sha256(&u2fv2_challenge_str);
|
||||||
|
|
||||||
let status_tx = fido::start_status_updater();
|
let status_tx = fidoutil::start_status_updater();
|
||||||
|
|
||||||
information!("App id: {}, Start sign...", app_id);
|
information!("App id: {}, Start sign...", app_id);
|
||||||
debugging!("Wait timeout: {} ms", timeout_ms);
|
debugging!("Wait timeout: {} ms", timeout_ms);
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ use yubico_manager::config::{Config, Mode, Slot};
|
|||||||
use yubico_manager::hmacmode::HmacKey;
|
use yubico_manager::hmacmode::HmacKey;
|
||||||
use yubico_manager::sec::hmac_sha1;
|
use yubico_manager::sec::hmac_sha1;
|
||||||
use yubico_manager::Yubico;
|
use yubico_manager::Yubico;
|
||||||
use crate::digest::{copy_sha256, sha256_bytes};
|
use crate::digestutil::{copy_sha256, sha256_bytes};
|
||||||
use crate::util;
|
use crate::util;
|
||||||
use crate::util::{base64_decode, base64_encode};
|
use crate::util::{base64_decode, base64_encode};
|
||||||
|
|
||||||
@@ -129,10 +129,10 @@ pub fn output_hmac_result(sub_arg_matches: &ArgMatches, json_output: bool, chall
|
|||||||
let sha512_output = sub_arg_matches.is_present("sha512");
|
let sha512_output = sub_arg_matches.is_present("sha512");
|
||||||
|
|
||||||
let hex_string = hex::encode(result);
|
let hex_string = hex::encode(result);
|
||||||
let hex_sha1 = iff!(sha1_output, Some(crate::digest::sha1_bytes(result)), None);
|
let hex_sha1 = iff!(sha1_output, Some(crate::digestutil::sha1_bytes(result)), None);
|
||||||
let hex_sha256 = iff!(sha256_output, Some(crate::digest::sha256_bytes(result)), None);
|
let hex_sha256 = iff!(sha256_output, Some(crate::digestutil::sha256_bytes(result)), None);
|
||||||
let hex_sha384 = iff!(sha384_output, Some(crate::digest::sha384_bytes(result)), None);
|
let hex_sha384 = iff!(sha384_output, Some(crate::digestutil::sha384_bytes(result)), None);
|
||||||
let hex_sha512 = iff!(sha512_output, Some(crate::digest::sha512_bytes(result)), None);
|
let hex_sha512 = iff!(sha512_output, Some(crate::digestutil::sha512_bytes(result)), None);
|
||||||
|
|
||||||
if json_output {
|
if json_output {
|
||||||
let mut json = BTreeMap::<&'_ str, String>::new();
|
let mut json = BTreeMap::<&'_ str, String>::new();
|
||||||
|
|||||||
@@ -55,10 +55,10 @@ mod cmd_parseecdsasignature;
|
|||||||
mod cmd_keypair_generate;
|
mod cmd_keypair_generate;
|
||||||
mod cmd_keypair_keychain_import;
|
mod cmd_keypair_keychain_import;
|
||||||
mod cmd_keypair_keychain_export;
|
mod cmd_keypair_keychain_export;
|
||||||
mod digest;
|
mod digestutil;
|
||||||
mod ecdhutil;
|
mod ecdhutil;
|
||||||
mod ecdsautil;
|
mod ecdsautil;
|
||||||
mod fido;
|
mod fidoutil;
|
||||||
mod hmacutil;
|
mod hmacutil;
|
||||||
mod keyutil;
|
mod keyutil;
|
||||||
mod pgpcardutil;
|
mod pgpcardutil;
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ use rust_util::XResult;
|
|||||||
use sequoia_openpgp::crypto::mpi::PublicKey;
|
use sequoia_openpgp::crypto::mpi::PublicKey;
|
||||||
use x509_parser::x509::AlgorithmIdentifier;
|
use x509_parser::x509::AlgorithmIdentifier;
|
||||||
|
|
||||||
use crate::digest::sha256_bytes;
|
use crate::digestutil::sha256_bytes;
|
||||||
|
|
||||||
#[derive(Clone, Copy, Debug)]
|
#[derive(Clone, Copy, Debug)]
|
||||||
pub enum PkiAlgorithm {
|
pub enum PkiAlgorithm {
|
||||||
|
|||||||
Reference in New Issue
Block a user