feat: 1.8.3, optimize code

2023-11-19 19:30:19 +08:00
parent 030ccd6cfb
commit ed140470ae
6 changed files with 25 additions and 15 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -332,7 +332,7 @@ dependencies = [

 [[package]]
 name = "card-cli"
-version = "1.8.2"
+version = "1.8.3"
 dependencies = [
 "authenticator",
 "base64 0.21.5",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "card-cli"
-version = "1.8.2"
+version = "1.8.3"
 authors = ["Hatter Jiang <jht5945@gmail.com>"]
 edition = "2018"

--- a/src/cmd_pivmeta.rs
+++ b/src/cmd_pivmeta.rs
@@ -7,10 +7,10 @@ use rust_util::util_msg;
 use rust_util::util_msg::MessageType;
 use x509_parser::parse_x509_certificate;
 use yubikey::{Key, YubiKey};
-use yubikey::piv::{AlgorithmId, metadata, Origin};
+use yubikey::piv::{AlgorithmId, metadata};

 use crate::pivutil;
-use crate::pivutil::{get_algorithm_id, slot_equals, ToStr};
+use crate::pivutil::{get_algorithm_id_by_certificate, slot_equals, ToStr};
 use crate::pkiutil::bytes_to_pem;

 pub struct CommandImpl;
@@ -57,11 +57,7 @@ impl Command for CommandImpl {
                }
            }

-            let origin_str = match meta.origin {
-                None => "none",
-                Some(Origin::Imported) => "imported",
-                Some(Origin::Generated) => "generated",
-            };
+            let origin_str = meta.origin.to_str();
            if json_output {
                json.insert("origin", origin_str.to_string());
            } else {
@@ -77,7 +73,7 @@ impl Command for CommandImpl {
                let cert = &k.certificate().cert.tbs_certificate;
                let slot_str = format!("{:x}", Into::<u8>::into(k.slot()));
                if slot_equals(&slot_id, &slot_str) {
-                    if let Ok(algorithm_id) = get_algorithm_id(&k.certificate().cert.tbs_certificate.subject_public_key_info) {
+                    if let Ok(algorithm_id) = get_algorithm_id_by_certificate(k.certificate()) {
                        let algorithm_str = algorithm_id.to_str();
                        json.insert("algorithm", algorithm_str.to_string());

--- a/src/cmd_pivsummary.rs
+++ b/src/cmd_pivsummary.rs
@@ -8,7 +8,7 @@ use x509_parser::parse_x509_certificate;
 use yubikey::{Certificate, YubiKey};
 use yubikey::piv::{metadata, SlotId};

-use crate::pivutil::{get_algorithm_id, ORDERED_SLOTS, ToStr};
+use crate::pivutil::{get_algorithm_id_by_certificate, ORDERED_SLOTS, ToStr};

 const NA: &str = "N/A";

@@ -120,7 +120,7 @@ fn print_summary_info(yubikey: &mut YubiKey, slot: SlotId, piv_slots: &mut Vec<P
        }
    };
    let buf_vec = cert.cert.to_der()?;
-    let algorithm_id = get_algorithm_id(&cert.cert.tbs_certificate.subject_public_key_info)
+    let algorithm_id = get_algorithm_id_by_certificate(&cert)
        .map(|aid| format!("{:?}", aid))
        .unwrap_or_else(|e| format!("Error: {}", e));
    let cert_subject = match parse_x509_certificate(&buf_vec) {
--- a/src/cmd_pivverify.rs
+++ b/src/cmd_pivverify.rs
@@ -46,7 +46,7 @@ impl Command for CommandImpl {
        if let Some(key) = find_key(&slot_id)? {
            let certificate = key.certificate();
            let tbs_certificate = &certificate.cert.tbs_certificate;
-            if let Ok(algorithm_id) = pivutil::get_algorithm_id(&tbs_certificate.subject_public_key_info) {
+            if let Ok(algorithm_id) = pivutil::get_algorithm_id_by_certificate(certificate) {
                let public_key_bit_string = &tbs_certificate.subject_public_key_info.subject_public_key;
                match algorithm_id {
                    AlgorithmId::EccP256 | AlgorithmId::EccP384 => {
@@ -80,7 +80,7 @@ impl Command for CommandImpl {
                    AlgorithmId::Rsa1024 | AlgorithmId::Rsa2048 => {
                        let pk_rsa = public_key_bit_string.raw_bytes();

-                        let keypair = opt_result!(Rsa::public_key_from_der_pkcs1(&pk_rsa), "Parse RSA failed: {}");
+                        let keypair = opt_result!(Rsa::public_key_from_der_pkcs1(pk_rsa), "Parse RSA failed: {}");
                        // let pub_key_der = opt_result!(keypair.public_key_to_der(), "RSA public key to der failed: {}");
                        // let pub_key_fingerprint = hex::encode(sha256_bytes(&pub_key_der));
                        let mut dmesg = vec![0; ((keypair.n().num_bits() + 7) / 8) as usize];
--- a/src/pivutil.rs
+++ b/src/pivutil.rs
@@ -3,7 +3,7 @@ use spki::{ObjectIdentifier, SubjectPublicKeyInfoOwned};
 use spki::der::{Decode, Encode};
 use x509_parser::prelude::FromDer;
 use x509_parser::public_key::RSAPublicKey;
-use yubikey::{PinPolicy, TouchPolicy};
+use yubikey::{Certificate, PinPolicy, TouchPolicy};
 use yubikey::piv::{AlgorithmId, ManagementAlgorithmId, ManagementSlotId, Origin, RetiredSlotId};
 use yubikey::piv::SlotId;

@@ -106,6 +106,20 @@ impl ToStr for Origin {
    }
 }

+impl ToStr for Option<Origin> {
+    fn to_str(&self) -> &str {
+        match self {
+            None => "none",
+            Some(origin) => origin.to_str(),
+        }
+    }
+}
+
+pub fn get_algorithm_id_by_certificate(certificate: &Certificate) -> XResult<AlgorithmId> {
+    let tbs_certificate = &certificate.cert.tbs_certificate;
+    get_algorithm_id(&tbs_certificate.subject_public_key_info)
+}
+
 pub fn get_algorithm_id(public_key_info: &SubjectPublicKeyInfoOwned) -> XResult<AlgorithmId> {
    if public_key_info.algorithm.oid == RSA {
        let rsa_public_key = opt_result!(