feat: add example - rsa_encrypt

2022-04-03 18:52:42 +08:00
parent 83d25d6d97
commit fc28ed40e3
4 changed files with 59 additions and 33 deletions
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@ cargo install --git https://git.hatter.ink/hatter/card-cli.git

 # PGP

-## decrypt text
+## encrypt & decrypt

 sample public key
 ```
@@ -39,7 +39,7 @@ decrypt
 $ cargo r -- pgp-card-decrypt -c $(cat enc.txt | xxd -ps -c 11111)
 ```

-## sign
+## sign & verify

 sign
 ```
@@ -56,29 +56,3 @@ $ openssl dgst -sha256 -verify sign_key.pem -signature sig test.txt
 Verified OK
 ```

-
-Awesome webauthn:
-* https://github.com/herrjemand/awesome-webauthn
-
-Hard U2F projects:
-* https://github.com/google/OpenSK
-* https://github.com/solokeys/solo
-* https://github.com/conorpp/u2f-zero
-* https://github.com/makerdiary/nrf52-u2f
-
-Soft U2F projects:
-* https://github.com/github/SoftU2F
-* https://github.com/SoftU2F/SoftU2F-Win
-* https://github.com/danstiner/rust-u2f
-
-Related webauthn Rust projects:
-* https://github.com/mozilla/authenticator-rs/
-* https://github.com/gebogebogebo/ctap-hid-fido2
-* https://github.com/kanidm/webauthn-rs
-* https://github.com/kanidm/webauthn-authenticator-rs
-* https://github.com/shimunn/ctap
-
-OpenPGP projects:
-* https://github.com/solokeys/piv-authenticator
-* https://gitlab.com/hkos/openpgp-card
-* https://gitlab.com/sequoia-pgp/sequoia
--- a/examples/rsa_encrypt.rs
+++ b/examples/rsa_encrypt.rs
@@ -0,0 +1,37 @@
+use openssl::encrypt::Encrypter;
+use openssl::pkey::PKey;
+use openssl::rsa::{Padding, Rsa};
+use rust_util::information;
+
+fn main() {
+    let data = b"hello, world!";
+    let rsa = Rsa::public_key_from_pem(
+        b"-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApUM8M+QRMUw0dIvXISFx
+43j4h9CK38Y9HD6kPcc3Z0dCGPiFy7Ze0OQebPWHyUZ2YmqsdyzFuOQuV9P2pxxj
+/WLIgRqZV8Jk8tWhtAjOOvm0MTc2rg+EJHfa+zhX4eFEMsj4DvQBMJDXiKnpXTM/
+j7oMKpIUQHqfXBwsEJHLmHZTLeEBEYKcZXTAmuu3WdxK5jvEc02Xt2hZ1fBs0M9e
+/2EMe3t69aH4/rabiBjF2h9Jde15wrJMxXaCCWJqYhbBS0CJ3BdjkAqOIpcqPXva
+xiJN1pNpK8ejA9Q4Nmx7pxnvfv+hCPkWXZS3r/BWZ9lFZc8uErQEbB4gLgko8jOl
+fQF7cYqtZEs69qY8nnIUBsqZYfAp+bQd2xCFSbEZAl+OrtGzfVjD9YFMPy02+xRg
+v2N3KT3KHHvuU7WxrvffrshP2fwDuG2MBlmcq1suAKxA0cYPSyajceEqw/3ogSp7
+7SYx41rT8EWLmTvU0CHzCsuf/O7sDWZRfxatAzWhBBhnKCPqzizpOQOqm8XhCt74
+FfnabPpHM9XUjoQIPrTssyS3eWqynzJiAqez6v2LK2fhL7IkcLtvt5p59Y+KY4I6
+YQ09iUh7lKJHRhkgTomUurJHieVHMWFGIHofEC+nU6pGIUh0P7Nr0Gz45GJTwWGd
+hW53WfImja+b5kwwyqUikyMCAwEAAQ==
+-----END PUBLIC KEY-----");
+    let pub_key = PKey::from_rsa(rsa.unwrap()).unwrap();
+
+    // Encrypt the data with RSA PKCS1
+    let mut encrypter = Encrypter::new(&pub_key).unwrap();
+    encrypter.set_rsa_padding(Padding::PKCS1).unwrap();
+    // Create an output buffer
+    let buffer_len = encrypter.encrypt_len(data).unwrap();
+    let mut encrypted = vec![0; buffer_len];
+    // Encrypt and truncate the buffer
+    let encrypted_len = encrypter.encrypt(data, &mut encrypted).unwrap();
+    encrypted.truncate(encrypted_len);
+
+    information!("Clear text: {}", String::from_utf8_lossy(data));
+    information!("Encrypted message base64: {}", base64::encode(&encrypted));
+}
--- a/15
+++ b/15
@@ -0,0 +1,15 @@
+_:
+  @just --list
+
+# run --help
+help:
+  cargo r -- --help
+
+# run pgp-card-list
+pgp-list:
+  cargo r -- pgp-card-list
+
+# run example: rsa_encrypt
+example-rsa-encrypt:
+  cargo r --example rsa_encrypt
+
--- a/src/cmd_piv.rs
+++ b/src/cmd_piv.rs
@@ -28,18 +28,18 @@ impl Command for CommandImpl {
        let detail_output = sub_arg_matches.is_present("detail");
        let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");
        success!("Name: {}", yk.name());
-        success!("Version: {}", yk.version());
-        success!("Serial: {}", yk.serial());
+        information!("Version: {}", yk.version());
+        information!("Serial: {}", yk.serial());
        match yk.chuid() {
-            Ok(chuid) => success!("CHUID: {}",chuid.to_string()),
+            Ok(chuid) => information!("CHUID: {}",chuid.to_string()),
            Err(e) => warning!("CHUID: <none> {}", e),
        }
        match yk.cccid() {
-            Ok(cccid) => success!("CCCID: {}",cccid.to_string()),
+            Ok(cccid) => information!("CCCID: {}",cccid.to_string()),
            Err(e) => warning!("CCCID: <none> {}", e),
        }
        match yk.get_pin_retries() {
-            Ok(pin_retries) => success!("PIN retries: {}",pin_retries),
+            Ok(pin_retries) => information!("PIN retries: {}",pin_retries),
            Err(e) => warning!("PIN retries: <none> {}", e),
        }
        if sub_arg_matches.is_present("show-config") {