use clap::{ArgMatches, SubCommand, App, Arg}; use crate::cmd::{Command, CommandError}; use yubico_manager::Yubico; use yubico_manager::config::{Config, Mode, Slot}; use std::ops::Deref; pub struct CommandImpl; impl Command for CommandImpl { fn name(&self) -> &str { "chall" } fn subcommand<'a>(&self) -> App<'a, 'a> { SubCommand::with_name(self.name()).about("Yubikey challenge-response hmac") .arg(Arg::with_name("challenge").short("c").long("challenge").takes_value(true).help("Challenge")) .arg(Arg::with_name("challenge-hex").short("x").long("challenge-hex").takes_value(true).help("Challenge HEX")) .arg(Arg::with_name("json").long("json").help("JSON output")) } fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError { let challenge_bytes: Vec; if let Some(challenge) = sub_arg_matches.value_of("challenge") { challenge_bytes = challenge.as_bytes().to_vec(); } else if let Some(challenge_hex) = sub_arg_matches.value_of("challenge-hex") { challenge_bytes = hex::decode(challenge_hex)?; } else { return simple_error!("Challenge must assigned"); } // Challenge can not be greater than 64 bytes if challenge_bytes.len() > 64 { return simple_error!("Challenge bytes is: {}, more than 64", challenge_bytes.len()); } let mut yubi = Yubico::new(); if let Ok(device) = yubi.find_yubikey() { success!("Found key, Vendor ID: {:?} Product ID {:?}", device.vendor_id, device.product_id); let config = Config::default() .set_vendor_id(device.vendor_id) .set_product_id(device.product_id) .set_variable_size(true) .set_mode(Mode::Sha1) .set_slot(Slot::Slot2); // In HMAC Mode, the result will always be the SAME for the SAME provided challenge let hmac_result = yubi.challenge_response_hmac(&challenge_bytes, config).unwrap(); // Just for debug, lets check the hex let v: &[u8] = hmac_result.deref(); let hex_string = hex::encode(v); success!("{}", hex_string); } else { warning!("Yubikey not found"); } Ok(()) } }