hatter/card-cli
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
24449711e98b90b61e934bc3e4ca9a454a29e022
card-cli/src/sign.rs
Hatter Jiang 24449711e9 feat: pgp decrypt
2021-07-18 10:56:48 +08:00

88 lines
3.5 KiB
Rust
Raw Blame History

use clap::{ArgMatches, SubCommand, App, Arg};
use crate::cmd::{Command, CommandError};
use authenticator::{KeyHandle, AuthenticatorTransports, SignFlags};
use std::sync::mpsc::channel;
use authenticator::statecallback::StateCallback;
use authenticator::authenticatorservice::AuthenticatorService;
use crate::fido;
use crate::digest;
use crate::fido::U2fV2Challenge;
pub struct CommandImpl;
impl Command for CommandImpl {
fn name(&self) -> &str { "sign" }
fn subcommand<'a>(&self) -> App<'a, 'a> {
SubCommand::with_name(self.name()).about("Sign subcommand")
.arg(Arg::with_name("app-id").short("a").long("app-id").default_value("https://example.com").help("App id"))
.arg(Arg::with_name("timeout").short("t").long("timeout").default_value("10").help("Timeout in seconds"))
.arg(Arg::with_name("key-handle").short("k").long("key-handle").takes_value(true).multiple(true).help("Key handle"))
}
fn run(&self, _arg_matches: &ArgMatches, sub_arg_matches: &ArgMatches) -> CommandError {
let app_id = sub_arg_matches.value_of("app-id").unwrap();
let timeout_ms = match sub_arg_matches.value_of("timeout").unwrap().parse::<u32>() {
Ok(t) => (t * 1000) as u64,
Err(e) => return simple_error!("Timeout should be a number: {}", e),
};
let key_handles = opt_value_result!( sub_arg_matches.values_of("key-handle"), "Key handle is required");
let mut request_key_handles = vec![];
for kh in key_handles {
match hex::decode(kh) {
Ok(k) => request_key_handles.push(KeyHandle {
credential: k,
transports: AuthenticatorTransports::empty(),
}),
Err(e) => warning!("Parse key handle: {}, failed: {}", kh, e),
}
}
if request_key_handles.is_empty() {
return simple_error!("No valid key handle provided");
}
let flags = SignFlags::empty();
let (sign_tx, sign_rx) = channel();
let callback = StateCallback::new(Box::new(move |rv| {
sign_tx.send(rv).unwrap();
}));
let u2fv2_challenge = U2fV2Challenge::new_random(app_id);
let u2fv2_challenge_str = u2fv2_challenge.to_json();
let chall_bytes = digest::sha256(&u2fv2_challenge_str);
let app_bytes = digest::sha256(app_id);
let status_tx = fido::start_status_updater();
information!("Start sign...");
information!("App id: {}", app_id);
let mut manager = AuthenticatorService::new()?;
manager.add_u2f_usb_hid_platform_transports();
if let Err(e) = manager.sign(
flags,
timeout_ms,
chall_bytes,
vec![app_bytes],
request_key_handles,
status_tx,
callback,
) {
panic!("Couldn't register: {:?}", e);
}
let sign_result = sign_rx
.recv()
.expect("Problem receiving, unable to continue");
let (_, handle_used, sign_data, device_info) = sign_result.expect("Sign failed");
success!("Device info: {}", &device_info);
success!("Sign result: {}", base64::encode(&sign_data));
success!("Key handle used: {}", base64::encode(&handle_used));
success!("Key handle used: {}", hex::encode(&handle_used));
// u2f::authorization::parse_sign_response(app_id.to_string(), u2fv2_challenge_str.as_bytes().to_vec(), )
Ok(())
}
}
Reference in New Issue View Git Blame Copy Permalink