feat: v0.1.1
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "swift-secure-enclave-tool-rs"
|
||||
version = "0.1.0"
|
||||
version = "0.1.1"
|
||||
edition = "2024"
|
||||
authors = ["Hatter Jiang"]
|
||||
repository = "https://git.hatter.ink/hatter/swift-secure-enclave-tool-rs"
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
use base64::engine::general_purpose::STANDARD;
|
||||
use base64::Engine;
|
||||
use swift_secure_enclave_tool_rs::{
|
||||
generate_ecdsa_keypair, is_secure_enclave_supported, KeyMaterial, KeyPurpose,
|
||||
generate_keypair, is_secure_enclave_supported, KeyMaterial, KeyPurpose,
|
||||
};
|
||||
|
||||
fn main() {
|
||||
@@ -10,20 +10,19 @@ fn main() {
|
||||
is_secure_enclave_supported().unwrap()
|
||||
);
|
||||
|
||||
let ecdsa_key_material_require_bio = generate_ecdsa_keypair(KeyPurpose::Signing, true).unwrap();
|
||||
let ecdsa_key_material_require_bio = generate_keypair(KeyPurpose::Signing, true).unwrap();
|
||||
print_key_material("Signing key [require bio]", &ecdsa_key_material_require_bio);
|
||||
|
||||
let ecdsa_key_material_no_bio = generate_ecdsa_keypair(KeyPurpose::Signing, true).unwrap();
|
||||
let ecdsa_key_material_no_bio = generate_keypair(KeyPurpose::Signing, true).unwrap();
|
||||
print_key_material("Signing key [no bio]", &ecdsa_key_material_no_bio);
|
||||
|
||||
let ecdsa_key_material_require_bio =
|
||||
generate_ecdsa_keypair(KeyPurpose::KeyAgreement, true).unwrap();
|
||||
let ecdsa_key_material_require_bio = generate_keypair(KeyPurpose::KeyAgreement, true).unwrap();
|
||||
print_key_material(
|
||||
"Key agreement key [require bio]",
|
||||
&ecdsa_key_material_require_bio,
|
||||
);
|
||||
|
||||
let ecdsa_key_material_no_bio = generate_ecdsa_keypair(KeyPurpose::KeyAgreement, true).unwrap();
|
||||
let ecdsa_key_material_no_bio = generate_keypair(KeyPurpose::KeyAgreement, true).unwrap();
|
||||
print_key_material("Key agreement key [no bio]", &ecdsa_key_material_no_bio);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
use base64::engine::general_purpose::STANDARD;
|
||||
use base64::Engine;
|
||||
use swift_secure_enclave_tool_rs::private_key_ecdsa_sign;
|
||||
use swift_secure_enclave_tool_rs::private_key_sign;
|
||||
|
||||
fn main() {
|
||||
let args = std::env::args().collect::<Vec<_>>();
|
||||
let private_key_representation = STANDARD.decode(&args[1]).unwrap();
|
||||
|
||||
let signature = private_key_ecdsa_sign(&private_key_representation, b"hello world").unwrap();
|
||||
let signature = private_key_sign(&private_key_representation, b"hello world").unwrap();
|
||||
|
||||
println!("{}", hex::encode(&signature));
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use base64::Engine;
|
||||
use swift_secure_enclave_tool_rs::{recover_ecdsa_keypair, KeyPurpose};
|
||||
use swift_secure_enclave_tool_rs::{recover_keypair, KeyPurpose};
|
||||
|
||||
fn main() {
|
||||
let args = std::env::args().collect::<Vec<_>>();
|
||||
@@ -7,6 +7,6 @@ fn main() {
|
||||
.decode(&args[1])
|
||||
.unwrap();
|
||||
let key_material =
|
||||
recover_ecdsa_keypair(KeyPurpose::KeyAgreement, &private_key_representation).unwrap();
|
||||
recover_keypair(KeyPurpose::KeyAgreement, &private_key_representation).unwrap();
|
||||
println!("{:?}", key_material)
|
||||
}
|
||||
|
||||
@@ -1,12 +1,11 @@
|
||||
use base64::Engine;
|
||||
use swift_secure_enclave_tool_rs::{recover_ecdsa_keypair, KeyPurpose};
|
||||
use swift_secure_enclave_tool_rs::{recover_keypair, KeyPurpose};
|
||||
|
||||
fn main() {
|
||||
let args = std::env::args().collect::<Vec<_>>();
|
||||
let private_key_representation = base64::engine::general_purpose::STANDARD
|
||||
.decode(&args[1])
|
||||
.unwrap();
|
||||
let key_material =
|
||||
recover_ecdsa_keypair(KeyPurpose::Signing, &private_key_representation).unwrap();
|
||||
let key_material = recover_keypair(KeyPurpose::Signing, &private_key_representation).unwrap();
|
||||
println!("{:?}", key_material)
|
||||
}
|
||||
|
||||
36
src/lib.rs
36
src/lib.rs
@@ -31,41 +31,59 @@ pub fn is_secure_enclave_supported() -> XResult<bool> {
|
||||
}
|
||||
}
|
||||
|
||||
#[deprecated]
|
||||
pub fn generate_ecdsa_keypair(key_purpose: KeyPurpose, require_bio: bool) -> XResult<KeyMaterial> {
|
||||
generate_keypair(key_purpose, require_bio)
|
||||
}
|
||||
|
||||
pub fn generate_keypair(key_purpose: KeyPurpose, require_bio: bool) -> XResult<KeyMaterial> {
|
||||
let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
|
||||
cmd.arg(match key_purpose {
|
||||
KeyPurpose::Signing => "generate_p256_ecsign_keypair",
|
||||
KeyPurpose::KeyAgreement => "generate_p256_ecdh_keypair",
|
||||
});
|
||||
cmd.arg(&format!("{}", require_bio));
|
||||
cmd.arg(format!("{}", require_bio));
|
||||
|
||||
let cmd_stdout = run_command_stdout(cmd)?;
|
||||
parse_keypair_result(&cmd_stdout)
|
||||
}
|
||||
|
||||
#[deprecated]
|
||||
pub fn recover_ecdsa_keypair(
|
||||
key_purpose: KeyPurpose,
|
||||
private_key_representation: &[u8],
|
||||
) -> XResult<KeyMaterial> {
|
||||
recover_keypair(key_purpose, private_key_representation)
|
||||
}
|
||||
|
||||
pub fn recover_keypair(
|
||||
key_purpose: KeyPurpose,
|
||||
private_key_representation: &[u8],
|
||||
) -> XResult<KeyMaterial> {
|
||||
let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
|
||||
cmd.arg(match key_purpose {
|
||||
KeyPurpose::Signing => "recover_p256_ecsign_public_key",
|
||||
KeyPurpose::KeyAgreement => "recover_p256_ecdh_public_key",
|
||||
});
|
||||
cmd.arg(&STANDARD.encode(private_key_representation));
|
||||
cmd.arg(STANDARD.encode(private_key_representation));
|
||||
|
||||
let cmd_stdout = run_command_stdout(cmd)?;
|
||||
parse_keypair_result(&cmd_stdout)
|
||||
}
|
||||
|
||||
#[deprecated]
|
||||
pub fn private_key_ecdsa_sign(
|
||||
private_key_representation: &[u8],
|
||||
content: &[u8],
|
||||
) -> XResult<Vec<u8>> {
|
||||
private_key_sign(private_key_representation, content)
|
||||
}
|
||||
|
||||
pub fn private_key_sign(private_key_representation: &[u8], content: &[u8]) -> XResult<Vec<u8>> {
|
||||
let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
|
||||
cmd.arg("compute_p256_ecsign");
|
||||
cmd.arg(&STANDARD.encode(private_key_representation));
|
||||
cmd.arg(&STANDARD.encode(content));
|
||||
cmd.arg(STANDARD.encode(private_key_representation));
|
||||
cmd.arg(STANDARD.encode(content));
|
||||
|
||||
let cmd_stdout = run_command_stdout(cmd)?;
|
||||
if cmd_stdout.starts_with("ok:") {
|
||||
@@ -83,8 +101,8 @@ pub fn private_key_ecdh(
|
||||
) -> XResult<Vec<u8>> {
|
||||
let mut cmd = Command::new(SWIFT_SECURE_ENCLAVE_TOOL_CMD);
|
||||
cmd.arg("compute_p256_ecdh");
|
||||
cmd.arg(&STANDARD.encode(private_key_representation));
|
||||
cmd.arg(&STANDARD.encode(ephemera_public_key));
|
||||
cmd.arg(STANDARD.encode(private_key_representation));
|
||||
cmd.arg(STANDARD.encode(ephemera_public_key));
|
||||
|
||||
let cmd_stdout = run_command_stdout(cmd)?;
|
||||
if cmd_stdout.starts_with("ok:SharedSecret:") {
|
||||
@@ -121,9 +139,9 @@ fn parse_keypair_result(cmd_stdout: &str) -> XResult<KeyMaterial> {
|
||||
if cmd_stdout.starts_with("ok:") {
|
||||
let result = cmd_stdout.chars().skip(3).collect::<String>();
|
||||
let parts = result.split(",").collect::<Vec<_>>();
|
||||
let public_key_point = STANDARD.decode(&parts[0])?;
|
||||
let public_key_der = STANDARD.decode(&parts[1])?;
|
||||
let private_key_representation = STANDARD.decode(&parts[2])?;
|
||||
let public_key_point = STANDARD.decode(parts[0])?;
|
||||
let public_key_der = STANDARD.decode(parts[1])?;
|
||||
let private_key_representation = STANDARD.decode(parts[2])?;
|
||||
Ok(KeyMaterial {
|
||||
public_key_point,
|
||||
public_key_der,
|
||||
|
||||
Reference in New Issue
Block a user