hatter/yubikey-piv-pkcs11
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: update pkcs11 piv

Browse Source
This commit is contained in:
Hatter Jiang
2024-07-06 21:46:14 +08:00
parent a7bfda9cbf
commit 6002db37ae
4 changed files with 5 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
Cargo.lock generated
View File

@@ -133,22 +133,6 @@ version = "0.9.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
[[package]]
name = "core-foundation"
version = "0.9.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]]
name = "core-foundation-sys"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f"
[[package]] [[package]]
name = "cpufeatures" name = "cpufeatures"
version = "0.2.12" version = "0.2.12"
@@ -516,13 +500,10 @@ dependencies = [
name = "native-pkcs11-piv" name = "native-pkcs11-piv"
version = "0.2.18" version = "0.2.18"
dependencies = [ dependencies = [
"core-foundation",
"native-pkcs11-traits", "native-pkcs11-traits",
"p256", "p256",
"rand", "rand",
"rsa", "rsa",
"security-framework",
"security-framework-sys",
"serial_test", "serial_test",
"spki", "spki",
"thiserror", "thiserror",
@@ -561,16 +542,6 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "num-bigint"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
dependencies = [
"num-integer",
"num-traits",
]
[[package]] [[package]]
name = "num-bigint-dig" name = "num-bigint-dig"
version = "0.8.4" version = "0.8.4"
@@ -982,30 +953,6 @@ dependencies = [
"zeroize", "zeroize",
] ]
[[package]]
name = "security-framework"
version = "2.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c627723fd09706bacdb5cf41499e95098555af3c3c29d014dc3c458ef6be11c0"
dependencies = [
"bitflags 2.5.0",
"core-foundation",
"core-foundation-sys",
"libc",
"num-bigint",
"security-framework-sys",
]
[[package]]
name = "security-framework-sys"
version = "2.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "317936bbbd05227752583946b9e66d7ce3b489f84e11a94a510b4437fef407d7"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]] [[package]]
name = "serde" name = "serde"
version = "1.0.203" version = "1.0.203"

5
native-pkcs11-piv/Cargo.toml
View File

@@ -28,8 +28,3 @@ yubikey = { version = "0.8.0", features = ["untested"] }
[dev-dependencies] [dev-dependencies]
serial_test = { version = "3.1.1", default-features = false } serial_test = { version = "3.1.1", default-features = false }
[target.'cfg(target_os="macos")'.dependencies]
core-foundation = { version = "0.9.4", features = ["mac_os_10_8_features"] }
security-framework = { version = "2.11.0", features = ["OSX_10_15"] }
security-framework-sys = { version = "2.11.0", features = ["OSX_10_15"] }

9
native-pkcs11-piv/src/piv/key.rs
View File

@@ -14,7 +14,6 @@
use std::fmt::Debug; use std::fmt::Debug;
use security_framework::key::SecKey;
use tracing::instrument; use tracing::instrument;
use native_pkcs11_traits::{Backend, KeyAlgorithm, PrivateKey, PublicKey, SignatureAlgorithm}; use native_pkcs11_traits::{Backend, KeyAlgorithm, PrivateKey, PublicKey, SignatureAlgorithm};
@@ -28,7 +27,7 @@ pub enum Algorithm {
#[derive(Debug)] #[derive(Debug)]
pub struct YubikeyPivPrivateKey { pub struct YubikeyPivPrivateKey {
sec_key: SecKey, // sec_key: SecKey,
label: String, label: String,
public_key_hash: Vec<u8>, public_key_hash: Vec<u8>,
algorithm: KeyAlgorithm, algorithm: KeyAlgorithm,
@@ -99,13 +98,14 @@ impl PrivateKey for YubikeyPivPrivateKey {
&self, &self,
_backend: &dyn Backend, _backend: &dyn Backend,
) -> P11Result<Option<Box<dyn PublicKey>>> { ) -> P11Result<Option<Box<dyn PublicKey>>> {
// TODO ...
Ok(None) Ok(None)
} }
} }
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
pub struct YubikeyPivPublicKey { pub struct YubikeyPivPublicKey {
pub sec_key: SecKey, // pub sec_key: SecKey,
pub label: String, pub label: String,
der: Vec<u8>, der: Vec<u8>,
public_key_hash: Vec<u8>, public_key_hash: Vec<u8>,
@@ -157,11 +157,12 @@ impl PublicKey for YubikeyPivPublicKey {
// if !result { // if !result {
// return Err("verify failed")?; // return Err("verify failed")?;
// } // }
// TODO ...
Ok(()) Ok(())
} }
fn delete(self: Box<Self>) { fn delete(self: Box<Self>) {
let _ = self.sec_key.delete(); // yubikey-piv-pkcs11 just cannot delete public key
} }
fn algorithm(&self) -> KeyAlgorithm { fn algorithm(&self) -> KeyAlgorithm {

3
native-pkcs11-piv/src/piv/mod.rs
View File

@@ -64,9 +64,6 @@ pub enum ErrorKind {
#[error("{0}")] #[error("{0}")]
Der(#[from] x509_cert::der::Error), Der(#[from] x509_cert::der::Error),
#[error("{0}")]
SecurityFramework(#[from] security_framework::base::Error),
#[error("{0}")] #[error("{0}")]
Spki(#[from] x509_cert::spki::Error), Spki(#[from] x509_cert::spki::Error),