feat: update native-pkcs11-piv

2024-07-06 19:29:38 +08:00
parent d8a2309b95
commit a77e6ff44e
3 changed files with 67 additions and 54 deletions
--- a/native-pkcs11-piv/src/piv/backend.rs
+++ b/native-pkcs11-piv/src/piv/backend.rs
@@ -18,11 +18,18 @@ use core_foundation::{
    base::{TCFType, ToVoid},
    string::CFString,
 };
-use native_pkcs11_traits::Backend;
 use security_framework::{item::KeyClass, key::SecKey};
 use security_framework_sys::item::kSecAttrLabel;
 use tracing::instrument;

+use native_pkcs11_traits::Backend;
+use native_pkcs11_traits::Certificate as P11Certificate;
+use native_pkcs11_traits::KeyAlgorithm as P11KeyAlgorithm;
+use native_pkcs11_traits::KeySearchOptions as P11KeySearchOptions;
+use native_pkcs11_traits::PrivateKey as P11PrivateKey;
+use native_pkcs11_traits::PublicKey as P11PublicKey;
+use native_pkcs11_traits::Result as P11Result;
+
 use crate::{
    certificate::{find_all_certificates, YubikeyPivCertificate},
    key::{
@@ -51,7 +58,7 @@ impl Backend for YubikeyPivBackend {
    #[instrument]
    fn find_all_certificates(
        &self,
-    ) -> native_pkcs11_traits::Result<Vec<Box<dyn native_pkcs11_traits::Certificate>>> {
+    ) -> P11Result<Vec<Box<dyn P11Certificate>>> {
        let certs = find_all_certificates()?
            .into_iter()
            .map(YubikeyPivCertificate::new)
@@ -64,8 +71,8 @@ impl Backend for YubikeyPivBackend {
    #[instrument]
    fn find_private_key(
        &self,
-        query: native_pkcs11_traits::KeySearchOptions,
-    ) -> native_pkcs11_traits::Result<Option<Arc<dyn native_pkcs11_traits::PrivateKey>>> {
+        query: P11KeySearchOptions,
+    ) -> P11Result<Option<Arc<dyn P11PrivateKey>>> {
        let mut pubkeys_by_pubkey_hash: HashMap<Vec<u8>, SecKey> =
            HashMap::from_iter(find_all_certificates()?.into_iter().filter_map(|c| {
                c.certificate()
@@ -82,7 +89,7 @@ impl Backend for YubikeyPivBackend {
                .and_then(|sec_key| YubikeyPivPublicKey::new(sec_key, "").ok())
        };
        let opt_key = match query {
-            native_pkcs11_traits::KeySearchOptions::Label(label) => {
+            P11KeySearchOptions::Label(label) => {
                find_key(KeyClass::private(), &label)
                    .ok()
                    .map(|sec_key| {
@@ -91,7 +98,7 @@ impl Backend for YubikeyPivBackend {
                    })
                    .transpose()?
            }
-            native_pkcs11_traits::KeySearchOptions::PublicKeyHash(public_key_hash) => {
+            P11KeySearchOptions::PublicKeyHash(public_key_hash) => {
                find_key2(KeyClass::private(), &public_key_hash)?
                    .map(|sec_key| {
                        let cert = find_pubkey_for_seckey(&sec_key);
@@ -106,16 +113,16 @@ impl Backend for YubikeyPivBackend {
    #[instrument]
    fn find_public_key(
        &self,
-        query: native_pkcs11_traits::KeySearchOptions,
-    ) -> native_pkcs11_traits::Result<Option<Box<dyn native_pkcs11_traits::PublicKey>>> {
+        query: P11KeySearchOptions,
+    ) -> P11Result<Option<Box<dyn P11PublicKey>>> {
        let opt_key = match query {
-            native_pkcs11_traits::KeySearchOptions::Label(label) => {
+            P11KeySearchOptions::Label(label) => {
                find_key(KeyClass::public(), &label)
                    .ok()
                    .map(|sec_key| YubikeyPivPublicKey::new(sec_key, label))
                    .transpose()?
            }
-            native_pkcs11_traits::KeySearchOptions::PublicKeyHash(public_key_hash) => {
+            P11KeySearchOptions::PublicKeyHash(public_key_hash) => {
                find_key2(KeyClass::public(), &public_key_hash)?
                    .map(|sec_key| YubikeyPivPublicKey::new(sec_key, ""))
                    .transpose()?
@@ -127,15 +134,15 @@ impl Backend for YubikeyPivBackend {
    #[instrument]
    fn generate_key(
        &self,
-        _algorithm: native_pkcs11_traits::KeyAlgorithm,
+        _algorithm: P11KeyAlgorithm,
        _label: Option<&str>,
-    ) -> native_pkcs11_traits::Result<Arc<dyn native_pkcs11_traits::PrivateKey>> {
+    ) -> P11Result<Arc<dyn P11PrivateKey>> {
        Err("Generate key not supported, please use ykman, URL: https://hatter.in/ykman")?
    }

    fn find_all_private_keys(
        &self,
-    ) -> native_pkcs11_traits::Result<Vec<Arc<dyn native_pkcs11_traits::PrivateKey>>> {
+    ) -> P11Result<Vec<Arc<dyn P11PrivateKey>>> {
        let sec_keys = find_all_keys(KeyClass::private())?;
        let keys = sec_keys
            .into_iter()
@@ -157,7 +164,7 @@ impl Backend for YubikeyPivBackend {

    fn find_all_public_keys(
        &self,
-    ) -> native_pkcs11_traits::Result<Vec<Arc<dyn native_pkcs11_traits::PublicKey>>> {
+    ) -> P11Result<Vec<Arc<dyn P11PublicKey>>> {
        let sec_keys = find_all_keys(KeyClass::public())?;

        let keys = sec_keys