feat: update pkcs11 piv

2024-07-06 21:51:16 +08:00
parent 6002db37ae
commit baf80d52d1
2 changed files with 10 additions and 8 deletions
--- a/native-pkcs11-piv/src/piv/backend.rs
+++ b/native-pkcs11-piv/src/piv/backend.rs
@@ -42,6 +42,7 @@ impl Backend for YubikeyPivBackend {
    fn find_all_certificates(
        &self,
    ) -> P11Result<Vec<Box<dyn P11Certificate>>> {
+        // TODO ...
        Ok(vec![])
    }

@@ -54,6 +55,7 @@ impl Backend for YubikeyPivBackend {
            KeySearchOptions::Label(label) => {}
            KeySearchOptions::PublicKeyHash(public_key_hash) => {}
        }
+        // TODO ...
        Ok(None)
    }

@@ -66,18 +68,21 @@ impl Backend for YubikeyPivBackend {
            KeySearchOptions::Label(label) => {}
            KeySearchOptions::PublicKeyHash(public_key_hash) => {}
        }
+        // TODO ...
        Ok(None)
    }

    fn find_all_private_keys(
        &self,
    ) -> P11Result<Vec<Arc<dyn P11PrivateKey>>> {
+        // TODO ...
        Ok(vec![])
    }

    fn find_all_public_keys(
        &self,
    ) -> P11Result<Vec<Arc<dyn P11PublicKey>>> {
+        // TODO ...
        Ok(vec![])
    }

--- a/native-pkcs11-piv/src/piv/key.rs
+++ b/native-pkcs11-piv/src/piv/key.rs
@@ -72,13 +72,7 @@ impl PrivateKey for YubikeyPivPrivateKey {
    ) -> P11Result<Vec<u8>> {
        match algorithm {
            SignatureAlgorithm::Ecdsa => {}
-            SignatureAlgorithm::RsaRaw => {}
-            SignatureAlgorithm::RsaPkcs1v15Raw => {}
-            SignatureAlgorithm::RsaPkcs1v15Sha1 => {}
-            SignatureAlgorithm::RsaPkcs1v15Sha384 => {}
-            SignatureAlgorithm::RsaPkcs1v15Sha256 => {}
-            SignatureAlgorithm::RsaPkcs1v15Sha512 => {}
-            SignatureAlgorithm::RsaPss { .. } => {}
+            _ => return Err("RSA algorithm not supported.")?,
        }
        // TODO sign data or hash??
        Ok(vec![])
@@ -152,7 +146,10 @@ impl PublicKey for YubikeyPivPublicKey {
        data: &[u8],
        signature: &[u8],
    ) -> P11Result<()> {
-        // let algorithm = sigalg_to_seckeyalg(algorithm)?;
+        match algorithm {
+            SignatureAlgorithm::Ecdsa => {}
+            _ => return Err("RSA algorithm not supported.")?,
+        }
        // let result = self.sec_key.verify_signature(algorithm, data, signature)?;
        // if !result {
        //     return Err("verify failed")?;