From 822a10f8f6f2b68a08a117a9a1a2939c9d5c0ddf Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Sun, 21 Nov 2021 15:51:54 +0000 Subject: [PATCH] yubikey 0.5 --- Cargo.lock | 190 ++++++++++++++-------------------------------------- Cargo.toml | 4 +- src/util.rs | 4 +- 3 files changed, 54 insertions(+), 144 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9c64a77..50179ad 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -27,9 +27,9 @@ dependencies = [ "chacha20poly1305", "cookie-factory", "hkdf", - "nom 7.1.0", + "nom", "rand", - "secrecy 0.8.0", + "secrecy", "sha2", "tempfile", ] @@ -80,12 +80,6 @@ dependencies = [ "memchr", ] -[[package]] -name = "arrayvec" -version = "0.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" - [[package]] name = "atty" version = "0.2.14" @@ -115,6 +109,12 @@ version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" +[[package]] +name = "base64ct" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6b4d9b1225d28d360ec6a231d65af1fd99a2a095154c8040689617290569c5c" + [[package]] name = "bech32" version = "0.8.1" @@ -127,18 +127,6 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "bitvec" -version = "0.19.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55f93d0ef3363c364d5976646a38f04cf67cfe1d4c8d160cdea02cab2c116b33" -dependencies = [ - "funty", - "radium", - "tap", - "wyz", -] - [[package]] name = "block-buffer" version = "0.9.0" @@ -287,15 +275,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28e98c534e9c8a0483aa01d6f6913bc063de254311bd267c9cf535e9b70e15b2" dependencies = [ "const-oid", + "crypto-bigint", ] [[package]] name = "der-oid-macro" -version = "0.4.0" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4cccf60bb98c0fca115a581f894aed0e43fa55bf289fdac5599bec440bb4fd6" +checksum = "c73af209b6a5dc8ca7cbaba720732304792cddc933cfea3d74509c2b1ef2f436" dependencies = [ - "nom 6.1.2", "num-bigint", "num-traits", "syn", @@ -303,12 +291,12 @@ dependencies = [ [[package]] name = "der-parser" -version = "5.1.2" +version = "6.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d7ededb7525bb4114bc209685ce7894edc2965f4914312a1ea578a645a237f0" +checksum = "9807efb310ce4ea172924f3a69d82f9fd6c9c3a19336344591153e665b31c43e" dependencies = [ "der-oid-macro", - "nom 6.1.2", + "nom", "num-bigint", "num-traits", "rusticata-macros", @@ -420,12 +408,6 @@ dependencies = [ "miniz_oxide", ] -[[package]] -name = "funty" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fed34cd105917e91daa4da6b3728c47b068749d6a62c59811f06ed2ac71d9da7" - [[package]] name = "generic-array" version = "0.14.4" @@ -528,19 +510,6 @@ dependencies = [ "spin", ] -[[package]] -name = "lexical-core" -version = "0.7.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6607c62aa161d23d17a9072cc5da0be67cdfc89d3afb1e8d9c842bebc2525ffe" -dependencies = [ - "arrayvec", - "bitflags", - "cfg-if", - "ryu", - "static_assertions", -] - [[package]] name = "libc" version = "0.2.108" @@ -593,19 +562,6 @@ dependencies = [ "autocfg 1.0.1", ] -[[package]] -name = "nom" -version = "6.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7413f999671bd4745a7b624bd370a569fb6bc574b23c83a3c5ed2e453f3d5e2" -dependencies = [ - "bitvec", - "funty", - "lexical-core", - "memchr", - "version_check", -] - [[package]] name = "nom" version = "7.1.0" @@ -680,9 +636,9 @@ dependencies = [ [[package]] name = "oid-registry" -version = "0.1.5" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6aae73e474f83beacd8ae2179e328e03d63d9223949d97e1b7c108059a34715" +checksum = "fe554cb2393bc784fd678c82c84cc0599c31ceadc7f03a594911f822cb8d1815" dependencies = [ "der-parser", ] @@ -721,9 +677,9 @@ dependencies = [ [[package]] name = "pbkdf2" -version = "0.8.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d95f5254224e617595d2cc3cc73ff0a5eaf2637519e25f03388154e9378b6ffa" +checksum = "f05894bce6a1ba4be299d0c5f29563e08af2bc18bb7d48313113bed71e904739" dependencies = [ "crypto-mac", ] @@ -748,14 +704,23 @@ dependencies = [ ] [[package]] -name = "pem" -version = "0.8.3" +name = "pem-rfc7468" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd56cbd21fea48d0c440b41cd69c589faacade08c992d9a54e471b79d0fd13eb" +checksum = "84e93a3b1cc0510b03020f33f21e62acdde3dcaef432edc95bea377fbd4c2cd4" dependencies = [ - "base64", - "once_cell", - "regex", + "base64ct", +] + +[[package]] +name = "pkcs1" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "116bee8279d783c0cf370efa1a94632f2108e5ef0bb32df31f051647810a4e2c" +dependencies = [ + "der", + "pem-rfc7468", + "zeroize", ] [[package]] @@ -765,7 +730,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447" dependencies = [ "der", + "pem-rfc7468", + "pkcs1", "spki", + "zeroize", ] [[package]] @@ -809,12 +777,6 @@ dependencies = [ "proc-macro2", ] -[[package]] -name = "radium" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "941ba9d78d8e2f7ce474c015eea4d9c6d25b6a3327f9832ee29a4de27f91bbb8" - [[package]] name = "rand" version = "0.8.4" @@ -898,9 +860,9 @@ checksum = "e33e4fb37ba46888052c763e4ec2acfedd8f00f62897b630cadb6298b833675e" [[package]] name = "rsa" -version = "0.4.0" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68ef841a26fc5d040ced0417c6c6a64ee851f42489df11cdf0218e545b6f8d28" +checksum = "e05c2603e2823634ab331437001b411b9ed11660fbc4066f3908c84a9439260d" dependencies = [ "byteorder", "digest", @@ -909,41 +871,20 @@ dependencies = [ "num-integer", "num-iter", "num-traits", - "pem", + "pkcs1", + "pkcs8", "rand", - "simple_asn1", "subtle", "zeroize", ] [[package]] name = "rusticata-macros" -version = "3.2.0" +version = "4.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbbee512c633ecabd4481c40111b6ded03ddd9ab10ba6caa5a74e14c889921ad" +checksum = "65c52377bb2288aa522a0c8208947fada1e0c76397f108cc08f57efe6077b50d" dependencies = [ - "nom 6.1.2", -] - -[[package]] -name = "rustversion" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61b3909d758bb75c79f23d4736fac9433868679d3ad2ea7a61e3c25cfda9a088" - -[[package]] -name = "ryu" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" - -[[package]] -name = "secrecy" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0673d6a6449f5e7d12a1caf424fd9363e2af3a4953023ed455e3c4beef4597c0" -dependencies = [ - "zeroize", + "nom", ] [[package]] @@ -997,18 +938,6 @@ dependencies = [ "rand_core", ] -[[package]] -name = "simple_asn1" -version = "0.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8eb4ea60fb301dc81dfc113df680571045d375ab7345d171c5dc7d7e13107a80" -dependencies = [ - "chrono", - "num-bigint", - "num-traits", - "thiserror", -] - [[package]] name = "smallvec" version = "1.7.0" @@ -1030,12 +959,6 @@ dependencies = [ "der", ] -[[package]] -name = "static_assertions" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" - [[package]] name = "subtle" version = "2.4.1" @@ -1074,12 +997,6 @@ dependencies = [ "unicode-xid", ] -[[package]] -name = "tap" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" - [[package]] name = "tempfile" version = "3.2.0" @@ -1234,12 +1151,6 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" -[[package]] -name = "wyz" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85e60b0d1b5f99db2556934e21937020776a5d31520bf169e851ac44e6420214" - [[package]] name = "x509" version = "0.2.0" @@ -1252,27 +1163,26 @@ dependencies = [ [[package]] name = "x509-parser" -version = "0.9.2" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64abca276c58f8341ddc13fd4bd6ae75993cc669043f5b34813c90f7dff04771" +checksum = "ffc90836a84cb72e6934137b1504d0cae304ef5d83904beb0c8d773bbfe256ed" dependencies = [ "base64", "chrono", "data-encoding", "der-parser", "lazy_static", - "nom 6.1.2", + "nom", "oid-registry", "rusticata-macros", - "rustversion", "thiserror", ] [[package]] name = "yubikey" -version = "0.4.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e1a034c181d445ebe147cc04a16b40a3815542bc7824c90d286463170ada7eb" +checksum = "e82a7de0613c75d93e4330613e24d859cab51770b081fe92f1dae4a1e38d9177" dependencies = [ "chrono", "cookie-factory", @@ -1281,7 +1191,7 @@ dependencies = [ "elliptic-curve", "hmac", "log", - "nom 6.1.2", + "nom", "num-bigint-dig", "num-integer", "num-traits", @@ -1291,7 +1201,7 @@ dependencies = [ "pcsc", "rand_core", "rsa", - "secrecy 0.7.0", + "secrecy", "sha-1", "sha2", "subtle", diff --git a/Cargo.toml b/Cargo.toml index 395e77c..a4f6d37 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -38,8 +38,8 @@ rand = "0.8" sha2 = "0.9" which = "4.1" x509 = "0.2" -x509-parser = "0.9" -yubikey = { version = "0.4", features = ["untested"] } +x509-parser = "0.12" +yubikey = { version = "0.5", features = ["untested"] } [dev-dependencies] flate2 = "1" diff --git a/src/util.rs b/src/util.rs index d4c2ded..f83a252 100644 --- a/src/util.rs +++ b/src/util.rs @@ -110,8 +110,8 @@ impl Metadata { // using the same certificate extension as PIV attestations. // https://developers.yubico.com/PIV/Introduction/PIV_attestation.html let policies = |c: &X509Certificate| { - c.extensions() - .get(&Oid::from(POLICY_EXTENSION_OID).unwrap()) + c.tbs_certificate + .find_extension(&Oid::from(POLICY_EXTENSION_OID).unwrap()) // If the encoded extension doesn't have 2 bytes, we assume it is invalid. .filter(|policy| policy.value.len() >= 2) .map(|policy| {