Implement --generate command

Includes logic to help users manage their keys:

- If the key is using a default PIN, we require the user to change it.
- We set the PUK equal to the PIN so the user doesn't need to remember
  them separately.
- We migrate the default management key to a new PIN-protected key.
This commit is contained in:
Jack Grigg
2021-01-03 19:47:10 +00:00
parent eedf9fa997
commit 850f96cd2c
7 changed files with 341 additions and 4 deletions
Generated
+23
View File
@@ -44,13 +44,18 @@ dependencies = [
"age-core",
"age-plugin",
"bech32",
"chrono",
"console",
"dialoguer",
"elliptic-curve",
"env_logger",
"gumdrop",
"hex",
"log",
"p256",
"rand 0.8.3",
"sha2",
"x509",
"x509-parser",
"yubikey-piv",
]
@@ -299,6 +304,18 @@ dependencies = [
"opaque-debug",
]
[[package]]
name = "dialoguer"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c9dd058f8b65922819fabb4a41e7d1964e56344042c26efbccd465202c23fa0c"
dependencies = [
"console",
"lazy_static",
"tempfile",
"zeroize",
]
[[package]]
name = "digest"
version = "0.9.0"
@@ -443,6 +460,12 @@ dependencies = [
"libc",
]
[[package]]
name = "hex"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
[[package]]
name = "hkdf"
version = "0.10.0"