AlgorithmId::write helper to match policy helpers
This commit is contained in:
@@ -122,7 +122,6 @@ pub const TAG_RSA_MODULUS: u8 = 0x81;
|
|||||||
pub const TAG_RSA_EXP: u8 = 0x82;
|
pub const TAG_RSA_EXP: u8 = 0x82;
|
||||||
pub const TAG_ECC_POINT: u8 = 0x86;
|
pub const TAG_ECC_POINT: u8 = 0x86;
|
||||||
|
|
||||||
pub const YKPIV_ALGO_TAG: u8 = 0x80;
|
|
||||||
pub const YKPIV_ALGO_3DES: u8 = 0x03;
|
pub const YKPIV_ALGO_3DES: u8 = 0x03;
|
||||||
|
|
||||||
pub const YKPIV_ATR_NEO_R3: &[u8] = b";\xFC\x13\0\0\x811\xFE\x15YubikeyNEOr3\xE1\0";
|
pub const YKPIV_ATR_NEO_R3: &[u8] = b";\xFC\x13\0\0\x811\xFE\x15YubikeyNEOr3\xE1\0";
|
||||||
|
|||||||
+14
-13
@@ -312,6 +312,16 @@ impl From<AlgorithmId> for u8 {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl AlgorithmId {
|
||||||
|
/// Writes the `AlgorithmId` in the format the YubiKey expects during key generation.
|
||||||
|
pub(crate) fn write(self, buf: &mut [u8]) -> usize {
|
||||||
|
buf[0] = 0x80;
|
||||||
|
buf[1] = 0x01;
|
||||||
|
buf[2] = self.into();
|
||||||
|
3
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// PIV cryptographic keys stored in a YubiKey
|
/// PIV cryptographic keys stored in a YubiKey
|
||||||
#[derive(Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
pub struct Key {
|
pub struct Key {
|
||||||
@@ -412,7 +422,6 @@ pub fn generate(
|
|||||||
pin_policy: PinPolicy,
|
pin_policy: PinPolicy,
|
||||||
touch_policy: TouchPolicy,
|
touch_policy: TouchPolicy,
|
||||||
) -> Result<GeneratedKey, Error> {
|
) -> Result<GeneratedKey, Error> {
|
||||||
let mut in_data = [0u8; 11];
|
|
||||||
let mut templ = [0, Ins::GenerateAsymmetric.code(), 0, 0];
|
let mut templ = [0, Ins::GenerateAsymmetric.code(), 0, 0];
|
||||||
let setting_roca: settings::BoolValue;
|
let setting_roca: settings::BoolValue;
|
||||||
|
|
||||||
@@ -463,19 +472,11 @@ pub fn generate(
|
|||||||
|
|
||||||
templ[3] = slot.into();
|
templ[3] = slot.into();
|
||||||
|
|
||||||
|
let mut in_data = [0u8; 11];
|
||||||
|
in_data[0] = 0xac;
|
||||||
|
in_data[1] = 3; // length sans this 2-byte header
|
||||||
|
assert_eq!(algorithm.write(&mut in_data[2..]), 3);
|
||||||
let mut offset = 5;
|
let mut offset = 5;
|
||||||
in_data[..offset].copy_from_slice(&[
|
|
||||||
0xac,
|
|
||||||
3, // length sans this 2-byte header
|
|
||||||
YKPIV_ALGO_TAG,
|
|
||||||
1,
|
|
||||||
algorithm.into(),
|
|
||||||
]);
|
|
||||||
|
|
||||||
if in_data[4] == 0 {
|
|
||||||
error!("unexpected algorithm");
|
|
||||||
return Err(Error::AlgorithmError);
|
|
||||||
}
|
|
||||||
|
|
||||||
let pin_len = pin_policy.write(&mut in_data[offset..]);
|
let pin_len = pin_policy.write(&mut in_data[offset..]);
|
||||||
in_data[1] += pin_len as u8;
|
in_data[1] += pin_len as u8;
|
||||||
|
|||||||
Reference in New Issue
Block a user