Implement CA Fingerprints

2022-04-22 15:21:42 +02:00 · 2022-04-22 15:21:42 +02:00 · 67e9f9b9a0
commit 67e9f9b9a0
parent 20ebac295d
2 changed files with 40 additions and 9 deletions
--- a/openpgp-card/src/card_do.rs
+++ b/openpgp-card/src/card_do.rs
@ -150,11 +150,22 @@ impl ApplicationRelatedData {
        }
    }

-    // FIXME
-    // #[allow(dead_code)]
-    // fn ca_fingerprints() {
-    //     unimplemented!()
-    // }
+    pub fn ca_fingerprints(&self) -> Result<[Option<Fingerprint>; 3], Error> {
+        let fp = self.0.find(&[0xc6].into());
+
+        if let Some(fp) = fp {
+            // FIXME: using a KeySet is a weird hack
+            let fp: KeySet<Fingerprint> = (&fp.serialize()[..]).try_into()?;
+
+            let fp = [fp.signature, fp.decryption, fp.authentication];
+
+            log::trace!("CA Fp: {:x?}", fp);
+
+            Ok(fp)
+        } else {
+            Err(Error::NotFound("Failed to get CA fingerprints.".into()))
+        }
+    }

    /// Generation dates/times of key pairs
    pub fn key_generation_times(&self) -> Result<KeySet<KeyGenerationTime>, crate::Error> {
@ -173,10 +184,9 @@ impl ApplicationRelatedData {
        }
    }

-    // #[allow(dead_code)]
-    // fn key_information() {
-    //     unimplemented!()
-    // }
+    fn key_information() {
+        unimplemented!()
+    }

    pub fn uif_pso_cds(&self) -> Result<Option<UIF>, Error> {
        let uif = self.0.find(&[0xd6].into());
--- a/openpgp-card/src/openpgp.rs
+++ b/openpgp-card/src/openpgp.rs
@ -660,6 +660,27 @@ impl<'a> OpenPgpTransaction<'a> {
        apdu::send_command(self.tx(), fp_cmd, false)?.try_into()
    }

+    pub fn set_ca_fingerprint_1(&mut self, fp: Fingerprint) -> Result<(), Error> {
+        log::info!("OpenPgpTransaction: set_ca_fingerprint_1");
+
+        let fp_cmd = commands::put_data(&[0xCA], fp.as_bytes().to_vec());
+        apdu::send_command(self.tx(), fp_cmd, false)?.try_into()
+    }
+
+    pub fn set_ca_fingerprint_2(&mut self, fp: Fingerprint) -> Result<(), Error> {
+        log::info!("OpenPgpTransaction: set_ca_fingerprint_2");
+
+        let fp_cmd = commands::put_data(&[0xCB], fp.as_bytes().to_vec());
+        apdu::send_command(self.tx(), fp_cmd, false)?.try_into()
+    }
+
+    pub fn set_ca_fingerprint_3(&mut self, fp: Fingerprint) -> Result<(), Error> {
+        log::info!("OpenPgpTransaction: set_ca_fingerprint_3");
+
+        let fp_cmd = commands::put_data(&[0xCC], fp.as_bytes().to_vec());
+        apdu::send_command(self.tx(), fp_cmd, false)?.try_into()
+    }
+
    /// Set PW Status Bytes.
    ///
    /// If `long` is false, send 1 byte to the card, otherwise 4.