openpgp-card: add getters for attestation key metadata

2022-10-27 22:22:21 +02:00 · 2022-10-27 22:22:21 +02:00 · 87c62840d5
commit 87c62840d5
parent 6274c87de3
1 changed files with 42 additions and 1 deletions
--- a/openpgp-card/src/card_do.rs
+++ b/openpgp-card/src/card_do.rs
@ -168,7 +168,7 @@ impl ApplicationRelatedData {
    }

    /// Generation dates/times of key pairs
-    pub fn key_generation_times(&self) -> Result<KeySet<KeyGenerationTime>, crate::Error> {
+    pub fn key_generation_times(&self) -> Result<KeySet<KeyGenerationTime>, Error> {
        let kg = self.0.find(Tags::GenerationTimes);

        if let Some(kg) = kg {
@ -219,6 +219,47 @@ impl ApplicationRelatedData {
        }
    }

+    /// Get Attestation key fingerprint.
+    pub fn attestation_key_fingerprint(&self) -> Result<Option<Fingerprint>, Error> {
+        match self.0.find(Tags::FingerprintAttestation) {
+            None => Ok(None),
+            Some(data) => {
+                // FIXME: move conversion logic to Fingerprint
+                if data.serialize().iter().any(|&b| b != 0) {
+                    Ok(Some(Fingerprint::try_from(data.serialize().as_slice())?))
+                } else {
+                    Ok(None)
+                }
+            }
+        }
+    }
+
+    /// Get Attestation key algorithm attributes.
+    pub fn attestation_key_algorithm_attributes(&mut self) -> Result<Option<Algo>, Error> {
+        match self.0.find(Tags::AlgorithmAttributesAttestation) {
+            None => Ok(None),
+            Some(data) => Ok(Some(Algo::try_from(data.serialize().as_slice())?)),
+        }
+    }
+
+    /// Get Attestation key generation time.
+    pub fn attestation_key_generation_time(&mut self) -> Result<Option<KeyGenerationTime>, Error> {
+        match self.0.find(Tags::GenerationTimeAttestation) {
+            None => Ok(None),
+            Some(data) => {
+                // FIXME: move conversion logic to KeyGenerationTime
+
+                // Generation time of key, binary. 4 bytes, Big Endian.
+                // Value shall be seconds since Jan 1, 1970. Default value is 00000000 (not specified).
+                assert_eq!(data.serialize().len(), 4);
+                match u32::from_be_bytes(data.serialize().try_into().unwrap()) {
+                    0 => Ok(None),
+                    kgt => Ok(Some(kgt.into())),
+                }
+            }
+        }
+    }
+
    pub fn uif_attestation(&self) -> Result<Option<UIF>, Error> {
        let uif = self.0.find(Tags::UifAttestation);