turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

opgpcard: handle "key status" information for attestation key.

Browse source
This commit is contained in:
Heiko Schaefer 2022-10-31 18:02:38 +01:00
parent 80659f71bd
commit bfaff6b9bf
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 12 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
tools/src/bin/opgpcard/commands/status.rs
View file

@ -176,10 +176,14 @@ pub fn print_status(
// attestation_key.public_key_material(pkm.to_string()); // attestation_key.public_key_material(pkm.to_string());
// } // }
// TODO: clarify how to reliably map `card.key_information()` output into this field (see below) // "Key-Ref = 0x81 is reserved for the Attestation key of Yubico"
// if let Some(ks) = ki.as_ref().map(|ki| ki.aut_status()) { // (see OpenPGP card spec 3.4.1 pg.43)
// attestation_key.status(format!("{}", ks)); if let Some(ki) = ki.as_ref() {
// } if let Some(n) = (0..ki.num_additional()).find(|&n| ki.additional_ref(n) == 0x81) {
let ks = ki.additional_status(n);
attestation_key.status(format!("{}", ks));
}
};
output.attestation_key(attestation_key); output.attestation_key(attestation_key);
@ -193,9 +197,12 @@ pub fn print_status(
if let Some(ki) = ki { if let Some(ki) = ki {
let num = ki.num_additional(); let num = ki.num_additional();
for i in 0..num { for i in 0..num {
// 0x81 is the Yubico attestation key, it has already been used above -> skip here
if ki.additional_ref(i) != 0x81 {
output.key_status(ki.additional_ref(i), ki.additional_status(i).to_string()); output.key_status(ki.additional_ref(i), ki.additional_status(i).to_string());
} }
} }
}
if let Ok(fps) = card.ca_fingerprints() { if let Ok(fps) = card.ca_fingerprints() {
for fp in fps.iter().flatten() { for fp in fps.iter().flatten() {