From 2247aaab29d09dfd23352877f5a845aa0160313b Mon Sep 17 00:00:00 2001 From: Matthew Geddes Date: Tue, 20 Aug 2024 20:35:48 -0700 Subject: [PATCH] Added missing v3 implementation (#131) * Added missing v3 implementation * Added email getter on Config * Minimally updated gen-cli to use Clap --------- Co-authored-by: Matthew Geddes Co-authored-by: Matthew Geddes Co-authored-by: Joel Ulahanna --- Cargo.lock | 126 ++++++++++++++++++++++++++++++++++++++- core/src/config.rs | 8 +++ gen-cli/Cargo.toml | 1 + gen-cli/src/main.rs | 101 +++++++++++++++++++------------ seed-encoder/src/main.rs | 12 +++- 5 files changed, 206 insertions(+), 42 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index bb7fe62..458a14c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -89,6 +89,55 @@ dependencies = [ "winapi", ] +[[package]] +name = "anstream" +version = "0.6.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" + +[[package]] +name = "anstyle-parse" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +dependencies = [ + "windows-sys 0.52.0", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +dependencies = [ + "anstyle", + "windows-sys 0.52.0", +] + [[package]] name = "anyhow" version = "1.0.86" @@ -372,6 +421,46 @@ dependencies = [ "vec_map", ] +[[package]] +name = "clap" +version = "4.5.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed6719fffa43d0d87e5fd8caeab59be1554fb028cd30edc88fc4369b17971019" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "216aec2b177652e3846684cbfe25c9964d18ec45234f0f5da5157b207ed1aab6" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim 0.11.1", +] + +[[package]] +name = "clap_derive" +version = "4.5.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "501d359d5f3dcaf6ecdeee48833ae73ec6e42723a1e52419c79abf9507eec0a0" +dependencies = [ + "heck 0.5.0", + "proc-macro2", + "quote", + "syn 2.0.71", +] + +[[package]] +name = "clap_lex" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" + [[package]] name = "cloudabi" version = "0.0.3" @@ -381,6 +470,12 @@ dependencies = [ "bitflags 1.3.2", ] +[[package]] +name = "colorchoice" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" + [[package]] name = "const-oid" version = "0.9.6" @@ -892,6 +987,12 @@ dependencies = [ "unicode-segmentation", ] +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + [[package]] name = "hermit-abi" version = "0.1.19" @@ -932,6 +1033,7 @@ dependencies = [ name = "hpos-config-gen-cli" version = "0.2.1" dependencies = [ + "clap 4.5.16", "docopt", "ed25519-dalek", "failure", @@ -1089,6 +1191,12 @@ dependencies = [ "hashbrown 0.14.5", ] +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + [[package]] name = "itoa" version = "1.0.11" @@ -1996,13 +2104,19 @@ version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + [[package]] name = "structopt" version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c6b5c64445ba8094a6ab0c3cd2ad323e07171012d9c98b0b15651daf1787a10" dependencies = [ - "clap", + "clap 2.34.0", "lazy_static", "structopt-derive", ] @@ -2013,7 +2127,7 @@ version = "0.4.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dcb5ae327f9cc13b68763b5749770cb9e048a99bd9dfdfa58d0cf05d5f64afe0" dependencies = [ - "heck", + "heck 0.3.3", "proc-macro-error", "proc-macro2", "quote", @@ -2305,6 +2419,12 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + [[package]] name = "vcpkg" version = "0.2.15" @@ -2346,7 +2466,7 @@ version = "0.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0a6e5bd22c71e77d60140b0bd5be56155a37e5bd14e24f5f87298040d0cc40d7" dependencies = [ - "heck", + "heck 0.3.3", "proc-macro2", "quote", "syn 1.0.109", diff --git a/core/src/config.rs b/core/src/config.rs index 9a9d030..c575079 100644 --- a/core/src/config.rs +++ b/core/src/config.rs @@ -128,6 +128,14 @@ impl Config { )) } + pub fn email(&self) -> String { + match self { + Config::V1 { settings, .. } + | Config::V2 { settings, .. } + | Config::V3 { settings, .. } => settings.admin.email.clone(), + } + } + pub fn admin_public_key(&self) -> VerifyingKey { match self { Config::V1 { settings, .. } diff --git a/gen-cli/Cargo.toml b/gen-cli/Cargo.toml index 46db6ca..8f3f83d 100644 --- a/gen-cli/Cargo.toml +++ b/gen-cli/Cargo.toml @@ -17,3 +17,4 @@ rand = "0.8.5" serde = { workspace = true } serde_json = { workspace = true } sha2 = "0.8" +clap = { version = "4.5.16", features = ["derive"] } diff --git a/gen-cli/src/main.rs b/gen-cli/src/main.rs index 71fe467..13a22d5 100644 --- a/gen-cli/src/main.rs +++ b/gen-cli/src/main.rs @@ -1,45 +1,65 @@ use hpos_config_core::{config::Seed, public_key, Config}; -use docopt::Docopt; +use clap::Parser; use ed25519_dalek::*; use failure::Error; use rand::Rng; -use serde::*; use sha2::{Digest, Sha512Trunc256}; -use std::{env, fs::File, io, path::PathBuf}; +use std::{fs::File, io}; -const USAGE: &str = " -Usage: hpos-config-gen-cli --email EMAIL --password STRING --registration-code STRING --derivation-path STRING --device-bundle STRING [--seed-from PATH] - hpos-config-gen-cli --help - -Creates HoloPortOS config file that contains seed and admin email/password. - -Options: - --email EMAIL HoloPort admin email address - --password STRING HoloPort admin password - --registration-code CODE HoloPort admin password - --derivation-path STRING Derivation path of the seed - --device-bundle STRING Device Bundle - --seed-from PATH Use SHA-512 hash of given file truncated to 256 bits as seed -"; - -#[derive(Deserialize)] -struct Args { - flag_email: String, - flag_password: String, - flag_registration_code: String, - flag_revocation_pub_key: VerifyingKey, - flag_derivation_path: String, - flag_device_bundle: String, - flag_seed_from: Option, +#[derive(Parser, Clone)] +#[command(about = "Creates HoloPortOS config file that contains seed and admin email/password.")] +struct ClapArgs { + #[arg( + long, + value_parser, + value_name = "EMAIL", + help = "HoloPort admin email address" + )] + email: String, + #[arg( + long, + value_parser, + value_name = "PASSWORD", + help = "HoloPort admin password" + )] + password: String, + #[arg( + long, + value_parser, + value_name = "CODE", + help = "HoloPort registration code" + )] + registration_code: String, + #[arg(long, value_parser, value_name = "STRING", help = "Revocation key")] + revocation_key: Option, + #[arg( + long, + value_parser, + value_name = "PATH", + help = "Derivation path of the seed" + )] + derivation_path: String, + #[arg( + long, + value_parser, + value_name = "STRING", + help = "HoloPort Device bundle" + )] + device_bundle: String, + #[arg( + long, + value_parser, + value_name = "PATH", + help = "Use SHA-512 hash of given file, truncated to 256 bits, as seed" + )] + seed_from: Option, } fn main() -> Result<(), Error> { - let args: Args = Docopt::new(USAGE) - .and_then(|d| d.argv(env::args()).deserialize()) - .unwrap_or_else(|e| e.exit()); + let args = ClapArgs::parse(); - let seed = match args.flag_seed_from { + let seed = match args.seed_from { None => rand::thread_rng().gen::(), Some(path) => { let mut hasher = Sha512Trunc256::new(); @@ -52,14 +72,21 @@ fn main() -> Result<(), Error> { }; let secret_key = SigningKey::from_bytes(&seed); + let revocation_key = match &args.revocation_key { + None => VerifyingKey::from(&secret_key), + Some(rk) => { + let public_key_bytes: &[u8; PUBLIC_KEY_LENGTH] = rk.as_bytes().try_into()?; + VerifyingKey::from_bytes(public_key_bytes)? + } + }; let (config, public_key) = Config::new( - args.flag_email, - args.flag_password, - args.flag_registration_code, - args.flag_revocation_pub_key, - args.flag_derivation_path, - args.flag_device_bundle, + args.email, + args.password, + args.registration_code, + revocation_key, + args.derivation_path, + args.device_bundle, VerifyingKey::from(&secret_key), )?; eprintln!("{}", public_key::to_url(&public_key)?); diff --git a/seed-encoder/src/main.rs b/seed-encoder/src/main.rs index 8b12e8a..fc0b305 100644 --- a/seed-encoder/src/main.rs +++ b/seed-encoder/src/main.rs @@ -46,8 +46,16 @@ async fn main() -> Result<()> { ))?; println!("{}", encrypt_key(&secret, &secret.verifying_key())); } - // todo!("V3 not implemented"), - Config::V3 { .. } => todo!("V3 not implemented"), + Config::V3 { device_bundle, .. } => { + // take in password + let secret = unlock(&device_bundle, Some(password)) + .await + .context(format!( + "unable to unlock the device bundle from {}", + &config_path.to_string_lossy() + ))?; + println!("{}", encrypt_key(&secret, &secret.verifying_key())); + } } Ok(())