Skip to content

refactor: move hardware-independent code out of scard feature #260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jul 17, 2024

Conversation

probakowski
Copy link
Contributor

This PR aims to move code that doesn't depend on real smart card reader out of scard feature.

@probakowski probakowski changed the title Move hardware-independent code out of feature Move hardware-independent code out of scard feature Jul 8, 2024
@probakowski
Copy link
Contributor Author

@TheBestTvarynka this is (much leaner and more correct probably) version of #259 if you have some time for a review

@probakowski probakowski force-pushed the probakowski/scard-rework branch from f91c85b to 65f6b76 Compare July 8, 2024 22:14
@CBenoit CBenoit requested a review from TheBestTvarynka July 9, 2024 02:16
@TheBestTvarynka
Copy link
Collaborator

if you have some time for a review

I'll review it today

Copy link
Collaborator

@TheBestTvarynka TheBestTvarynka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice improvements 👍

Comment on lines +763 to +770
sign_data: Box::new(move |data_to_sign| {
let mut sha1 = Sha1::new();
sha1.update(data_to_sign);
let hash = sha1.finalize().to_vec();
let private_key = PrivateKey::from_pem_str(&private_key_pem)?;
let rsa_private_key = RsaPrivateKey::try_from(&private_key)?;
Ok(rsa_private_key.sign(Pkcs1v15Sign::new::<Sha1>(), &hash)?)
}),
Copy link
Collaborator

@TheBestTvarynka TheBestTvarynka Jul 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm concerned a bit with removing the smartcard layer and just using the simple RSA signature generation. But I think it's not a problem for us. Because of two reasons:

  • Our winscard crate does the same.
  • Anyway, we don't support system-provided smart cards in our current sspi implementation. But we will in the next releases and I'll look into this code and refactor it in any case.

cc @awakecoding @CBenoit

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the heads-up! If you’re going to look into it afterwards, I’m fine with that 👍

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The aim was to cut the dependency on winscard crate and to avoid including unused libraries for system-provided smart cards when it's not needed. So yeah, the code is basically copied over from emulated part of winscard crate.

@@ -54,6 +54,7 @@ impl SmartCard {
})
}

#[allow(dead_code)]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question: Why this code is dead? Can you add a comment explaining why we should keep the code around? Thank you!

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this one is also related to my comment above:

...removing the smartcard layer...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed! In general, we avoid keeping dead code around so if we decide to do so here, I would like a FIXME comment so we don’t forget forever about it. In this case, I believe you’ll end up re-using these functions later so it’s fine.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added FIXME

Copy link
Member

@CBenoit CBenoit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a conflict with master. You should wait for this PR to be merged before rebasing.

@probakowski probakowski requested review from a team as code owners July 15, 2024 12:05
@probakowski
Copy link
Contributor Author

@CBenoit I merged fix-windows-build branch into mine so for now github shows changes from both, after that PR lands it should go back to normal

@CBenoit CBenoit force-pushed the probakowski/scard-rework branch from 1d8ea49 to 0aff841 Compare July 17, 2024 15:08
Copy link
Member

@CBenoit CBenoit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thank you!
(I rebased the PR on master to fix the conflicts and retrieve the Windows build fix.)

@CBenoit CBenoit changed the title Move hardware-independent code out of scard feature refactor: move hardware-independent code out of scard feature Jul 17, 2024
@CBenoit CBenoit enabled auto-merge (squash) July 17, 2024 15:10
@CBenoit CBenoit merged commit 7dc730d into Devolutions:master Jul 17, 2024
42 checks passed
@probakowski probakowski deleted the probakowski/scard-rework branch July 17, 2024 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants