support sending requests to multiple devices

2020-04-03 23:05:38 +02:00
parent 09d6484535
commit cc48719cfa
7 changed files with 249 additions and 124 deletions
--- a/examples/hmac.rs
+++ b/examples/hmac.rs
@@ -3,7 +3,7 @@ extern crate ctap_hmac as ctap;
 use crypto::digest::Digest;
 use crypto::sha2::Sha256;
 use ctap::extensions::hmac::HmacExtension;
-use ctap::{FidoCredential, FidoCredentialRequestBuilder, AuthenticatorOptions};
+use ctap::{FidoAssertionRequestBuilder, FidoCredential, FidoCredentialRequestBuilder};
 use hex;
 use std::env::args;
 use std::io::prelude::*;
@@ -17,23 +17,30 @@ fn main() -> ctap::FidoResult<()> {
    let device_info = &mut devices.next().expect("No authenticator found");
    let mut device = ctap::FidoDevice::new(device_info)?;

-    let mut credential = match args().skip(1).next().map(|h| FidoCredential {
+    let credential = match args().skip(1).next().map(|h| FidoCredential {
        id: hex::decode(&h).expect("Invalid credential"),
        public_key: None,
    }) {
        Some(cred) => cred,
        _ => {
-            let req = FidoCredentialRequestBuilder::default().rp_id(RP_ID).rp_name("ctap_hmac crate").user_name("example").uv(false).build().unwrap();
+            let req = FidoCredentialRequestBuilder::default()
+                .rp_id(RP_ID)
+                .rp_name("ctap_hmac crate")
+                .user_name("example")
+                .uv(false)
+                .build()
+                .unwrap();

            println!("Authorize using your device");
-            let cred = device.make_hmac_credential(req).expect("Failed to request credential");
+            let cred = device
+                .make_hmac_credential(&req)
+                .expect("Failed to request credential");
            println!("Credential: {}\nNote: You can pass this credential as first argument in order to reproduce results", hex::encode(&cred.id));
            cred
        }
    };
-    let credential = credential;
    print!("Type in your message: ");
-    stdout().flush();
+    stdout().flush().unwrap();
    let mut message = String::new();
    stdin()
        .read_line(&mut message)
@@ -44,7 +51,13 @@ fn main() -> ctap::FidoResult<()> {
    let mut digest = Sha256::new();
    digest.input(&message.as_bytes());
    digest.result(&mut salt);
-    let (cred, (hash1, _hash2)) = device.get_hmac_assertion(RP_ID, &[&credential], &salt, None, None)?;
+    let credential = &&credential;
+    let request = FidoAssertionRequestBuilder::default()
+        .rp_id(RP_ID)
+        .credential(credential)
+        .build()
+        .unwrap();
+    let (_cred, (hash1, _hash2)) = device.get_hmac_assertion(&request, &salt, None)?;
    println!("Hash: {}", hex::encode(&hash1));
    Ok(())
 }
--- a/examples/multiple.rs
+++ b/examples/multiple.rs
@@ -1,55 +1,46 @@
 extern crate ctap_hmac as ctap;
+use ctap::{
+    FidoAssertionRequestBuilder, FidoCredential, FidoCredentialRequestBuilder, FidoDevice,
+    FidoResult,
+};

-use crypto::digest::Digest;
-use crypto::sha2::Sha256;
-use ctap::{FidoCredential, FidoCredentialRequestBuilder, FidoAssertionRequestBuilder, AuthenticatorOptions, FidoDevice, FidoError, FidoResult};
-use failure::_core::time::Duration;
 use hex;
 use std::env::args;
-use std::io::prelude::*;
-use std::io::stdin;
-use std::io::stdout;
-use std::sync::mpsc::channel;
-use std::sync::Mutex;
-use crossbeam::thread;

 const RP_ID: &str = "ctap_demo";

-fn run() -> ctap::FidoResult<()> {
-    let mut credentials = args().skip(1).map(|id| FidoCredential {
-        id: hex::decode(&id).expect("Invalid credential"),
-        public_key: None,
-    }).collect::<Vec<_>>();
+fn main() -> ctap::FidoResult<()> {
+    let mut credentials = args()
+        .skip(1)
+        .map(|id| FidoCredential {
+            id: hex::decode(&id).expect("Invalid credential"),
+            public_key: None,
+        })
+        .collect::<Vec<_>>();
    if credentials.len() == 0 {
-        credentials = ctap::get_devices()?.map(|h| FidoDevice::new(&h).and_then(|mut dev| FidoCredentialRequestBuilder::default()
-            .rp_id(RP_ID).build().unwrap().make_credential(&mut dev))).collect::<FidoResult<Vec<FidoCredential>>>()?;
-    }
-    let credentials = credentials.iter().collect::<Vec<_>>();
-    let (s, r) = channel();
-    thread::scope(|scope| {
-        let handles = ctap::get_devices()?.map(|h| {
-            let req = FidoAssertionRequestBuilder::default().rp_id(RP_ID).credentials(&credentials[..]).build().unwrap();
-            let s = s.clone();
-            scope.spawn(move |_| {
+        credentials = ctap::get_devices()?
+            .map(|h| {
                FidoDevice::new(&h).and_then(|mut dev| {
-                    req.get_assertion(&mut dev).map(|res| {
-                        s.send(res.clone());
-                        res
-                    })
+                    FidoCredentialRequestBuilder::default()
+                        .rp_id(RP_ID)
+                        .build()
+                        .unwrap()
+                        .make_credential(&mut dev)
                })
            })
-        }).collect::<Vec<_>>();
-        for h in handles {
-            h.join();
-        }
-        Ok::<(), FidoError>(())
-    }).unwrap();
-    for res in r.iter().take(credentials.len()) {
-        dbg!(res);
+            .collect::<FidoResult<Vec<FidoCredential>>>()?;
    }
+    let credentials = credentials.iter().collect::<Vec<_>>();
+    let req = FidoAssertionRequestBuilder::default()
+        .rp_id(RP_ID)
+        .credentials(&credentials[..])
+        .build()
+        .unwrap();
+    let mut devices = ctap::get_devices()?
+        .map(|handle| FidoDevice::new(&handle))
+        .collect::<FidoResult<Vec<_>>>()?;
+    // run with --features request_multiple
+    let (cred, _) = ctap::get_assertion_devices(&req, devices.iter_mut())?;
+    println!("Success, got assertion for: {}", hex::encode(&cred.id));
    Ok(())
 }
-
-fn main() {
-    dbg!(run());
-}