From 03cc5c70fdb0bdb3cbdcf0554dbea31dd50f2ce2 Mon Sep 17 00:00:00 2001
From: shimunn <shimun@shimun.net>
Date: Wed, 18 Sep 2019 19:38:00 +0200
Subject: [PATCH] from err

---
 src/cli.rs    | 19 ++++++-----------
 src/config.rs | 59 +++++++++++++++++++++++++++++++++++----------------
 src/device.rs |  2 +-
 src/error.rs  | 31 +++++++++++++++++++++------
 src/main.rs   |  6 ++++--
 5 files changed, 76 insertions(+), 41 deletions(-)

diff --git a/src/cli.rs b/src/cli.rs
index ea0fbd2..20073d7 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -71,22 +71,21 @@ pub fn setup() -> Fido2LuksResult<()> {
 
     println!("Config saved to: fido2luks.json");
 
-    let slot = add_key_to_luks(&config).expect("Failed to add key to device");
+    //let slot = add_key_to_luks(&config).expect("Failed to add key to device");
 
-    println!("Added key to slot: {}", slot);
+    //println!("Added key to slot: {}", slot);
 
     Ok(())
 }
 
-pub fn add_key_to_luks(conf: &Config) -> Fido2LuksResult<u8> {
+pub fn add_key_to_luks(device: PathBuf, secret: &[u8; 32]) -> Fido2LuksResult<u8> {
     fn offer_format(
         _dev: CryptDeviceOpenBuilder,
     ) -> Fido2LuksResult<CryptDeviceHandle<Luks1Params>> {
         unimplemented!()
     }
-    let dev = || -> luks::device::Result<CryptDeviceOpenBuilder> {
-        luks::open(&conf.device.canonicalize()?)
-    };
+    let dev =
+        || -> luks::device::Result<CryptDeviceOpenBuilder> { luks::open(&device.canonicalize()?) };
 
     let prev_key_info = rpassword::read_password_from_tty(Some(
         "Please enter your current password or path to a keyfile in order to add a new key: ",
@@ -113,13 +112,7 @@ pub fn add_key_to_luks(conf: &Config) -> Fido2LuksResult<u8> {
         } //TODO: find correct errorno and offer to format as luks
         err => err?,
     };
-
-    let secret = {
-        let salt = conf.input_salt.obtain(&conf.password_helper)?;
-
-        assemble_secret(&perform_challenge(&conf.credential_id, &salt)?, &salt)
-    };
-    let slot = handle.add_keyslot(&secret, prev_key.as_ref().map(|b| b.as_slice()), None)?;
+    let slot = handle.add_keyslot(secret, prev_key.as_ref().map(|b| b.as_slice()), None)?;
     Ok(slot)
 }
 
diff --git a/src/config.rs b/src/config.rs
index 55be827..a66d5f2 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -5,6 +5,7 @@ use crypto::sha2::Sha256;
 
 use serde_derive::{Deserialize, Serialize};
 use std::collections::HashMap;
+use std::convert::TryInto;
 use std::env;
 use std::fs::File;
 use std::io::Read;
@@ -13,28 +14,31 @@ use std::process::Command;
 
 #[derive(Debug, Deserialize, Serialize)]
 pub struct EnvConfig {
-    credential_id: String,
-    device: String,
-    salt: String,
-    mapper_name: String,
-    password_helper: String,
+    pub credential_id: String,
+    pub device: Option<String>,
+    pub salt: String,
+    pub mapper_name: Option<String>,
+    pub password_helper: String,
 }
 
-impl Into<Config> for EnvConfig {
-    fn into(self) -> Config {
-        Config {
+impl TryInto<Config> for EnvConfig {
+    type Error = Fido2LuksError;
+
+    fn try_into(self) -> Fido2LuksResult<Config> {
+        Ok(Config {
             credential_id: self.credential_id,
-            device: self.device.into(),
-            mapper_name: self.mapper_name,
+            device: self
+                .device
+                .ok_or(Fido2LuksError::ConfigurationError {
+                    cause: ConfigurationError::MissingField("DEVICE".into()),
+                })?
+                .into(),
+            mapper_name: self.mapper_name.ok_or(Fido2LuksError::ConfigurationError {
+                cause: ConfigurationError::MissingField("DEVICE_MAPPER".into()),
+            })?,
             password_helper: PasswordHelper::Script(self.password_helper),
-            input_salt: if PathBuf::from(&self.salt).exists() && &self.salt != "Ask" {
-                InputSalt::File {
-                    path: self.salt.into(),
-                }
-            } else {
-                InputSalt::AskPassword
-            },
-        }
+            input_salt: self.salt.as_str().into(),
+        })
     }
 }
 
@@ -93,6 +97,16 @@ impl Default for InputSalt {
     }
 }
 
+impl From<&str> for InputSalt {
+    fn from(s: &str) -> Self {
+        if PathBuf::from(s).exists() && s != "Ask" {
+            InputSalt::File { path: s.into() }
+        } else {
+            InputSalt::AskPassword
+        }
+    }
+}
+
 impl InputSalt {
     pub fn obtain(&self, password_helper: &PasswordHelper) -> Fido2LuksResult<[u8; 32]> {
         let mut digest = Sha256::new();
@@ -139,6 +153,15 @@ impl Default for PasswordHelper {
     }
 }
 
+impl From<&str> for PasswordHelper {
+    fn from(s: &str) -> Self {
+        match s {
+            "stdin" => PasswordHelper::Stdin,
+            s => PasswordHelper::Script(s.into()),
+        }
+    }
+}
+
 impl PasswordHelper {
     pub fn obtain(&self) -> Fido2LuksResult<String> {
         use PasswordHelper::*;
diff --git a/src/device.rs b/src/device.rs
index fadc0aa..4e4a731 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -5,7 +5,7 @@ use ctap::extensions::hmac::{FidoHmacCredential, HmacExtension};
 use ctap::{FidoDevice, FidoError, FidoErrorKind};
 
 pub fn make_credential_id() -> Fido2LuksResult<FidoHmacCredential> {
-   let mut errs = Vec::new();
+    let mut errs = Vec::new();
     match get_devices()? {
         ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
         devs => {
diff --git a/src/error.rs b/src/error.rs
index 9d7cf7d..c707840 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -18,13 +18,36 @@ pub enum Fido2LuksError {
     #[fail(display = "no authenticator found, please ensure you device is plugged in")]
     IoError { cause: io::Error },
     #[fail(display = "failed to parse config, please check formatting and contents")]
-    ConfigurationError { cause: serde_json::error::Error },
+    ConfigurationError { cause: ConfigurationError },
     #[fail(display = "the submitted secret is not applicable to this luks device")]
     WrongSecret,
     #[fail(display = "not an utf8 string")]
     StringEncodingError { cause: FromUtf8Error },
 }
 
+#[derive(Debug)]
+pub enum ConfigurationError {
+    Json(serde_json::error::Error),
+    Env(envy::Error),
+    MissingField(String),
+}
+
+impl From<serde_json::error::Error> for Fido2LuksError {
+    fn from(e: serde_json::error::Error) -> Self {
+        Fido2LuksError::ConfigurationError {
+            cause: ConfigurationError::Json(e),
+        }
+    }
+}
+
+impl From<envy::Error> for Fido2LuksError {
+    fn from(e: envy::Error) -> Self {
+        Fido2LuksError::ConfigurationError {
+            cause: ConfigurationError::Env(e),
+        }
+    }
+}
+
 use std::string::FromUtf8Error;
 use Fido2LuksError::*;
 
@@ -46,12 +69,6 @@ impl From<io::Error> for Fido2LuksError {
     }
 }
 
-impl From<serde_json::error::Error> for Fido2LuksError {
-    fn from(e: serde_json::error::Error) -> Self {
-        ConfigurationError { cause: e }
-    }
-}
-
 impl From<FromUtf8Error> for Fido2LuksError {
     fn from(e: FromUtf8Error) -> Self {
         StringEncodingError { cause: e }
diff --git a/src/main.rs b/src/main.rs
index 1e7a2d3..fd3f9d7 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -150,13 +150,15 @@ fn main() -> Fido2LuksResult<()> {
             Ok(())
         }
         _ => {
-            println!("Usage:\n
+            println!(
+                "Usage:\n
             fido2luks open <device> [name]\n
             fido2luks addkey <device>\n\n
             Environment variables:\n
             <FIDO2LUKS_CREDENTIAL_ID>\n
             <FIDO2LUKS_SALT>\n
-            ");
+            "
+            );
             Ok(())
         }
     }