diff --git a/src/cli.rs b/src/cli.rs index 693ec43..c392c83 100644 --- a/src/cli.rs +++ b/src/cli.rs @@ -66,7 +66,7 @@ impl FromStr for CommaSeparated { #[derive(Debug, StructOpt)] pub struct Credentials { - /// FIDO credential ids, seperated by ',' generate using fido2luks credential + /// FIDO credential ids, separated by ',' generate using fido2luks credential #[structopt(name = "credential-id", env = "FIDO2LUKS_CREDENTIAL_ID")] pub ids: CommaSeparated, } @@ -292,12 +292,16 @@ pub enum Command { Token(TokenCommand), } +///LUKS2 token related operations #[derive(Debug, StructOpt)] pub enum TokenCommand { /// List all tokens associated with the specified device List { #[structopt(env = "FIDO2LUKS_DEVICE")] device: PathBuf, + /// Dump all credentials as CSV + #[structopt(long = "csv")] + csv: bool, }, /// Add credential to a keyslot Add { @@ -585,7 +589,10 @@ pub fn run_cli() -> Fido2LuksResult<()> { _ => exit(1), }, Command::Token(cmd) => match cmd { - TokenCommand::List { device } => { + TokenCommand::List { + device, + csv: dump_credentials, + } => { let mut dev = LuksDevice::load(device)?; let mut creds = Vec::new(); for token in dev.tokens()? { @@ -593,8 +600,14 @@ pub fn run_cli() -> Fido2LuksResult<()> { for cred in token.credential.iter() { if !creds.contains(cred) { creds.push(cred.clone()); + if *dump_credentials { + print!("{}{}", if creds.len() == 1 { "" } else { "," }, cred); + } } } + if *dump_credentials { + continue; + } println!( "{}:\n\tSlots: {}\n\tCredentials: {}", id, @@ -615,6 +628,9 @@ pub fn run_cli() -> Fido2LuksResult<()> { .join(",") ); } + if *dump_credentials { + println!(); + } Ok(()) } TokenCommand::Add {