shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

handle additional credentials

Browse Source
This commit is contained in:
shimun 2020-06-22 22:30:12 +02:00
parent e28828cc2b
commit 5cb3982d65
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
1 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/luks.rs
View File

@ -225,7 +225,7 @@ impl LuksDevice {
self.device self.device
.activate_handle() .activate_handle()
.activate_by_passphrase(Some(name), slot_hint, secret, CryptActivateFlags::empty()) .activate_by_passphrase(Some(name), slot_hint, secret, CryptActivateFlags::empty())
.map_err(|_e| Fido2LuksError::WrongSecret) .map_err(LuksError::activate)
} }
pub fn activate_token( pub fn activate_token(
@ -262,12 +262,12 @@ impl LuksDevice {
}); });
} }
let (secret, credential) = secret(creds.keys().cloned().collect())?; let (secret, credential) = secret(creds.keys().cloned().collect())?;
let empty;
let slots = if let Some(slots) = creds.get(&credential) { let slots = if let Some(slots) = creds.get(&credential) {
slots slots
} else { } else {
return Err(Fido2LuksError::LuksError { empty = HashSet::new();
cause: LuksError::NoToken, &empty
});
}; };
//Try slots associated with the credential used //Try slots associated with the credential used
let slots = slots.iter().cloned().map(Option::Some).chain( let slots = slots.iter().cloned().map(Option::Some).chain(
@ -276,12 +276,7 @@ impl LuksDevice {
.chain(std::iter::once(None).take(slots.is_empty() as usize)), // Try all slots as last resort .chain(std::iter::once(None).take(slots.is_empty() as usize)), // Try all slots as last resort
); );
for slot in slots { for slot in slots {
match self match self.activate(name, &secret, slot) {
.device
.activate_handle()
.activate_by_passphrase(Some(name), slot, &secret, CryptActivateFlags::empty())
.map_err(LuksError::activate)
{
Err(Fido2LuksError::WrongSecret) => (), Err(Fido2LuksError::WrongSecret) => (),
res => return res, res => return res,
} }