handle additional credentials

src/luks.rs

@@ -225,7 +225,7 @@ impl LuksDevice {
         self.device
             .activate_handle()
             .activate_by_passphrase(Some(name), slot_hint, secret, CryptActivateFlags::empty())
-            .map_err(|_e| Fido2LuksError::WrongSecret)
+            .map_err(LuksError::activate)
     }
 
     pub fn activate_token(
@@ -262,12 +262,12 @@ impl LuksDevice {
             });
         }
         let (secret, credential) = secret(creds.keys().cloned().collect())?;
+        let empty;
         let slots = if let Some(slots) = creds.get(&credential) {
             slots
         } else {
-            return Err(Fido2LuksError::LuksError {
-                cause: LuksError::NoToken,
-            });
+            empty = HashSet::new();
+            &empty
         };
         //Try slots associated with the credential used
         let slots = slots.iter().cloned().map(Option::Some).chain(
@@ -276,12 +276,7 @@ impl LuksDevice {
                 .chain(std::iter::once(None).take(slots.is_empty() as usize)), // Try all slots as last resort
         );
         for slot in slots {
-            match self
-                .device
-                .activate_handle()
-                .activate_by_passphrase(Some(name), slot, &secret, CryptActivateFlags::empty())
-                .map_err(LuksError::activate)
-            {
+            match self.activate(name, &secret, slot) {
                 Err(Fido2LuksError::WrongSecret) => (),
                 res => return res,
             }