shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

readable
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is failing
Details

Browse Source
This commit is contained in:
shimun 2020-10-18 16:39:28 +02:00
parent 81c2bbf692
commit 6f9941a107
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
1 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/cli.rs
View File

@ -9,6 +9,7 @@ use std::borrow::Cow;
use std::collections::HashSet; use std::collections::HashSet;
use std::io::Write; use std::io::Write;
use std::iter::FromIterator; use std::iter::FromIterator;
use std::path::Path;
use std::str::FromStr; use std::str::FromStr;
use std::thread; use std::thread;
use std::time::Duration; use std::time::Duration;
@ -133,6 +134,20 @@ pub fn read_password_pin_prefixed(
Ok((pin, util::sha256(&[password.as_bytes()]))) Ok((pin, util::sha256(&[password.as_bytes()])))
} }
/// generate an more readable name from common paths
pub fn derive_credential_name(path: &Path) -> String {
match path.file_name() {
Some(name)
if path
.iter()
.any(|p| p == "by-label" || p == "by-partlabel" || p == "by-uuid") =>
{
name.to_string_lossy().as_ref().to_string()
}
_ => path.display().to_string(),
}
}
pub fn parse_cmdline() -> Args { pub fn parse_cmdline() -> Args {
Args::from_args() Args::from_args()
} }
@ -303,9 +318,22 @@ pub fn run_cli() -> Fido2LuksResult<()> {
let (existing_secret, _) = other_secret("Current password", false)?; let (existing_secret, _) = other_secret("Current password", false)?;
let (new_secret, cred) = if *auto_credential && luks2 { let (new_secret, cred) = if *auto_credential && luks2 {
let cred = make_credential_id( let cred = make_credential_id(
Some(luks.device.display().to_string().as_str()), Some(derive_credential_name(luks.device.as_path()).as_str()),
None, (if authenticator.pin {
)?; //TODO: do ask for PIN //TODO: not ideal since it ignores pin-prefixed
Some(read_pin()?)
} else {
None
})
.as_deref(),
)?;
log(&|| {
format!(
"generated credential: {}\ncredential username: {:?}",
hex::encode(&cred.id),
derive_credential_name(luks.device.as_path())
)
});
let creds = vec![HexEncoded(cred.id)]; let creds = vec![HexEncoded(cred.id)];
secret(true, &creds) secret(true, &creds)
} else { } else {