use develop version

2022-04-04 10:57:57 +02:00 · 2022-04-04 10:57:57 +02:00 · 7daa5a3fdb
commit 7daa5a3fdb
parent 4e986b8f05
4 changed files with 56 additions and 28 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -254,9 +254,8 @@ dependencies = [

 [[package]]
 name = "ctap-hid-fido2"
-version = "2.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "66d39f08d7b0949b5c82b2d3cc5d721eb47c8d42f889da8ee722b6b42db7a408"
+version = "3.0.0"
+source = "git+https://github.com/gebogebogebo/ctap-hid-fido2.git?branch=develop#a7b108e1fcafd38a10f990cf28a41fc06b27cd15"
 dependencies = [
 "aes",
 "anyhow",
@ -747,9 +746,9 @@ dependencies = [

 [[package]]
 name = "quote"
-version = "1.0.16"
+version = "1.0.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b4af2ec4714533fcdf07e886f17025ace8b997b9ce51204ee69b6da831c3da57"
+checksum = "632d02bff7f874a36f33ea8bb416cd484b90cc66c1194b1a1110d067a7013f58"
 dependencies = [
 "proc-macro2",
 ]
--- a/Cargo.toml
+++ b/Cargo.toml
@ -14,7 +14,9 @@ categories = ["command-line-utilities"]
 license = "MPL-2.0"

 [dependencies]
-ctap-hid-fido2 = "2.2.3" 
+# ctap-hid-fido2 = "2.2.3" 
+# ctap-hid-fido2 = { path = "../ctap-hid-fido2" }
+ctap-hid-fido2 = { git = "https://github.com/gebogebogebo/ctap-hid-fido2.git", branch = "develop" }
 hex = "0.3.2"
 ring = "0.16.5"
 failure = "0.1.5"
@ -27,7 +29,9 @@ serde = "1.0.116"
 anyhow = "1.0.56"

 [build-dependencies]
-ctap-hid-fido2 = "2.2.3" 
+# ctap-hid-fido2 = "2.2.3" 
+# ctap-hid-fido2 = { path = "../ctap-hid-fido2" }
+ctap-hid-fido2 = { git = "https://github.com/gebogebogebo/ctap-hid-fido2.git", branch = "develop" }
 hex = "0.3.2"
 ring = "0.16.5"
 failure = "0.1.5"
--- a/src/cli.rs
+++ b/src/cli.rs
@ -11,7 +11,6 @@ use std::io::Write;
 use std::iter::FromIterator;
 use std::path::Path;
 use std::str::FromStr;
-use std::thread;
 use std::time::Duration;
 use std::time::SystemTime;
 use structopt::clap::Shell;
--- a/src/device.rs
+++ b/src/device.rs
@ -2,17 +2,16 @@ use crate::error::*;

 use crate::util;
 use ctap_hid_fido2;
-use ctap_hid_fido2::HidParam;
-use ctap_hid_fido2::get_assertion_params;
-use ctap_hid_fido2::get_assertion_with_args;
+use ctap_hid_fido2::fidokey::get_assertion::get_assertion_params;
+use ctap_hid_fido2::fidokey::make_credential::make_credential_params;
+use ctap_hid_fido2::fidokey::GetAssertionArgsBuilder;
+use ctap_hid_fido2::fidokey::MakeCredentialArgsBuilder;
 use ctap_hid_fido2::get_fidokey_devices;
-use ctap_hid_fido2::get_info;
-use ctap_hid_fido2::make_credential_params;
 use ctap_hid_fido2::public_key_credential_descriptor::PublicKeyCredentialDescriptor;
 use ctap_hid_fido2::public_key_credential_user_entity::PublicKeyCredentialUserEntity;
-use ctap_hid_fido2::GetAssertionArgsBuilder;
+use ctap_hid_fido2::FidoKeyHid;
+use ctap_hid_fido2::HidInfo;
 use ctap_hid_fido2::LibCfg;
-use ctap_hid_fido2::MakeCredentialArgsBuilder;
 use std::time::Duration;

 const RP_ID: &str = "fido2luks";
@ -42,14 +41,23 @@ pub fn make_credential_id(
            name,
        ));
    }
-    let resp = ctap_hid_fido2::make_credential_with_args(&lib_cfg(), &req.build())?;
-    Ok(resp.credential_descriptor)
+    let devices = get_devices()?;
+    let mut err: Option<Fido2LuksError> = None;
+    let req = req.build();
+    for dev in devices {
+        let handle = FidoKeyHid::new(&vec![dev.param], &lib_cfg()).unwrap();
+        match handle.make_credential_with_args(&req) {
+            Ok(resp) => return Ok(resp.credential_descriptor),
+            Err(e) => err = Some(e.into()),
+        }
+    }
+    Err(err.unwrap_or(Fido2LuksError::NoAuthenticatorError))
 }

 pub fn perform_challenge<'a>(
    credentials: &'a [&'a PublicKeyCredentialDescriptor],
    salt: &[u8; 32],
-    timeout: Duration,
+    _timeout: Duration,
    pin: Option<&str>,
 ) -> Fido2LuksResult<([u8; 32], &'a PublicKeyCredentialDescriptor)> {
    if credentials.is_empty() {
@ -66,7 +74,7 @@ pub fn perform_challenge<'a>(
    } else {
        req = req.without_pin_and_uv();
    }
-    let resp = get_assertion_with_args(&lib_cfg(), &req.build())?;
+    let process_response = |resp: Vec<get_assertion_params::Assertion>| -> Fido2LuksResult<([u8; 32], &'a PublicKeyCredentialDescriptor)> {
    for att in resp {
        for ext in att.extensions.iter() {
            match ext {
@ -85,19 +93,37 @@ pub fn perform_challenge<'a>(
            }
        }
     }
-    //TODO: create fitting error
        Err(Fido2LuksError::WrongSecret)
+    };
+
+    let devices = get_devices()?;
+    let mut err: Option<Fido2LuksError> = None;
+    let req = req.build();
+    for dev in devices {
+        let handle = FidoKeyHid::new(&vec![dev.param], &lib_cfg()).unwrap();
+        match handle.get_assertion_with_args(&req) {
+            Ok(resp) => return process_response(resp),
+            Err(e) => err = Some(e.into()),
+        }
+    }
+    Err(err.unwrap_or(Fido2LuksError::NoAuthenticatorError))
 }

 pub fn may_require_pin() -> Fido2LuksResult<bool> {
-    let info = get_info(&lib_cfg())?;
+    for dev in get_devices()? {
+        let dev = FidoKeyHid::new(&vec![dev.param], &lib_cfg()).unwrap();
+        let info = dev.get_info()?;
        let needs_pin = info
            .options
            .iter()
            .any(|(name, val)| &name[..] == "clientPin" && *val);
-    Ok(needs_pin)
+        if needs_pin {
+            return Ok(true);
+        }
+    }
+    Ok(false)
 }

-pub fn get_devices() -> Fido2LuksResult<Vec<(String, HidParam)>> {
+pub fn get_devices() -> Fido2LuksResult<Vec<HidInfo>> {
    Ok(get_fidokey_devices())
 }