shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

allow for named credentials

Browse Source
This commit is contained in:
shimun
2020-01-10 21:32:39 +01:00
parent 721dded6d2
commit 7f2668eded
4 changed files with 43 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/cli.rs
View File

@@ -177,7 +177,11 @@ pub enum Command {
},
/// Generate a new FIDO credential
#[structopt(name = "credential")]
Credential,
Credential {
/// Name to be displayed on the authenticator if it has a display
#[structopt(env = "FIDO2LUKS_CREDENTIAL_NAME")]
name: Option<String>,
},
/// Check if an authenticator is connected
#[structopt(name = "connected")]
Connected,
@@ -191,8 +195,8 @@ pub fn run_cli() -> Fido2LuksResult<()> {
let mut stdout = io::stdout();
let args = parse_cmdline();
match &args.command {
Command::Credential => {
let cred = make_credential_id()?;
Command::Credential { name } => {
let cred = make_credential_id(name.as_ref().map(|n| n.as_ref()))?;
println!("{}", hex::encode(&cred.id));
Ok(())
}

10
src/device.rs
View File

@@ -25,16 +25,16 @@ fn authenticator_rp() -> PublicKeyCredentialRpEntity<'static> {
}
}
fn authenticator_user() -> PublicKeyCredentialUserEntity<'static> {
fn authenticator_user(name: Option<&str>) -> PublicKeyCredentialUserEntity {
PublicKeyCredentialUserEntity {
id: &[0u8],
name: "",
name: name.unwrap_or(""),
icon: None,
display_name: None,
display_name: name,
}
}
pub fn make_credential_id() -> Fido2LuksResult<FidoHmacCredential> {
pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoHmacCredential> {
let mut errs = Vec::new();
match get_devices()? {
ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
@@ -43,7 +43,7 @@ pub fn make_credential_id() -> Fido2LuksResult<FidoHmacCredential> {
match dev
.make_hmac_credential_full(
authenticator_rp(),
authenticator_user(),
authenticator_user(name),
&[0u8; 32],
&[],
authenticator_options(),