shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

add timeout

Browse Source
This commit is contained in:
shimun 2020-04-05 23:24:18 +02:00
parent 1658800553
commit ad2451f548
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
4 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Cargo.lock generated
View File

@ -223,8 +223,8 @@ dependencies = [
[[package]] [[package]]
name = "ctap_hmac" name = "ctap_hmac"
version = "0.3.0" version = "0.4.1"
source = "git+https://git.shimun.net/shimun/ctap.git?branch=assert_multiple#65ef57403182fce13b5266ba7838558ba2ad008f" source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [ dependencies = [
"byteorder 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)", "byteorder 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
"cbor-codec 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "cbor-codec 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
@ -337,7 +337,7 @@ dependencies = [
name = "fido2luks" name = "fido2luks"
version = "0.2.6" version = "0.2.6"
dependencies = [ dependencies = [
"ctap_hmac 0.3.0 (git+https://git.shimun.net/shimun/ctap.git?branch=assert_multiple)", "ctap_hmac 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
"failure 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", "failure 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
"hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
"libcryptsetup-rs 0.3.0 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)", "libcryptsetup-rs 0.3.0 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)",
@ -1024,7 +1024,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
"checksum crossbeam-queue 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c695eeca1e7173472a32221542ae469b3e9aac3a4fc81f7696bcad82029493db" "checksum crossbeam-queue 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c695eeca1e7173472a32221542ae469b3e9aac3a4fc81f7696bcad82029493db"
"checksum crossbeam-utils 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c3c7c73a2d1e9fc0886a08b93e98eb643461230d5f1925e4036204d5f2e261a8" "checksum crossbeam-utils 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c3c7c73a2d1e9fc0886a08b93e98eb643461230d5f1925e4036204d5f2e261a8"
"checksum csv-core 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" "checksum csv-core 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90"
"checksum ctap_hmac 0.3.0 (git+https://git.shimun.net/shimun/ctap.git?branch=assert_multiple)" = "<none>" "checksum ctap_hmac 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "6b22457233b74539c53c10658eb3effb7c3d50907276dab6b5fbd8391d2b4351"
"checksum darling 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "0d706e75d87e35569db781a9b5e2416cff1236a47ed380831f959382ccd5f858" "checksum darling 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "0d706e75d87e35569db781a9b5e2416cff1236a47ed380831f959382ccd5f858"
"checksum darling_core 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b" "checksum darling_core 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b"
"checksum darling_macro 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72" "checksum darling_macro 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72"

2
Cargo.toml
View File

@ -14,7 +14,7 @@ categories = ["command-line-utilities"]
license-file = "LICENSE" license-file = "LICENSE"
[dependencies] [dependencies]
ctap_hmac = { git = "https://git.shimun.net/shimun/ctap.git", branch = "assert_multiple", features = ["request_multiple"] } ctap_hmac = { version="0.4.1", features = ["request_multiple"] }
hex = "0.3.2" hex = "0.3.2"
ring = "0.13.5" ring = "0.13.5"
failure = "0.1.5" failure = "0.1.5"

4
src/cli.rs
View File

@ -48,7 +48,7 @@ impl<T: Display + FromStr> FromStr for CommaSeparated<T> {
fn from_str(s: &str) -> Result<Self, Self::Err> { fn from_str(s: &str) -> Result<Self, Self::Err> {
Ok(CommaSeparated( Ok(CommaSeparated(
s.split(',') s.split(',')
.map(|part| <T as FromStr>::from_str(dbg!(part))) .map(|part| <T as FromStr>::from_str(part))
.collect::<Result<Vec<_>, _>>()?, .collect::<Result<Vec<_>, _>>()?,
)) ))
} }
@ -144,7 +144,7 @@ impl SecretGeneration {
.collect::<Vec<_>>(); .collect::<Vec<_>>();
let credentials = credentials.iter().collect::<Vec<_>>(); let credentials = credentials.iter().collect::<Vec<_>>();
Ok(assemble_secret( Ok(assemble_secret(
&perform_challenge(&credentials[..], &salt)?, &perform_challenge(&credentials[..], &salt, timeout - start.elapsed().unwrap())?,
&salt, &salt,
)) ))
} }

4
src/device.rs
View File

@ -4,6 +4,7 @@ use ctap::{
self, extensions::hmac::HmacExtension, request_multiple_devices, FidoAssertionRequestBuilder, self, extensions::hmac::HmacExtension, request_multiple_devices, FidoAssertionRequestBuilder,
FidoCredential, FidoCredentialRequestBuilder, FidoDevice, FidoError, FidoErrorKind, FidoCredential, FidoCredentialRequestBuilder, FidoDevice, FidoError, FidoErrorKind,
}; };
use std::time::Duration;
const RP_ID: &'static str = "fido2luks"; const RP_ID: &'static str = "fido2luks";
@ -18,12 +19,14 @@ pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoCredential>
get_devices()? get_devices()?
.iter_mut() .iter_mut()
.map(|device| (device, &make_credential)), .map(|device| (device, &make_credential)),
None,
)?) )?)
} }
pub fn perform_challenge( pub fn perform_challenge(
credentials: &[&FidoCredential], credentials: &[&FidoCredential],
salt: &[u8; 32], salt: &[u8; 32],
timeout: Duration,
) -> Fido2LuksResult<[u8; 32]> { ) -> Fido2LuksResult<[u8; 32]> {
let request = FidoAssertionRequestBuilder::default() let request = FidoAssertionRequestBuilder::default()
.rp_id(RP_ID) .rp_id(RP_ID)
@ -35,6 +38,7 @@ pub fn perform_challenge(
get_devices()? get_devices()?
.iter_mut() .iter_mut()
.map(|device| (device, &get_assertion)), .map(|device| (device, &get_assertion)),
Some(timeout),
)?; )?;
Ok(secret) Ok(secret)
} }