rudimentary pin support

src/device.rs

@@ -9,13 +9,21 @@ use std::time::Duration;
 
 const RP_ID: &str = "fido2luks";
 
-pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoCredential> {
+pub fn make_credential_id(
+    name: Option<&str>,
+    pin: Option<&str>,
+) -> Fido2LuksResult<FidoCredential> {
     let mut request = FidoCredentialRequestBuilder::default().rp_id(RP_ID);
     if let Some(user_name) = name {
         request = request.user_name(user_name);
     }
     let request = request.build().unwrap();
-    let make_credential = |device: &mut FidoDevice| device.make_hmac_credential(&request);
+    let make_credential = |device: &mut FidoDevice| {
+        if let Some(pin) = pin {
+            device.unlock(pin)?;
+        }
+        device.make_hmac_credential(&request)
+    };
     Ok(request_multiple_devices(
         get_devices()?
             .iter_mut()
@@ -28,6 +36,7 @@ pub fn perform_challenge(
     credentials: &[&FidoCredential],
     salt: &[u8; 32],
     timeout: Duration,
+    pin: Option<&str>,
 ) -> Fido2LuksResult<[u8; 32]> {
     let request = FidoAssertionRequestBuilder::default()
         .rp_id(RP_ID)
@@ -35,6 +44,9 @@ pub fn perform_challenge(
         .build()
         .unwrap();
     let get_assertion = |device: &mut FidoDevice| {
+        if let Some(pin) = pin {
+            device.unlock(pin)?;
+        }
         device.get_hmac_assertion(&request, &util::sha256(&[&salt[..]]), None)
     };
     let (_, (secret, _)) = request_multiple_devices(