shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

fetch salt only once
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
shimunn 2019-09-17 21:44:51 +02:00
parent 1a262c17cb
commit c9d8d24eec
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
2 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/config.rs
View File

@ -8,17 +8,16 @@ use std::collections::HashMap;
use std::env; use std::env;
use std::fs::File; use std::fs::File;
use std::io::Read; use std::io::Read;
use std::path::{PathBuf, Path}; use std::path::{Path, PathBuf};
use std::process::Command; use std::process::Command;
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]
pub struct EnvConfig { pub struct EnvConfig {
credential_id: String, credential_id: String,
uuid: String, uuid: String,
salt: String, salt: String,
mapper_name: String, mapper_name: String,
password_helper: String password_helper: String,
} }
impl Into<Config> for EnvConfig { impl Into<Config> for EnvConfig {
@ -29,14 +28,15 @@ impl Into<Config> for EnvConfig {
mapper_name: self.mapper_name, mapper_name: self.mapper_name,
password_helper: PasswordHelper::Script(self.password_helper), password_helper: PasswordHelper::Script(self.password_helper),
input_salt: if PathBuf::from(&self.salt).exists() { input_salt: if PathBuf::from(&self.salt).exists() {
InputSalt::File { path: self.salt.into() } InputSalt::File {
path: self.salt.into(),
}
} else { } else {
InputSalt::AskPassword InputSalt::AskPassword
},
} }
} }
} }
}
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]
pub struct Config { pub struct Config {

10
src/main.rs
View File

@ -94,8 +94,6 @@ fn main() -> Fido2LuksResult<()> {
)) ))
}; };
if args.is_empty() { if args.is_empty() {
let salt = conf.input_salt.obtain(&conf.password_helper)?;
dbg!(hex::encode(&salt));
if env.contains_key("CRYPTTAB_NAME") { if env.contains_key("CRYPTTAB_NAME") {
//Indicates that this script is being run as keyscript //Indicates that this script is being run as keyscript
let mut out = stdout(); let mut out = stdout();
@ -109,7 +107,13 @@ fn main() -> Fido2LuksResult<()> {
match args.first().map(|s| s.as_ref()).unwrap() { match args.first().map(|s| s.as_ref()).unwrap() {
"addkey" => add_key_to_luks(&Config::load_default_location()?).map(|_| ()), "addkey" => add_key_to_luks(&Config::load_default_location()?).map(|_| ()),
"setup" => setup(), "setup" => setup(),
"open" if args.get(1).map(|a| &*a == "-e").unwrap_or(false) => open(&envy::prefixed("FIDO2LUKS_").from_env::<EnvConfig>().expect("Missing env config values").into(), &secret()?), "open" if args.get(1).map(|a| &*a == "-e").unwrap_or(false) => open(
&envy::prefixed("FIDO2LUKS_")
.from_env::<EnvConfig>()
.expect("Missing env config values")
.into(),
&secret()?,
),
"open" => open(&conf, &secret()?), "open" => open(&conf, &secret()?),
"connected" => match authenticator_connected()? { "connected" => match authenticator_connected()? {
false => { false => {