From ca822939766828c2584a1924a55452b062f93349 Mon Sep 17 00:00:00 2001
From: shimun <shimun@shimun.net>
Date: Tue, 29 Mar 2022 15:58:16 +0200
Subject: [PATCH] fix: reintroduce connected command

---
 src/cli.rs    | 15 +++++++--------
 src/device.rs | 23 +++++++++++++----------
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/src/cli.rs b/src/cli.rs
index c245f6e..6ebb2f7 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -519,14 +519,13 @@ pub fn run_cli() -> Fido2LuksResult<()> {
                 }
             }
         }
-        Command::Connected => unimplemented!("Not supported by current backend"),
-        //Command::Connected => match get_devices() {
-        //    Ok(ref devs) if !devs.is_empty() => {
-        //        println!("Found {} devices", devs.len());
-        //        Ok(())
-        //    }
-        //    _ => exit(1),
-        //},
+        Command::Connected => match get_devices() {
+            Ok(ref devs) if !devs.is_empty() => {
+                println!("Found {} devices", devs.len());
+                Ok(())
+            }
+            _ => exit(1),
+        },
         Command::Token(cmd) => match cmd {
             TokenCommand::List {
                 device,
diff --git a/src/device.rs b/src/device.rs
index 119942f..4cfa5b7 100644
--- a/src/device.rs
+++ b/src/device.rs
@@ -2,8 +2,10 @@ use crate::error::*;
 
 use crate::util;
 use ctap_hid_fido2;
+use ctap_hid_fido2::HidParam;
 use ctap_hid_fido2::get_assertion_params;
 use ctap_hid_fido2::get_assertion_with_args;
+use ctap_hid_fido2::get_fidokey_devices;
 use ctap_hid_fido2::get_info;
 use ctap_hid_fido2::make_credential_params;
 use ctap_hid_fido2::public_key_credential_descriptor::PublicKeyCredentialDescriptor;
@@ -49,34 +51,31 @@ pub fn perform_challenge<'a>(
     timeout: Duration,
     pin: Option<&str>,
 ) -> Fido2LuksResult<([u8; 32], &'a PublicKeyCredentialDescriptor)> {
+    if credentials.is_empty() {
+        return Err(Fido2LuksError::InsufficientCredentials);
+    }
     let mut req = GetAssertionArgsBuilder::new(RP_ID, &[]).extensions(&[
         get_assertion_params::Extension::HmacSecret(Some(util::sha256(&[&salt[..]]))),
     ]);
+    for cred in credentials {
+        req = req.add_credential_id(&cred.id);
+    }
     if let Some(pin) = pin {
         req = req.pin(pin);
     } else {
         req = req.without_pin_and_uv();
     }
     let resp = get_assertion_with_args(&lib_cfg(), &req.build())?;
-    fn dbg_hex<'a>(name: &str, vec: &'a Vec<u8>) -> &'a Vec<u8> {
-        dbg!((name, hex::encode(&vec)));
-        vec
-    }
-    let cred_used2 = credentials.iter().copied().find(|cred| {
-        resp.iter()
-            .any(|att| dbg_hex("att", &att.credential_id) == dbg_hex("cred", &cred.id))
-    });
     for att in resp {
         for ext in att.extensions.iter() {
             match ext {
                 get_assertion_params::Extension::HmacSecret(Some(secret)) => {
-                    dbg!(cred_used2);
                     //TODO: eliminate unwrap
                     let cred_used = credentials
                         .iter()
                         .copied()
                         .find(|cred| {
-                            dbg_hex("att", &att.credential_id) == dbg_hex("cred", &cred.id)
+                            att.credential_id == cred.id
                         })
                         .unwrap();
                     return Ok((secret.clone(), cred_used));
@@ -97,3 +96,7 @@ pub fn may_require_pin() -> Fido2LuksResult<bool> {
         .any(|(name, val)| &name[..] == "clientPin" && *val);
     Ok(needs_pin)
 }
+
+pub fn get_devices() -> Fido2LuksResult<Vec<(String, HidParam)>> {
+    Ok(get_fidokey_devices())
+}