shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

more detailed messages

Browse Source
This commit is contained in:
shimun 2020-03-27 18:28:33 +01:00
parent f5880346b9
commit f6de4a033e
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
3 changed files with 26 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/cli.rs
View File

@ -209,13 +209,20 @@ pub fn run_cli() -> Fido2LuksResult<()> {
}?; }?;
let added_slot = luks::add_key(device.clone(), &secret, &old_secret[..], Some(10))?; let added_slot = luks::add_key(device.clone(), &secret, &old_secret[..], Some(10))?;
if *exclusive { if *exclusive {
luks::remove_keyslots(&device, &[added_slot])?; let destroyed = luks::remove_keyslots(&device, &[added_slot])?;
println!(
"Added to key to device {}, slot: {}\nRemoved {} old keys",
device.display(),
added_slot,
destroyed
);
} else {
println!(
"Added to key to device {}, slot: {}",
device.display(),
added_slot
);
} }
println!(
"Added to key to device {}, slot: {}",
device.display(),
added_slot
);
Ok(()) Ok(())
} }
Command::ReplaceKey { Command::ReplaceKey {

7
src/error.rs
View File

@ -58,7 +58,12 @@ impl From<FidoError> for Fido2LuksError {
impl From<LibcryptErr> for Fido2LuksError { impl From<LibcryptErr> for Fido2LuksError {
fn from(e: LibcryptErr) -> Self { fn from(e: LibcryptErr) -> Self {
LuksError { cause: e } match e {
LibcryptErr::IOError(e) if e.raw_os_error().iter().any(|code| code == &1i32) => {
WrongSecret
}
_ => LuksError { cause: e },
}
} }
} }
impl From<io::Error> for Fido2LuksError { impl From<io::Error> for Fido2LuksError {

15
src/luks.rs
View File

@ -1,9 +1,6 @@
use crate::error::*; use crate::error::*;
use libcryptsetup_rs::{ use libcryptsetup_rs::{CryptActivateFlags, CryptDevice, CryptInit, EncryptionFormat, KeyslotInfo};
CryptActivateFlags, CryptDevice, CryptInit, CryptKeyslot, CryptVolumeKeyFlags,
EncryptionFormat, KeyslotInfo, LibcryptErr,
};
use std::path::Path; use std::path::Path;
fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> { fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
@ -14,7 +11,7 @@ fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
.into_iter() .into_iter()
.fold(None, |res, format| match res { .fold(None, |res, format| match res {
Some(Ok(())) => res, Some(Ok(())) => res,
Some(e) => Some(e.and(load(format))), Some(e) => Some(e.or(load(format))),
None => Some(load(format)), None => Some(load(format)),
}) })
.unwrap()?; .unwrap()?;
@ -47,16 +44,18 @@ pub fn add_key<P: AsRef<Path>>(
Ok(slot) Ok(slot)
} }
pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksResult<()> { pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksResult<u32> {
let mut device = load_device_handle(path)?; let mut device = load_device_handle(path)?;
let mut slot = 0; let mut slot = 0;
let mut handle; let mut handle;
let mut destroyed = 0;
loop { loop {
handle = device.keyslot_handle(Some(slot)); handle = device.keyslot_handle(Some(slot));
match handle.status()? { match handle.status()? {
KeyslotInfo::Inactive => continue, KeyslotInfo::Inactive => continue,
KeyslotInfo::Active if !exclude.contains(&slot) => { KeyslotInfo::Active if !exclude.contains(&slot) => {
dbg!((slot, handle.destroy()?)); handle.destroy()?;
destroyed += 1;
} }
_ => (), _ => (),
} }
@ -66,7 +65,7 @@ pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksRes
} }
slot += 1; slot += 1;
} }
Ok(()) Ok(destroyed)
} }
pub fn replace_key<P: AsRef<Path>>( pub fn replace_key<P: AsRef<Path>>(