shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

add option to specify keyslot

Browse Source
This commit is contained in:
shimun 2020-04-29 18:55:25 +02:00
parent c3d6425e2d
commit fcdd2a2d3d
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cli.rs
View File

@ -76,6 +76,9 @@ pub struct AuthenticatorParameters {
pub struct LuksParameters { pub struct LuksParameters {
#[structopt(env = "FIDO2LUKS_DEVICE")] #[structopt(env = "FIDO2LUKS_DEVICE")]
device: PathBuf, device: PathBuf,
#[structopt(long = "slot", env = "FIDO2LUKS_DEVICE_SLOT")]
slot_hint: Option<u32>,
} }
#[derive(Debug, StructOpt, Clone)] #[derive(Debug, StructOpt, Clone)]
@ -461,7 +464,7 @@ pub fn run_cli() -> Fido2LuksResult<()> {
&salt("Password", false)?, &salt("Password", false)?,
authenticator.await_time, authenticator.await_time,
) )
.and_then(|secret| luks::open_container(&luks.device, &name, &secret)) .and_then(|secret| luks::open_container(&luks.device, &name, &secret, luks.slot_hint))
{ {
Err(e) => { Err(e) => {
match e { match e {

4
src/luks.rs
View File

@ -18,11 +18,11 @@ fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
Ok(device) Ok(device)
} }
pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8]) -> Fido2LuksResult<()> { pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8], slot_hint: Option<u32>) -> Fido2LuksResult<()> {
let mut device = load_device_handle(path)?; let mut device = load_device_handle(path)?;
device device
.activate_handle() .activate_handle()
.activate_by_passphrase(Some(name), None, secret, CryptActivateFlags::empty()) .activate_by_passphrase(Some(name), slot_hint, secret, CryptActivateFlags::empty())
.map(|_slot| ()) .map(|_slot| ())
.map_err(|_e| Fido2LuksError::WrongSecret) .map_err(|_e| Fido2LuksError::WrongSecret)
} }