bump version

* create PKGBUILD file

* use build & install method

* add package dependencies

.drone.yml

@@ -3,32 +3,27 @@ name: default
 
 steps:
  - name: fmt
-   image: rust:1.37.0
+   image: rust:1.43.0
    commands:
-     -  rustup component add rustfmt
+     - rustup component add rustfmt
-     -  cargo fmt --all -- --check
+     - cargo fmt --all -- --check
  - name: test
-   image: rust:1.37.0
+   image: ubuntu:focal
+   environment:
+    DEBIAN_FRONTEND: noninteractive
    commands:
-    - apt update && apt install -y libcryptsetup-dev libkeyutils-dev
+    - apt update && apt install -y cargo libkeyutils-dev libclang-dev clang pkg-config libcryptsetup-dev 
-    - cargo test
+    - cargo test --locked
-
- - name: build
-   image: rust:1.37.0
-   commands:
-    - apt update && apt install -y libcryptsetup-dev libkeyutils-dev
-    - cargo install -f --path . --root .
-   when:
-    event: tag
  - name: publish
-   image: plugins/github-release
+   image: ubuntu:focal
-   settings:
+   environment:
-     api_key:
+    DEBIAN_FRONTEND: noninteractive
-      from_secret: github_release
+    CARGO_REGISTRY_TOKEN:
-     files:
+     from_secret: cargo_tkn
-      - bin/fido2luks
+   commands:
-     checksum:
+    - grep -E 'version ?= ?"${DRONE_TAG}"' -i Cargo.toml || (printf "incorrect crate/tag version" && exit 1)
-      - md5
+    - apt update && apt install -y cargo libkeyutils-dev libclang-dev clang pkg-config libcryptsetup-dev 
-      - sha256
+    - cargo package --all-features
+    - cargo publish --all-features
    when:
     event: tag

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "fido2luks"
-version = "0.2.2"
+version = "0.2.13"
 authors = ["shimunn <shimun@shimun.net>"]
 edition = "2018"
 
@@ -11,20 +11,19 @@ repository = "https://github.com/shimunn/fido2luks"
 readme = "README.md"
 keywords = ["luks", "fido2", "u2f"]
 categories = ["command-line-utilities"]
-license-file = "LICENSE"
+license = "MPL-2.0"
 
 [dependencies]
-#ctap = "0.1.0"
+ctap_hmac = { version="0.4.2", features = ["request_multiple"] }
-ctap_hmac = "0.2.1"
-cryptsetup-rs = "0.2.1"
-libcryptsetup-sys = "0.1.2"
-
-
 hex = "0.3.2"
 ring = "0.13.5"
 failure = "0.1.5"
 rpassword = "4.0.1"
 structopt = "0.3.2"
+libcryptsetup-rs = "0.4.1"
+serde_json = "1.0.51"
+serde_derive = "1.0.106"
+serde = "1.0.106"
 
 [profile.release]
 lto = true
@@ -32,3 +31,15 @@ opt-level = 'z'
 panic = 'abort'
 incremental = false
 overflow-checks = false
+
+[package.metadata.deb]
+depends = "$auto, cryptsetup"
+build-depends = "libclang-dev, libcryptsetup-dev"
+extended-description = "Decrypt your LUKS partition using a FIDO2 compatible authenticator"
+assets = [
+    ["target/release/fido2luks", "usr/bin/", "755"],
+    ["initramfs-tools/keyscript.sh", "/lib/cryptsetup/scripts/fido2luks", "755" ],
+    ["initramfs-tools/hook/fido2luks.sh", "etc/initramfs-tools/hooks/", "755" ],
+    ["initramfs-tools/fido2luks.conf", "etc/", "644"],
+]
+conf-files = ["/etc/fido2luks.conf"]

PKGBUILD

@@ -0,0 +1,26 @@
+# Maintainer: shimunn <shimun@shimun.net>
+pkgname=fido2luks
+pkgver=0.2.12
+pkgrel=1
+makedepends=('rust' 'cargo' 'cryptsetup' 'clang')
+depends=('cryptsetup')
+arch=('i686' 'x86_64' 'armv6h' 'armv7h')
+pkgdesc="Decrypt your LUKS partition using a FIDO2 compatible authenticator"
+url="https://github.com/shimunn/fido2luks"
+license=('MPL-2.0')
+
+pkgver() {
+	# Use tag version if possible otherwise concat project version and git ref
+	git describe --exact-match --tags HEAD 2> /dev/null || \
+		echo "$(cargo pkgid | cut -d'#' -f2).$(git describe --always)"
+}
+
+build() {
+    cargo build --release --locked --all-features --target-dir=target
+    ./target/release/fido2luks completions bash target
+}
+
+package() {
+    install -Dm 755 target/release/${pkgname} -t "${pkgdir}/usr/bin"
+    install -Dm 644 target/fido2luks.bash "${pkgdir}/usr/share/bash-completion/completions/fido2luks"
+}

README.md

@@ -1,15 +1,15 @@
 # fido2luks [![Crates.io Version](https://img.shields.io/crates/v/fido2luks.svg)](https://crates.io/crates/fido2luks)
 
-This will allow you to unlock your luks encrypted disk with an fido2 compatible key
+This will allow you to unlock your LUKS encrypted disk with an FIDO2 compatible key.
 
-Note: This has only been tested under Fedora 31 using a Solo Key, Trezor Model T
+Note: This has only been tested under Fedora 31, [Ubuntu 20.04](initramfs-tools/), [NixOS](https://nixos.org/nixos/manual/#sec-luks-file-systems-fido2) using a Solo Key, Trezor Model T
 
 ## Setup
 
 ### Prerequisites
 
 ```
-dnf install cargo cryptsetup-devel -y
+dnf install clang cargo cryptsetup-devel -y
 ```
 
 ### Device
@@ -17,18 +17,24 @@ dnf install cargo cryptsetup-devel -y
 ```
 git clone https://github.com/shimunn/fido2luks.git && cd fido2luks
 
-#Alternativly cargo build --release && sudo cp target/release/fido2luks /usr/bin/
+# Alternativly cargo build --release && sudo cp target/release/fido2luks /usr/bin/
-CARGO_INSTALL_ROOT=/usr sudo -E cargo install -f --path .
+sudo -E cargo install -f --path . --root /usr
 
-echo FIDO2LUKS_CREDENTIAL_ID=$(fido2luks credential) >> dracut/96luks-2fa/fido2luks.conf
+# Copy template
+cp dracut/96luks-2fa/fido2luks.conf /etc/
+# Name is optional but useful if your authenticator has a display
+echo FIDO2LUKS_CREDENTIAL_ID=$(fido2luks credential [NAME]) >> /etc/fido2luks.conf
 
+# Load config into env
 set -a
-. dracut/96luks-2fa/fido2luks.conf
+. /etc/fido2luks.conf
 
-#Repeat for each luks volume
+# Repeat for each luks volume
+# You can also use the `--token` flag when using LUKS2 which will then store the credential in the LUKS header,
+# enabling you to use `fido2luks open-token` without passing a credential as parameter
 sudo -E fido2luks -i add-key /dev/disk/by-uuid/<DISK_UUID>
 
-#Test(only works if the luks container isn't active)
+# Test(only works if the luks container isn't active)
 sudo -E fido2luks -i open /dev/disk/by-uuid/<DISK_UUID> luks-<DISK_UUID>
 
 ```
@@ -45,13 +51,13 @@ sudo make install
 
 Add `rd.luks.2fa=<CREDENTIAL_ID>:<DISK_UUID>` to `GRUB_CMDLINE_LINUX` in /etc/default/grub
 
-Note: This is only required for your root disk, systemd will try to unlock all other luks partions using the same key if you added it using `fido2luks add-key`
+Note: This is only required for your root disk, systemd will try to unlock all other LUKS partions using the same key if you added it using `fido2luks add-key`
 
 ```
 grub2-mkconfig > /boot/grub2/grub.cfg
 ```
 
-I'd also recommend to copy the executable onto /boot so that it is accessible in case you have to access your disk from a live system
+I'd also recommend to copy the executable onto /boot so that it is accessible in case you have to access your disk from a rescue system
 
 ```
 mkdir /boot/fido2luks/
@@ -59,14 +65,16 @@ cp /usr/bin/fido2luks /boot/fido2luks/
 cp /etc/fido2luks.conf /boot/fido2luks/
 ```
 
-## Test
+## Testing
 
-Just reboot and see if it works, if thats the case you should remove your old less secure password from your luks header:
+Just reboot and see if it works, if that's the case you should remove your old less secure password from your LUKS header:
 
 ```
-#Recommend in case you lose your authenticator, store this backupfile somewhere safe
+# Recommend in case you lose your authenticator, store this backupfile somewhere safe
 cryptsetup luksHeaderBackup /dev/disk/by-uuid/<DISK_UUID> --header-backup-file luks_backup_<DISK_UUID>
-#There is no turning back if you mess this up, make sure you made a backup
+# There is no turning back if you mess this up, make sure you made a backup
+# You can also pass `--token` if you're using LUKS2 which will then store the credential in the LUKS header,
+# which will enable you to use `fido2luks open-token` without passing a credential as parameter
 fido2luks -i add-key --exclusive /dev/disk/by-uuid/<DISK_UUID>
 ```
 
@@ -74,9 +82,10 @@ fido2luks -i add-key --exclusive /dev/disk/by-uuid/<DISK_UUID>
 
 ### Password less
 
-Remove your previous secret as described in the next section, incase you already added one.
+Remove your previous secret as described in the next section, in case you've already added one.
 
 Open `/etc/fido2luks.conf` and replace `FIDO2LUKS_SALT=Ask` with `FIDO2LUKS_SALT=string:<YOUR_RANDOM_STRING>`
+but be warned that this password will be included to into your initramfs.
 
 Import the new config into env:
 
@@ -87,6 +96,13 @@ set -a
 
 Then add the new secret to each device and update dracut afterwards `dracut -f`
 
+### Multiple keys
+
+Additional/backup keys are supported, Multiple fido2luks credentials can be added to your /etc/fido2luks.conf file. Credential tokens are comma separated.
+```
+FIDO2LUKS_CREDENTIAL_ID=<CREDENTIAL1>,<CREDENTIAL2>,<CREDENTIAL3>
+```
+
 ## Removal
 
 Remove `rd.luks.2fa` from `GRUB_CMDLINE_LINUX` in /etc/default/grub
@@ -96,5 +112,19 @@ set -a
 . fido2luks.conf
 sudo -E fido2luks -i replace-key /dev/disk/by-uuid/<DISK_UUID>
 
-sudo rm -rf /usr/lib/dracut/modules.d/96luks-2fa /etc/dracut.conf.d/luks-2fa.conf
+sudo rm -rf /usr/lib/dracut/modules.d/96luks-2fa /etc/dracut.conf.d/luks-2fa.conf /etc/fido2luks.conf
 ```
+
+## License
+
+Licensed under
+
+ * Mozilla Public License 2.0, ([LICENSE-MPL](LICENSE-MPL) or https://www.mozilla.org/en-US/MPL/2.0/)
+
+### Contribution
+
+Unless you explicitly state otherwise, any contribution intentionally
+submitted for inclusion in the work by you, as defined in the MPL 2.0
+license, shall be licensed as above, without any additional terms or
+conditions.
+

dracut/96luks-2fa/luks-2fa-generator.sh

@@ -9,7 +9,7 @@ MOUNT=$(command -v mount)
 UMOUNT=$(command -v umount)
 
 TIMEOUT=120
-CON_MSG="Please connect your authenicator"
+CON_MSG="Please connect your authenticator"
 
 generate_service () {
         local credential_id=$1 target_uuid=$2 timeout=$3 sd_dir=${4:-$NORMAL_DIR}
@@ -19,6 +19,10 @@ generate_service () {
 
         local crypto_target_service="systemd-cryptsetup@luks\x2d${sd_target_uuid}.service"
         local sd_service="${sd_dir}/luks-2fa@luks\x2d${sd_target_uuid}.service"
+        local fido2luks_args="--bin"
+        if [ ! -z "$timeout" ]; then
+          fido2luks_args="$fido2luks_args --await-dev ${timeout}"
+        fi
         {
                 printf -- "[Unit]"
                 printf -- "\nDescription=%s" "2fa for luks"
@@ -27,18 +31,15 @@ generate_service () {
                 printf -- "\nBefore=%s umount.target luks-2fa.target" "$crypto_target_service"
                 printf -- "\nConflicts=umount.target"
                 printf -- "\nDefaultDependencies=no"
-                printf -- "\nJobTimeoutSec=%s" "$timeout"
+                [ ! -z "$timeout" ] && printf -- "\nJobTimeoutSec=%s" "$timeout"
-
                 printf -- "\n\n[Service]"
                 printf -- "\nType=oneshot"
                 printf -- "\nRemainAfterExit=yes"
                 printf -- "\nEnvironmentFile=%s" "/etc/fido2luks.conf"
-                printf -- "\nEnvironment=FIDO2LUKS_CREDENTIAL_ID='%s'" "$credential_id"
+                [ ! -z "$credential_id" ] && printf -- "\nEnvironment=FIDO2LUKS_CREDENTIAL_ID='%s'" "$credential_id"
                 printf -- "\nKeyringMode=%s" "shared"
 		            printf -- "\nExecStartPre=-/usr/bin/plymouth display-message --text \"${CON_MSG}\""
-		            printf -- "\nExecStartPre=-/bin/bash -c \"while ! ${FIDO2LUKS} connected; do /usr/bin/sleep 1; done\""
+                printf -- "\nExecStart=/bin/bash -c \"${FIDO2LUKS} print-secret $fido2luks_args | ${CRYPTSETUP} attach 'luks-%s' '/dev/disk/by-uuid/%s' '/dev/stdin'\"" "$target_uuid" "$target_uuid"
-		            printf -- "\nExecStartPre=-/usr/bin/plymouth hide-message --text \"${CON_MSG}\""
-                printf -- "\nExecStart=/bin/bash -c \"${FIDO2LUKS} print-secret --bin | ${CRYPTSETUP} attach 'luks-%s' '/dev/disk/by-uuid/%s' '/dev/stdin'\"" "$target_uuid" "$target_uuid"
                 printf -- "\nExecStop=${CRYPTSETUP} detach 'luks-%s'" "$target_uuid"
         } > "$sd_service"
 

initramfs-tools/Makefile

@@ -0,0 +1,11 @@
+.PHONY: install
+install:
+	chmod +x hook/fido2luks.sh keyscript.sh
+	cp -f hook/fido2luks.sh /etc/initramfs-tools/hooks/
+	mkdir -p /usr/share/fido2luks
+	cp -f keyscript.sh /lib/cryptsetup/scripts/fido2luks
+	update-initramfs -u
+remove:
+	sh -c "grep 'keyscript=fido2luks' -i /etc/crypttab && ( echo 'ERROR: your system is still setup to use fido2luks during boot' && exit 1) || exit 0"
+	rm /etc/initramfs-tools/hooks/fido2luks.sh /lib/cryptsetup/scripts/fido2luks
+	update-initramfs -u

initramfs-tools/README.md

@@ -0,0 +1,34 @@
+## Initramfs-tools based systems(Ubuntu and derivatives)
+
+For easiest installation [download and install the precompiled deb from releases.](https://github.com/shimunn/fido2luks/releases). However it is possible to build from source via the instructions on the main readme.
+
+```
+sudo -s
+
+# Insert FIDO key.
+fido2luks credential
+# Tap FIDO key
+# Copy returned string <CREDENTIAL>
+
+nano /etc/fido2luks.conf
+# Insert <CREDENTIAL> 
+# FIDO2LUKS_CREDENTIAL_ID=<CREDENTIAL> 
+
+set -a
+. /etc/fido2luks.conf
+fido2luks -i add-key /dev/<LUKS PARTITION>
+# Current password: <Any current LUKS password>
+# Password: <Password used as FIDO challange>
+# Tap FIDO key
+
+nano /etc/crypttab
+# Append to end ",discard,initramfs,keyscript=fido2luks"
+# E.g. sda6_crypt UUID=XXXXXXXXXX none luks,discard,initramfs,keyscript=fido2luks
+
+update-initramfs -u
+
+
+```
+
+[Recording showing part of the setup](https://shimun.net/fido2luks/setup.svg)
+

initramfs-tools/fido2luks.conf

@@ -0,0 +1,3 @@
+FIDO2LUKS_SALT=Ask
+#FIDO2LUKS_PASSWORD_HELPER="/usr/bin/plymouth ask-for-password --prompt 'FIDO2 password salt'"
+FIDO2LUKS_CREDENTIAL_ID=

initramfs-tools/hook/fido2luks.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+case "$1" in
+prereqs)
+	echo ""
+	exit 0
+	;;
+
+esac
+
+. /usr/share/initramfs-tools/hook-functions
+copy_file config /etc/fido2luks.conf /etc/fido2luks.conf
+copy_exec /usr/bin/fido2luks
+exit 0

initramfs-tools/keyscript.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+set -a
+. /etc/fido2luks.conf
+
+if [ -z "$FIDO2LUKS_PASSWORD_HELPER" ]; then
+	MSG="FIDO2 password salt for $CRYPTTAB_NAME"
+	export FIDO2LUKS_PASSWORD_HELPER="plymouth ask-for-password --prompt '$MSG'"
+fi
+
+fido2luks print-secret --bin

src/cli.rs

@@ -1,93 +1,134 @@
 use crate::error::*;
 use crate::*;
 
-use cryptsetup_rs as luks;
+use structopt::clap::{AppSettings, Shell};
-use cryptsetup_rs::api::{CryptDeviceHandle, CryptDeviceOpenBuilder, Luks1Params};
-use cryptsetup_rs::{CryptDevice, Luks1CryptDevice};
-
-use libcryptsetup_sys::crypt_keyslot_info;
 use structopt::StructOpt;
 
-use std::io::Write;
+use ctap::{FidoCredential, FidoErrorKind};
+use failure::_core::fmt::{Display, Error, Formatter};
+use failure::_core::str::FromStr;
+use failure::_core::time::Duration;
+use std::io::{Read, Write};
 use std::process::exit;
+use std::thread;
 
-pub fn add_key_to_luks(
+use crate::luks::{Fido2LuksToken, LuksDevice};
-    device: PathBuf,
+use crate::util::sha256;
-    secret: &[u8; 32],
+use std::borrow::Cow;
-    old_secret: Box<dyn Fn() -> Fido2LuksResult<Vec<u8>>>,
+use std::collections::HashSet;
-    exclusive: bool,
+use std::fs::File;
-) -> Fido2LuksResult<u8> {
+use std::time::SystemTime;
-    fn offer_format(
+
-        _dev: CryptDeviceOpenBuilder,
+#[derive(Debug, Eq, PartialEq, Clone)]
-    ) -> Fido2LuksResult<CryptDeviceHandle<Luks1Params>> {
+pub struct HexEncoded(pub Vec<u8>);
-        unimplemented!()
+
+impl Display for HexEncoded {
+    fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error> {
+        f.write_str(&hex::encode(&self.0))
     }
-    let dev =
-        || -> luks::device::Result<CryptDeviceOpenBuilder> { luks::open(&device.canonicalize()?) };
-
-    let prev_key = old_secret()?;
-
-    let mut handle = match dev()?.luks1() {
-        Ok(handle) => handle,
-        Err(luks::device::Error::BlkidError(_)) => offer_format(dev()?)?,
-        Err(luks::device::Error::CryptsetupError(errno)) => {
-            //if i32::from(errno) == 555
-            dbg!(errno);
-            offer_format(dev()?)?
-        } //TODO: find correct errorno and offer to format as luks
-        err => err?,
-    };
-    handle.set_iteration_time(50);
-    let slot = handle.add_keyslot(secret, Some(prev_key.as_slice()), None)?;
-    if exclusive {
-        for old_slot in 0..8u8 {
-            if old_slot != slot
-                && (handle.keyslot_status(old_slot.into()) == crypt_keyslot_info::CRYPT_SLOT_ACTIVE
-                    || handle.keyslot_status(old_slot.into())
-                        == crypt_keyslot_info::CRYPT_SLOT_ACTIVE_LAST)
-            {
-                handle.destroy_keyslot(old_slot)?;
-            }
-        }
-    }
-    Ok(slot)
 }
 
-pub fn add_password_to_luks(
+impl AsRef<[u8]> for HexEncoded {
-    device: PathBuf,
+    fn as_ref(&self) -> &[u8] {
-    secret: &[u8; 32],
+        &self.0[..]
-    new_secret: Box<dyn Fn() -> Fido2LuksResult<Vec<u8>>>,
+    }
-    add_password: bool,
+}
-) -> Fido2LuksResult<u8> {
+
-    let dev = luks::open(&device.canonicalize()?)?;
+impl FromStr for HexEncoded {
-    let mut handle = dev.luks1()?;
+    type Err = hex::FromHexError;
-    let prev_slot = if add_password {
+
-        Some(handle.add_keyslot(&secret[..], Some(&secret[..]), None)?)
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
-    } else {
+        Ok(HexEncoded(hex::decode(s)?))
-        None
+    }
-    };
+}
-    let slot = handle.update_keyslot(&new_secret()?[..], &secret[..], prev_slot)?;
+
-    Ok(slot)
+#[derive(Debug, Eq, PartialEq, Clone)]
+pub struct CommaSeparated<T: FromStr + Display>(pub Vec<T>);
+
+impl<T: Display + FromStr> Display for CommaSeparated<T> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error> {
+        for i in &self.0 {
+            f.write_str(&i.to_string())?;
+            f.write_str(",")?;
+        }
+        Ok(())
+    }
+}
+
+impl<T: Display + FromStr> FromStr for CommaSeparated<T> {
+    type Err = <T as FromStr>::Err;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        Ok(CommaSeparated(
+            s.split(',')
+                .map(|part| <T as FromStr>::from_str(part))
+                .collect::<Result<Vec<_>, _>>()?,
+        ))
+    }
 }
 
 #[derive(Debug, StructOpt)]
-pub struct Args {
+pub struct Credentials {
-    /// Request passwords via Stdin instead of using the password helper
+    /// FIDO credential ids, separated by ',' generate using fido2luks credential
-    #[structopt(short = "i", long = "interactive")]
+    #[structopt(name = "credential-id", env = "FIDO2LUKS_CREDENTIAL_ID")]
-    pub interactive: bool,
+    pub ids: CommaSeparated<HexEncoded>,
-    #[structopt(subcommand)]
+}
-    pub command: Command,
+
+#[derive(Debug, StructOpt)]
+pub struct AuthenticatorParameters {
+    /// Request a PIN to unlock the authenticator
+    #[structopt(short = "P", long = "pin")]
+    pub pin: bool,
+
+    /// Location to read PIN from
+    #[structopt(long = "pin-source", env = "FIDO2LUKS_PIN_SOURCE")]
+    pub pin_source: Option<PathBuf>,
+
+    /// Await for an authenticator to be connected, timeout after n seconds
+    #[structopt(
+        long = "await-dev",
+        name = "await-dev",
+        env = "FIDO2LUKS_DEVICE_AWAIT",
+        default_value = "15"
+    )]
+    pub await_time: u64,
+}
+
+impl AuthenticatorParameters {
+    fn read_pin(&self) -> Fido2LuksResult<String> {
+        if let Some(src) = self.pin_source.as_ref() {
+            let mut pin = String::new();
+            File::open(src)?.read_to_string(&mut pin)?;
+            Ok(pin)
+        } else {
+            util::read_password("Authenticator PIN", false)
+        }
+    }
+}
+
+#[derive(Debug, StructOpt)]
+pub struct LuksParameters {
+    #[structopt(env = "FIDO2LUKS_DEVICE")]
+    device: PathBuf,
+
+    /// Try to unlock the device using a specifc keyslot, ignore all other slots
+    #[structopt(long = "slot", env = "FIDO2LUKS_DEVICE_SLOT")]
+    slot: Option<u32>,
 }
 
 #[derive(Debug, StructOpt, Clone)]
-pub struct SecretGeneration {
+pub struct LuksModParameters {
-    /// FIDO credential id, generate using fido2luks credential
+    /// Number of milliseconds required to derive the volume decryption key
-    #[structopt(name = "credential-id", env = "FIDO2LUKS_CREDENTIAL_ID")]
+    /// Defaults to 10ms when using an authenticator or the default by cryptsetup when using a password
-    pub credential_id: String,
+    #[structopt(long = "kdf-time", name = "kdf-time")]
+    kdf_time: Option<u64>,
+}
+
+#[derive(Debug, StructOpt)]
+pub struct SecretParameters {
     /// Salt for secret generation, defaults to 'ask'
     ///
     /// Options:{n}
-    ///  - ask              : Promt user using password helper{n}
+    ///  - ask              : Prompt user using password helper{n}
     ///  - file:<PATH>      : Will read <FILE>{n}
     ///  - string:<STRING>  : Will use <STRING>, which will be handled like a password provided to the 'ask' option{n}
     #[structopt(
@@ -106,22 +147,60 @@ pub struct SecretGeneration {
     pub password_helper: PasswordHelper,
 }
 
-impl SecretGeneration {
+fn derive_secret(
-    pub fn patch(&self, args: &Args) -> Self {
+    credentials: &[HexEncoded],
-        let mut me = self.clone();
+    salt: &[u8; 32],
-        if args.interactive {
+    timeout: u64,
-            me.password_helper = PasswordHelper::Stdin;
+    pin: Option<&str>,
+) -> Fido2LuksResult<([u8; 32], FidoCredential)> {
+    let timeout = Duration::from_secs(timeout);
+    let start = SystemTime::now();
+
+    while let Ok(el) = start.elapsed() {
+        if el > timeout {
+            return Err(error::Fido2LuksError::NoAuthenticatorError);
         }
-        me
+        if get_devices()
+            .map(|devices| !devices.is_empty())
+            .unwrap_or(false)
+        {
+            break;
+        }
+        thread::sleep(Duration::from_millis(500));
     }
 
-    pub fn obtain_secret(&self) -> Fido2LuksResult<[u8; 32]> {
+    let credentials = credentials
-        let salt = self.salt.obtain(&self.password_helper)?;
+        .iter()
-        Ok(assemble_secret(
+        .map(|hex| FidoCredential {
-            &perform_challenge(&self.credential_id, &salt)?,
+            id: hex.0.clone(),
-            &salt,
+            public_key: None,
-        ))
+        })
-    }
+        .collect::<Vec<_>>();
+    let credentials = credentials.iter().collect::<Vec<_>>();
+    let (unsalted, cred) =
+        perform_challenge(&credentials, salt, timeout - start.elapsed().unwrap(), pin)?;
+
+    Ok((sha256(&[salt, &unsalted[..]]), cred.clone()))
+}
+
+#[derive(Debug, StructOpt)]
+pub struct Args {
+    /// Request passwords via Stdin instead of using the password helper
+    #[structopt(short = "i", long = "interactive")]
+    pub interactive: bool,
+    #[structopt(subcommand)]
+    pub command: Command,
+}
+
+#[derive(Debug, StructOpt, Clone)]
+pub struct OtherSecret {
+    /// Use a keyfile instead of a password
+    #[structopt(short = "d", long = "keyfile", conflicts_with = "fido_device")]
+    keyfile: Option<PathBuf>,
+    /// Use another fido device instead of a password
+    /// Note: this requires for the credential fot the other device to be passed as argument as well
+    #[structopt(short = "f", long = "fido-device", conflicts_with = "keyfile")]
+    fido_device: bool,
 }
 
 #[derive(Debug, StructOpt)]
@@ -132,52 +211,91 @@ pub enum Command {
         #[structopt(short = "b", long = "bin")]
         binary: bool,
         #[structopt(flatten)]
-        secret_gen: SecretGeneration,
+        credentials: Credentials,
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
+        #[structopt(flatten)]
+        secret: SecretParameters,
     },
     /// Adds a generated key to the specified LUKS device
     #[structopt(name = "add-key")]
     AddKey {
-        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        #[structopt(flatten)]
-        device: PathBuf,
+        luks: LuksParameters,
+        #[structopt(flatten)]
+        credentials: Credentials,
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
+        #[structopt(flatten)]
+        secret: SecretParameters,
         /// Will wipe all other keys
         #[structopt(short = "e", long = "exclusive")]
         exclusive: bool,
-        /// Use a keyfile instead of a password
+        /// Will add an token to your LUKS 2 header, including the credential id
-        #[structopt(short = "d", long = "keyfile")]
+        #[structopt(short = "t", long = "token")]
-        keyfile: Option<PathBuf>,
+        token: bool,
         #[structopt(flatten)]
-        secret_gen: SecretGeneration,
+        existing_secret: OtherSecret,
+        #[structopt(flatten)]
+        luks_mod: LuksModParameters,
     },
-
     /// Replace a previously added key with a password
     #[structopt(name = "replace-key")]
     ReplaceKey {
-        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        #[structopt(flatten)]
-        device: PathBuf,
+        luks: LuksParameters,
+        #[structopt(flatten)]
+        credentials: Credentials,
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
+        #[structopt(flatten)]
+        secret: SecretParameters,
         /// Add the password and keep the key
         #[structopt(short = "a", long = "add-password")]
         add_password: bool,
-        /// Use a keyfile instead of a password
+        /// Will add an token to your LUKS 2 header, including the credential id
-        #[structopt(short = "d", long = "keyfile")]
+        #[structopt(short = "t", long = "token")]
-        keyfile: Option<PathBuf>,
+        token: bool,
         #[structopt(flatten)]
-        secret_gen: SecretGeneration,
+        replacement: OtherSecret,
+        #[structopt(flatten)]
+        luks_mod: LuksModParameters,
     },
     /// Open the LUKS device
     #[structopt(name = "open")]
     Open {
-        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        #[structopt(flatten)]
-        device: PathBuf,
+        luks: LuksParameters,
         #[structopt(env = "FIDO2LUKS_MAPPER_NAME")]
         name: String,
+        #[structopt(flatten)]
+        credentials: Credentials,
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
+        #[structopt(flatten)]
+        secret: SecretParameters,
         #[structopt(short = "r", long = "max-retries", default_value = "0")]
         retries: i32,
+    },
+    /// Open the LUKS device using credentials embedded in the LUKS 2 header
+    #[structopt(name = "open-token")]
+    OpenToken {
         #[structopt(flatten)]
-        secret_gen: SecretGeneration,
+        luks: LuksParameters,
+        #[structopt(env = "FIDO2LUKS_MAPPER_NAME")]
+        name: String,
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
+        #[structopt(flatten)]
+        secret: SecretParameters,
+        #[structopt(short = "r", long = "max-retries", default_value = "0")]
+        retries: i32,
     },
     /// Generate a new FIDO credential
     #[structopt(name = "credential")]
     Credential {
+        #[structopt(flatten)]
+        authenticator: AuthenticatorParameters,
         /// Name to be displayed on the authenticator if it has a display
         #[structopt(env = "FIDO2LUKS_CREDENTIAL_NAME")]
         name: Option<String>,
@@ -185,6 +303,53 @@ pub enum Command {
     /// Check if an authenticator is connected
     #[structopt(name = "connected")]
     Connected,
+    Token(TokenCommand),
+    /// Generate bash completion scripts
+    #[structopt(name = "completions", setting = AppSettings::Hidden)]
+    GenerateCompletions {
+        /// Shell to generate completions for: bash, fish
+        #[structopt(possible_values = &["bash", "fish"])]
+        shell: String,
+        out_dir: PathBuf,
+    },
+}
+
+///LUKS2 token related operations
+#[derive(Debug, StructOpt)]
+pub enum TokenCommand {
+    /// List all tokens associated with the specified device
+    List {
+        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        device: PathBuf,
+        /// Dump all credentials as CSV
+        #[structopt(long = "csv")]
+        csv: bool,
+    },
+    /// Add credential to a keyslot
+    Add {
+        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        device: PathBuf,
+        #[structopt(flatten)]
+        credentials: Credentials,
+        /// Slot to which the credentials will be added
+        #[structopt(long = "slot", env = "FIDO2LUKS_DEVICE_SLOT")]
+        slot: u32,
+    },
+    /// Remove credentials from token(s)
+    Remove {
+        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        device: PathBuf,
+        #[structopt(flatten)]
+        credentials: Credentials,
+        /// Token from which the credentials will be removed
+        #[structopt(long = "token")]
+        token_id: Option<u32>,
+    },
+    /// Remove all unassigned tokens
+    GC {
+        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        device: PathBuf,
+    },
 }
 
 pub fn parse_cmdline() -> Args {
@@ -194,95 +359,247 @@ pub fn parse_cmdline() -> Args {
 pub fn run_cli() -> Fido2LuksResult<()> {
     let mut stdout = io::stdout();
     let args = parse_cmdline();
+    let interactive = args.interactive;
     match &args.command {
-        Command::Credential { name } => {
+        Command::Credential {
-            let cred = make_credential_id(name.as_ref().map(|n| n.as_ref()))?;
+            authenticator,
+            name,
+        } => {
+            let pin_string;
+            let pin = if authenticator.pin {
+                pin_string = authenticator.read_pin()?;
+                Some(pin_string.as_ref())
+            } else {
+                None
+            };
+            let cred = make_credential_id(name.as_ref().map(|n| n.as_ref()), pin)?;
             println!("{}", hex::encode(&cred.id));
             Ok(())
         }
         Command::PrintSecret {
             binary,
-            ref secret_gen,
+            authenticator,
+            credentials,
+            secret,
         } => {
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            let pin_string;
-            if *binary {
+            let pin = if authenticator.pin {
-                stdout.write(&secret[..])?;
+                pin_string = authenticator.read_pin()?;
+                Some(pin_string.as_ref())
             } else {
-                stdout.write(hex::encode(&secret[..]).as_bytes())?;
+                None
+            };
+            let salt = if interactive || secret.password_helper == PasswordHelper::Stdin {
+                util::read_password_hashed("Password", false)
+            } else {
+                secret.salt.obtain(&secret.password_helper)
+            }?;
+            let (secret, _cred) = derive_secret(
+                credentials.ids.0.as_slice(),
+                &salt,
+                authenticator.await_time,
+                pin,
+            )?;
+            if *binary {
+                stdout.write_all(&secret[..])?;
+            } else {
+                stdout.write_all(hex::encode(&secret[..]).as_bytes())?;
             }
             Ok(stdout.flush()?)
         }
         Command::AddKey {
-            device,
+            luks,
-            exclusive,
+            authenticator,
-            keyfile,
+            credentials,
-            ref secret_gen,
+            secret,
-        } => {
+            luks_mod,
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            existing_secret: other_secret,
-            let slot = add_key_to_luks(
+            token,
-                device.clone(),
+            ..
-                &secret,
-                if let Some(keyfile) = keyfile.clone() {
-                    Box::new(move || util::read_keyfile(keyfile.clone()))
-                } else {
-                    Box::new(|| {
-                        util::read_password("Old password", true).map(|p| p.as_bytes().to_vec())
-                    })
-                },
-                *exclusive,
-            )?;
-            println!(
-                "Added to key to device {}, slot: {}",
-                device.display(),
-                slot
-            );
-            Ok(())
         }
-        Command::ReplaceKey {
+        | Command::ReplaceKey {
-            device,
+            luks,
-            add_password,
+            authenticator,
-            keyfile,
+            credentials,
-            ref secret_gen,
+            secret,
+            luks_mod,
+            replacement: other_secret,
+            token,
+            ..
         } => {
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            let pin = if authenticator.pin {
-            let slot = add_password_to_luks(
+                Some(authenticator.read_pin()?)
-                device.clone(),
+            } else {
-                &secret,
+                None
-                if let Some(keyfile) = keyfile.clone() {
+            };
-                    Box::new(move || util::read_keyfile(keyfile.clone()))
+            let salt = |q: &str, verify: bool| -> Fido2LuksResult<[u8; 32]> {
+                if interactive || secret.password_helper == PasswordHelper::Stdin {
+                    util::read_password_hashed(q, verify)
                 } else {
-                    Box::new(|| {
+                    secret.salt.obtain(&secret.password_helper)
-                        util::read_password("Password to add", true).map(|p| p.as_bytes().to_vec())
+                }
-                    })
+            };
-                },
+            let other_secret = |salt_q: &str,
-                *add_password,
+                                verify: bool|
-            )?;
+             -> Fido2LuksResult<(Vec<u8>, Option<FidoCredential>)> {
-            println!(
+                match other_secret {
-                "Added to password to device {}, slot: {}",
+                    OtherSecret {
-                device.display(),
+                        keyfile: Some(file),
-                slot
+                        ..
-            );
+                    } => Ok((util::read_keyfile(file)?, None)),
-            Ok(())
+                    OtherSecret {
+                        fido_device: true, ..
+                    } => Ok(derive_secret(
+                        &credentials.ids.0,
+                        &salt(salt_q, verify)?,
+                        authenticator.await_time,
+                        pin.as_deref(),
+                    )
+                    .map(|(secret, cred)| (secret[..].to_vec(), Some(cred)))?),
+                    _ => Ok((
+                        util::read_password(salt_q, verify)?.as_bytes().to_vec(),
+                        None,
+                    )),
+                }
+            };
+            let secret = |verify: bool| -> Fido2LuksResult<([u8; 32], FidoCredential)> {
+                derive_secret(
+                    &credentials.ids.0,
+                    &salt("Password", verify)?,
+                    authenticator.await_time,
+                    pin.as_deref(),
+                )
+            };
+            let mut luks_dev = LuksDevice::load(&luks.device)?;
+            // Non overlap
+            match &args.command {
+                Command::AddKey { exclusive, .. } => {
+                    let (existing_secret, _) = other_secret("Current password", false)?;
+                    let (new_secret, cred) = secret(true)?;
+                    let added_slot = luks_dev.add_key(
+                        &new_secret,
+                        &existing_secret[..],
+                        luks_mod.kdf_time.or(Some(10)),
+                        Some(&cred.id[..]).filter(|_| *token),
+                    )?;
+                    if *exclusive {
+                        let destroyed = luks_dev.remove_keyslots(&[added_slot])?;
+                        println!(
+                            "Added to key to device {}, slot: {}\nRemoved {} old keys",
+                            luks.device.display(),
+                            added_slot,
+                            destroyed
+                        );
+                    } else {
+                        println!(
+                            "Added to key to device {}, slot: {}",
+                            luks.device.display(),
+                            added_slot
+                        );
+                    }
+                    Ok(())
+                }
+                Command::ReplaceKey { add_password, .. } => {
+                    let (existing_secret, _) = secret(false)?;
+                    let (replacement_secret, cred) = other_secret("Replacement password", true)?;
+                    let slot = if *add_password {
+                        luks_dev.add_key(
+                            &replacement_secret[..],
+                            &existing_secret,
+                            luks_mod.kdf_time,
+                            cred.as_ref().filter(|_| *token).map(|cred| &cred.id[..]),
+                        )
+                    } else {
+                        luks_dev.replace_key(
+                            &replacement_secret[..],
+                            &existing_secret,
+                            luks_mod.kdf_time,
+                            cred.as_ref().filter(|_| *token).map(|cred| &cred.id[..]),
+                        )
+                    }?;
+                    println!(
+                        "Added to password to device {}, slot: {}",
+                        luks.device.display(),
+                        slot
+                    );
+                    Ok(())
+                }
+                _ => unreachable!(),
+            }
         }
         Command::Open {
-            device,
+            luks,
+            authenticator,
+            secret,
+            name,
+            retries,
+            ..
+        }
+        | Command::OpenToken {
+            luks,
+            authenticator,
+            secret,
             name,
             retries,
-            ref secret_gen,
         } => {
+            let pin_string;
+            let pin = if authenticator.pin {
+                pin_string = authenticator.read_pin()?;
+                Some(pin_string.as_ref())
+            } else {
+                None
+            };
+            let salt = |q: &str, verify: bool| -> Fido2LuksResult<[u8; 32]> {
+                if interactive || secret.password_helper == PasswordHelper::Stdin {
+                    util::read_password_hashed(q, verify)
+                } else {
+                    secret.salt.obtain(&secret.password_helper)
+                }
+            };
+
+            // Cow shouldn't be necessary
+            let secret = |credentials: Cow<'_, Vec<HexEncoded>>| {
+                derive_secret(
+                    credentials.as_ref(),
+                    &salt("Password", false)?,
+                    authenticator.await_time,
+                    pin,
+                )
+            };
+
             let mut retries = *retries;
+            let mut luks_dev = LuksDevice::load(&luks.device)?;
             loop {
-                let secret = secret_gen.patch(&args).obtain_secret()?;
+                let secret = match &args.command {
-                match open_container(&device, &name, &secret) {
+                    Command::Open { credentials, .. } => secret(Cow::Borrowed(&credentials.ids.0))
-                    Err(e) => match e {
+                        .and_then(|(secret, _cred)| luks_dev.activate(&name, &secret, luks.slot)),
-                        Fido2LuksError::WrongSecret if retries > 0 => {
+                    Command::OpenToken { .. } => luks_dev.activate_token(
-                            retries -= 1;
+                        &name,
-                            eprintln!("{}", e);
+                        Box::new(|credentials: Vec<String>| {
-                            continue;
+                            let creds = credentials
+                                .into_iter()
+                                .flat_map(|cred| HexEncoded::from_str(cred.as_ref()).ok())
+                                .collect::<Vec<_>>();
+                            secret(Cow::Owned(creds))
+                                .map(|(secret, cred)| (secret, hex::encode(&cred.id)))
+                        }),
+                        luks.slot,
+                    ),
+                    _ => unreachable!(),
+                };
+                match secret {
+                    Err(e) => {
+                        match e {
+                            Fido2LuksError::WrongSecret if retries > 0 => {}
+                            Fido2LuksError::AuthenticatorError { ref cause }
+                                if cause.kind() == FidoErrorKind::Timeout && retries > 0 => {}
+
+                            e => return Err(e),
                         }
-                        e => Err(e)?,
+                        retries -= 1;
-                    },
+                        eprintln!("{}", e);
-                    res => break res,
+                    }
+                    res => break res.map(|_| ()),
                 }
             }
         }
@@ -293,5 +610,141 @@ pub fn run_cli() -> Fido2LuksResult<()> {
             }
             _ => exit(1),
         },
+        Command::Token(cmd) => match cmd {
+            TokenCommand::List {
+                device,
+                csv: dump_credentials,
+            } => {
+                let mut dev = LuksDevice::load(device)?;
+                let mut creds = Vec::new();
+                for token in dev.tokens()? {
+                    let (id, token) = token?;
+                    for cred in token.credential.iter() {
+                        if !creds.contains(cred) {
+                            creds.push(cred.clone());
+                            if *dump_credentials {
+                                print!("{}{}", if creds.len() == 1 { "" } else { "," }, cred);
+                            }
+                        }
+                    }
+                    if *dump_credentials {
+                        continue;
+                    }
+                    println!(
+                        "{}:\n\tSlots: {}\n\tCredentials: {}",
+                        id,
+                        if token.keyslots.is_empty() {
+                            "None".into()
+                        } else {
+                            token.keyslots.iter().cloned().collect::<Vec<_>>().join(",")
+                        },
+                        token
+                            .credential
+                            .iter()
+                            .map(|cred| format!(
+                                "{} ({})",
+                                cred,
+                                creds.iter().position(|c| c == cred).unwrap().to_string()
+                            ))
+                            .collect::<Vec<_>>()
+                            .join(",")
+                    );
+                }
+                if *dump_credentials {
+                    println!();
+                }
+                Ok(())
+            }
+            TokenCommand::Add {
+                device,
+                credentials,
+                slot,
+            } => {
+                let mut dev = LuksDevice::load(device)?;
+                let mut tokens = Vec::new();
+                for token in dev.tokens()? {
+                    let (id, token) = token?;
+                    if token.keyslots.contains(&slot.to_string()) {
+                        tokens.push((id, token));
+                    }
+                }
+                let count = if tokens.is_empty() {
+                    dev.add_token(&Fido2LuksToken::with_credentials(&credentials.ids.0, *slot))?;
+                    1
+                } else {
+                    tokens.len()
+                };
+                for (id, mut token) in tokens {
+                    token
+                        .credential
+                        .extend(credentials.ids.0.iter().map(|h| h.to_string()));
+                    dev.update_token(id, &token)?;
+                }
+                println!("Updated {} tokens", count);
+                Ok(())
+            }
+            TokenCommand::Remove {
+                device,
+                credentials,
+                token_id,
+            } => {
+                let mut dev = LuksDevice::load(device)?;
+                let mut tokens = Vec::new();
+                for token in dev.tokens()? {
+                    let (id, token) = token?;
+                    if let Some(token_id) = token_id {
+                        if id == *token_id {
+                            tokens.push((id, token));
+                        }
+                    } else {
+                        tokens.push((id, token));
+                    }
+                }
+                let count = tokens.len();
+                for (id, mut token) in tokens {
+                    token.credential = token
+                        .credential
+                        .into_iter()
+                        .filter(|cred| !credentials.ids.0.iter().any(|h| &h.to_string() == cred))
+                        .collect();
+                    dev.update_token(id, &token)?;
+                }
+                println!("Updated {} tokens", count);
+                Ok(())
+            }
+            TokenCommand::GC { device } => {
+                let mut dev = LuksDevice::load(device)?;
+                let mut creds: HashSet<String> = HashSet::new();
+                let mut remove = Vec::new();
+                for token in dev.tokens()? {
+                    let (id, token) = token?;
+                    if token.keyslots.is_empty() || token.credential.is_empty() {
+                        creds.extend(token.credential);
+                        remove.push(id);
+                    }
+                }
+                for id in remove.iter().rev() {
+                    dev.remove_token(*id)?;
+                }
+                println!(
+                    "Removed {} tokens, affected credentials: {}",
+                    remove.len(),
+                    creds.into_iter().collect::<Vec<_>>().join(",")
+                );
+                Ok(())
+            }
+        },
+        Command::GenerateCompletions { shell, out_dir } => {
+            Args::clap().gen_completions(
+                env!("CARGO_PKG_NAME"),
+                match shell.as_ref() {
+                    "bash" => Shell::Bash,
+                    "fish" => Shell::Fish,
+                    _ => unreachable!("structopt shouldn't allow us to reach this point"),
+                },
+                &out_dir,
+            );
+            Ok(())
+        }
     }
 }

src/config.rs

@@ -24,7 +24,7 @@ impl Default for InputSalt {
 
 impl From<&str> for InputSalt {
     fn from(s: &str) -> Self {
-        let mut parts = s.split(":").into_iter();
+        let mut parts = s.split(':');
         match parts.next() {
             Some("ask") | Some("Ask") => InputSalt::AskPassword,
             Some("file") => InputSalt::File {
@@ -84,9 +84,10 @@ impl InputSalt {
     }
 }
 
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, PartialEq, Eq)]
 pub enum PasswordHelper {
     Script(String),
+    #[allow(dead_code)]
     Systemd,
     Stdin,
 }
@@ -134,10 +135,9 @@ impl PasswordHelper {
             Systemd => unimplemented!(),
             Stdin => Ok(util::read_password("Password", true)?),
             Script(password_helper) => {
-                let mut helper_parts = password_helper.split(" ");
+                let password = Command::new("sh")
-
+                    .arg("-c")
-                let password = Command::new((&mut helper_parts).next().unwrap())
+                    .arg(&password_helper)
-                    .args(helper_parts)
                     .output()
                     .map_err(|e| Fido2LuksError::AskPassError {
                         cause: error::AskPassError::IO(e),

src/device.rs

@@ -1,91 +1,61 @@
 use crate::error::*;
-use crate::util::sha256;
 
+use crate::util;
 use ctap::{
-    self,
+    self, extensions::hmac::HmacExtension, request_multiple_devices, FidoAssertionRequestBuilder,
-    extensions::hmac::{FidoHmacCredential, HmacExtension},
+    FidoCredential, FidoCredentialRequestBuilder, FidoDevice, FidoError, FidoErrorKind,
-    AuthenticatorOptions, FidoDevice, FidoError, FidoErrorKind, PublicKeyCredentialRpEntity,
-    PublicKeyCredentialUserEntity,
 };
+use std::time::Duration;
 
-const RP_ID: &'static str = "fido2luks";
+const RP_ID: &str = "fido2luks";
 
-fn authenticator_options() -> Option<AuthenticatorOptions> {
+pub fn make_credential_id(
-    Some(AuthenticatorOptions {
+    name: Option<&str>,
-        uv: false, //TODO: should get this from config
+    pin: Option<&str>,
-        rk: true,
+) -> Fido2LuksResult<FidoCredential> {
-    })
+    let mut request = FidoCredentialRequestBuilder::default().rp_id(RP_ID);
-}
+    if let Some(user_name) = name {
-
+        request = request.user_name(user_name);
-fn authenticator_rp() -> PublicKeyCredentialRpEntity<'static> {
-    PublicKeyCredentialRpEntity {
-        id: RP_ID,
-        name: None,
-        icon: None,
     }
-}
+    let request = request.build().unwrap();
-
+    let make_credential = |device: &mut FidoDevice| {
-fn authenticator_user(name: Option<&str>) -> PublicKeyCredentialUserEntity {
+        if let Some(pin) = pin {
-    PublicKeyCredentialUserEntity {
+            device.unlock(pin)?;
-        id: &[0u8],
-        name: name.unwrap_or(""),
-        icon: None,
-        display_name: name,
-    }
-}
-
-pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoHmacCredential> {
-    let mut errs = Vec::new();
-    match get_devices()? {
-        ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
-        devs => {
-            for mut dev in devs.into_iter() {
-                match dev
-                    .make_hmac_credential_full(
-                        authenticator_rp(),
-                        authenticator_user(name),
-                        &[0u8; 32],
-                        &[],
-                        authenticator_options(),
-                    )
-                    .map(|cred| cred.into())
-                {
-                    //TODO: make credentials device specific
-                    Ok(cred) => {
-                        return Ok(cred);
-                    }
-                    Err(e) => {
-                        errs.push(e);
-                    }
-                }
-            }
         }
-    }
+        device.make_hmac_credential(&request)
-    Err(errs.pop().ok_or(Fido2LuksError::NoAuthenticatorError)?)?
-}
-
-pub fn perform_challenge(credential_id: &str, salt: &[u8; 32]) -> Fido2LuksResult<[u8; 32]> {
-    let cred = FidoHmacCredential {
-        id: hex::decode(credential_id).unwrap(),
-        rp_id: RP_ID.to_string(),
     };
-    let mut errs = Vec::new();
+    Ok(request_multiple_devices(
-    match get_devices()? {
+        get_devices()?
-        ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
+            .iter_mut()
-        devs => {
+            .map(|device| (device, &make_credential)),
-            for mut dev in devs.into_iter() {
+        None,
-                match dev.get_hmac_assertion(&cred, &sha256(&[&salt[..]]), None, None) {
+    )?)
-                    Ok(secret) => {
+}
-                        return Ok(secret.0);
+
-                    }
+pub fn perform_challenge<'a>(
-                    Err(e) => {
+    credentials: &'a [&'a FidoCredential],
-                        errs.push(e);
+    salt: &[u8; 32],
-                    }
+    timeout: Duration,
-                }
+    pin: Option<&str>,
-            }
+) -> Fido2LuksResult<([u8; 32], &'a FidoCredential)> {
+    let request = FidoAssertionRequestBuilder::default()
+        .rp_id(RP_ID)
+        .credentials(credentials)
+        .build()
+        .unwrap();
+    let get_assertion = |device: &mut FidoDevice| {
+        if let Some(pin) = pin {
+            device.unlock(pin)?;
         }
-    }
+        device.get_hmac_assertion(&request, &util::sha256(&[&salt[..]]), None)
-    Err(errs.pop().ok_or(Fido2LuksError::NoAuthenticatorError)?)?
+    };
+    let (credential, (secret, _)) = request_multiple_devices(
+        get_devices()?
+            .iter_mut()
+            .map(|device| (device, &get_assertion)),
+        Some(timeout),
+    )?;
+    Ok((secret, credential))
 }
 
 pub fn get_devices() -> Fido2LuksResult<Vec<FidoDevice>> {
@@ -94,7 +64,7 @@ pub fn get_devices() -> Fido2LuksResult<Vec<FidoDevice>> {
         match FidoDevice::new(&di) {
             Err(e) => match e.kind() {
                 FidoErrorKind::ParseCtap | FidoErrorKind::DeviceUnsupported => (),
-                err => Err(FidoError::from(err))?,
+                err => return Err(FidoError::from(err).into()),
             },
             Ok(dev) => devices.push(dev),
         }

src/error.rs

@@ -11,11 +11,15 @@ pub enum Fido2LuksError {
     KeyfileError { cause: io::Error },
     #[fail(display = "authenticator error: {}", cause)]
     AuthenticatorError { cause: ctap::FidoError },
-    #[fail(display = "no authenticator found, please ensure you device is plugged in")]
+    #[fail(display = "no authenticator found, please ensure your device is plugged in")]
     NoAuthenticatorError,
-    #[fail(display = "luks err")]
+    #[fail(display = " {}", cause)]
-    LuksError { cause: cryptsetup_rs::device::Error },
+    CryptsetupError {
-    #[fail(display = "no authenticator found, please ensure you device is plugged in")]
+        cause: libcryptsetup_rs::LibcryptErr,
+    },
+    #[fail(display = "{}", cause)]
+    LuksError { cause: LuksError },
+    #[fail(display = "{}", cause)]
     IoError { cause: io::Error },
     #[fail(display = "supplied secret isn't valid for this device")]
     WrongSecret,
@@ -44,6 +48,41 @@ pub enum AskPassError {
     Mismatch,
 }
 
+#[derive(Debug, Fail)]
+pub enum LuksError {
+    #[fail(display = "This feature requires to the LUKS device to be formatted as LUKS 2")]
+    Luks2Required,
+    #[fail(display = "Invalid token: {}", _0)]
+    InvalidToken(String),
+    #[fail(display = "No token found")]
+    NoToken,
+    #[fail(display = "The device already exists")]
+    DeviceExists,
+}
+
+impl LuksError {
+    pub fn activate(e: LibcryptErr) -> Fido2LuksError {
+        match e {
+            LibcryptErr::IOError(ref io) => match io.raw_os_error() {
+                Some(1) if io.kind() == ErrorKind::PermissionDenied => Fido2LuksError::WrongSecret,
+                Some(17) => Fido2LuksError::LuksError {
+                    cause: LuksError::DeviceExists,
+                },
+                _ => return Fido2LuksError::CryptsetupError { cause: e },
+            },
+            _ => Fido2LuksError::CryptsetupError { cause: e },
+        }
+    }
+}
+
+impl From<LuksError> for Fido2LuksError {
+    fn from(e: LuksError) -> Self {
+        Fido2LuksError::LuksError { cause: e }
+    }
+}
+
+use libcryptsetup_rs::LibcryptErr;
+use std::io::ErrorKind;
 use std::string::FromUtf8Error;
 use Fido2LuksError::*;
 
@@ -53,17 +92,16 @@ impl From<FidoError> for Fido2LuksError {
     }
 }
 
-impl From<cryptsetup_rs::device::Error> for Fido2LuksError {
+impl From<LibcryptErr> for Fido2LuksError {
-    fn from(e: cryptsetup_rs::device::Error) -> Self {
+    fn from(e: LibcryptErr) -> Self {
         match e {
-            cryptsetup_rs::device::Error::CryptsetupError(error_no) if error_no.0 == 1i32 => {
+            LibcryptErr::IOError(e) if e.raw_os_error().iter().any(|code| code == &1i32) => {
                 WrongSecret
             }
-            e => LuksError { cause: e },
+            _ => CryptsetupError { cause: e },
         }
     }
 }
-
 impl From<io::Error> for Fido2LuksError {
     fn from(e: io::Error) -> Self {
         IoError { cause: e }

src/luks.rs

@@ -0,0 +1,327 @@
+use crate::error::*;
+
+use libcryptsetup_rs::{
+    CryptActivateFlags, CryptDevice, CryptInit, CryptTokenInfo, EncryptionFormat, KeyslotInfo,
+    TokenInput,
+};
+use std::collections::{HashMap, HashSet};
+use std::path::Path;
+
+pub struct LuksDevice {
+    device: CryptDevice,
+    luks2: Option<bool>,
+}
+
+impl LuksDevice {
+    pub fn load<P: AsRef<Path>>(path: P) -> Fido2LuksResult<LuksDevice> {
+        let mut device = CryptInit::init(path.as_ref())?;
+        device.context_handle().load::<()>(None, None)?;
+        Ok(Self {
+            device,
+            luks2: None,
+        })
+    }
+
+    pub fn is_luks2(&mut self) -> Fido2LuksResult<bool> {
+        if let Some(luks2) = self.luks2 {
+            Ok(luks2)
+        } else {
+            self.luks2 = Some(match self.device.format_handle().get_type()? {
+                EncryptionFormat::Luks2 => true,
+                _ => false,
+            });
+            self.is_luks2()
+        }
+    }
+
+    fn require_luks2(&mut self) -> Fido2LuksResult<()> {
+        if !self.is_luks2()? {
+            return Err(LuksError::Luks2Required.into());
+        }
+        Ok(())
+    }
+
+    pub fn tokens<'a>(
+        &'a mut self,
+    ) -> Fido2LuksResult<Box<dyn Iterator<Item = Fido2LuksResult<(u32, Fido2LuksToken)>> + 'a>>
+    {
+        self.require_luks2()?;
+        Ok(Box::new(
+            (0..32)
+                .map(move |i| {
+                    let status = match self.device.token_handle().status(i) {
+                        Ok(status) => status,
+                        Err(err) => return Some(Err(Fido2LuksError::from(err))),
+                    };
+                    match status {
+                        CryptTokenInfo::Inactive => return None,
+                        CryptTokenInfo::Internal(s)
+                        | CryptTokenInfo::InternalUnknown(s)
+                        | CryptTokenInfo::ExternalUnknown(s)
+                        | CryptTokenInfo::External(s)
+                            if &s != Fido2LuksToken::default_type() =>
+                        {
+                            return None
+                        }
+                        _ => (),
+                    };
+                    let json = match self.device.token_handle().json_get(i) {
+                        Ok(json) => json,
+                        Err(err) => return Some(Err(Fido2LuksError::from(err))),
+                    };
+                    let info: Fido2LuksToken =
+                        match serde_json::from_value(json.clone()).map_err(|_| {
+                            Fido2LuksError::LuksError {
+                                cause: LuksError::InvalidToken(json.to_string()),
+                            }
+                        }) {
+                            Ok(info) => info,
+                            Err(err) => return Some(Err(Fido2LuksError::from(err))),
+                        };
+                    Some(Ok((i, info)))
+                })
+                .filter_map(|o| o),
+        ))
+    }
+
+    pub fn find_token(&mut self, slot: u32) -> Fido2LuksResult<Option<(u32, Fido2LuksToken)>> {
+        let slot_str = slot.to_string();
+        for token in self.tokens()? {
+            let (id, token) = token?;
+            if token.keyslots.contains(&slot_str) {
+                return Ok(Some((id, token)));
+            }
+        }
+        Ok(None)
+    }
+
+    pub fn add_token(&mut self, data: &Fido2LuksToken) -> Fido2LuksResult<()> {
+        self.require_luks2()?;
+        self.device
+            .token_handle()
+            .json_set(TokenInput::AddToken(&serde_json::to_value(&data).unwrap()))?;
+        Ok(())
+    }
+
+    pub fn remove_token(&mut self, token: u32) -> Fido2LuksResult<()> {
+        self.require_luks2()?;
+        self.device
+            .token_handle()
+            .json_set(TokenInput::RemoveToken(token))?;
+        Ok(())
+    }
+
+    pub fn update_token(&mut self, token: u32, data: &Fido2LuksToken) -> Fido2LuksResult<()> {
+        self.require_luks2()?;
+        self.device
+            .token_handle()
+            .json_set(TokenInput::ReplaceToken(
+                token,
+                &serde_json::to_value(&data).unwrap(),
+            ))?;
+        Ok(())
+    }
+
+    pub fn add_key(
+        &mut self,
+        secret: &[u8],
+        old_secret: &[u8],
+        iteration_time: Option<u64>,
+        credential_id: Option<&[u8]>,
+    ) -> Fido2LuksResult<u32> {
+        if let Some(millis) = iteration_time {
+            self.device.settings_handle().set_iteration_time(millis)
+        }
+        let slot = self
+            .device
+            .keyslot_handle()
+            .add_by_passphrase(None, old_secret, secret)?;
+        if let Some(id) = credential_id {
+            self.device.token_handle().json_set(TokenInput::AddToken(
+                &serde_json::to_value(&Fido2LuksToken::new(id, slot)).unwrap(),
+            ))?;
+        }
+
+        Ok(slot)
+    }
+
+    pub fn remove_keyslots(&mut self, exclude: &[u32]) -> Fido2LuksResult<u32> {
+        let mut destroyed = 0;
+        let mut tokens = Vec::new();
+        for slot in 0..256 {
+            match self.device.keyslot_handle().status(slot)? {
+                KeyslotInfo::Inactive => continue,
+                KeyslotInfo::Active | KeyslotInfo::ActiveLast if !exclude.contains(&slot) => {
+                    if self.is_luks2()? {
+                        if let Some((id, _token)) = self.find_token(slot)? {
+                            tokens.push(id);
+                        }
+                    }
+                    self.device.keyslot_handle().destroy(slot)?;
+                    destroyed += 1;
+                }
+                KeyslotInfo::ActiveLast => break,
+                _ => (),
+            }
+            if self.device.keyslot_handle().status(slot)? == KeyslotInfo::ActiveLast {
+                break;
+            }
+        }
+        // Ensure indices stay valid
+        tokens.sort();
+        for token in tokens.iter().rev() {
+            self.remove_token(*token)?;
+        }
+        Ok(destroyed)
+    }
+
+    pub fn replace_key(
+        &mut self,
+        secret: &[u8],
+        old_secret: &[u8],
+        iteration_time: Option<u64>,
+        credential_id: Option<&[u8]>,
+    ) -> Fido2LuksResult<u32> {
+        if let Some(millis) = iteration_time {
+            self.device.settings_handle().set_iteration_time(millis)
+        }
+        // Use activate dry-run to locate keyslot
+        let slot = self.device.activate_handle().activate_by_passphrase(
+            None,
+            None,
+            old_secret,
+            CryptActivateFlags::empty(),
+        )?;
+        self.device.keyslot_handle().change_by_passphrase(
+            Some(slot),
+            Some(slot),
+            old_secret,
+            secret,
+        )? as u32;
+        if let Some(id) = credential_id {
+            if self.is_luks2()? {
+                let token = self.find_token(slot)?.map(|(t, _)| t);
+                let json = serde_json::to_value(&Fido2LuksToken::new(id, slot)).unwrap();
+                if let Some(token) = token {
+                    self.device
+                        .token_handle()
+                        .json_set(TokenInput::ReplaceToken(token, &json))?;
+                } else {
+                    self.device
+                        .token_handle()
+                        .json_set(TokenInput::AddToken(&json))?;
+                }
+            }
+        }
+        Ok(slot)
+    }
+
+    pub fn activate(
+        &mut self,
+        name: &str,
+        secret: &[u8],
+        slot_hint: Option<u32>,
+    ) -> Fido2LuksResult<u32> {
+        self.device
+            .activate_handle()
+            .activate_by_passphrase(Some(name), slot_hint, secret, CryptActivateFlags::empty())
+            .map_err(LuksError::activate)
+    }
+
+    pub fn activate_token(
+        &mut self,
+        name: &str,
+        secret: impl Fn(Vec<String>) -> Fido2LuksResult<([u8; 32], String)>,
+        slot_hint: Option<u32>,
+    ) -> Fido2LuksResult<u32> {
+        if !self.is_luks2()? {
+            return Err(LuksError::Luks2Required.into());
+        }
+        let mut creds: HashMap<String, HashSet<u32>> = HashMap::new();
+        for token in self.tokens()? {
+            let token = match token {
+                Ok((_id, t)) => t,
+                _ => continue, // An corrupted token should't lock the user out
+            };
+            let slots = || {
+                token
+                    .keyslots
+                    .iter()
+                    .filter_map(|slot| slot.parse::<u32>().ok())
+            };
+            for cred in token.credential.iter() {
+                creds
+                    .entry(cred.clone())
+                    .or_insert_with(|| slots().collect::<HashSet<u32>>())
+                    .extend(slots());
+            }
+        }
+        if creds.is_empty() {
+            return Err(Fido2LuksError::LuksError {
+                cause: LuksError::NoToken,
+            });
+        }
+        let (secret, credential) = secret(creds.keys().cloned().collect())?;
+        let empty;
+        let slots = if let Some(slots) = creds.get(&credential) {
+            slots
+        } else {
+            empty = HashSet::new();
+            &empty
+        };
+        //Try slots associated with the credential used
+        let slots = slots.iter().cloned().map(Option::Some).chain(
+            std::iter::once(slot_hint) // Try slot hint if there is one
+                .take(slot_hint.is_some() as usize)
+                .chain(std::iter::once(None).take(slots.is_empty() as usize)), // Try all slots as last resort
+        );
+        for slot in slots {
+            match self.activate(name, &secret, slot) {
+                Err(Fido2LuksError::WrongSecret) => (),
+                res => return res,
+            }
+        }
+        Err(Fido2LuksError::WrongSecret)
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct Fido2LuksToken {
+    #[serde(rename = "type")]
+    pub type_: String,
+    pub credential: HashSet<String>,
+    pub keyslots: HashSet<String>,
+}
+
+impl Fido2LuksToken {
+    pub fn new(credential_id: impl AsRef<[u8]>, slot: u32) -> Self {
+        Self::with_credentials(std::iter::once(credential_id), slot)
+    }
+
+    pub fn with_credentials<I: IntoIterator<Item = B>, B: AsRef<[u8]>>(
+        credentials: I,
+        slot: u32,
+    ) -> Self {
+        Self {
+            credential: credentials
+                .into_iter()
+                .map(|cred| hex::encode(cred.as_ref()))
+                .collect(),
+            keyslots: vec![slot.to_string()].into_iter().collect(),
+            ..Default::default()
+        }
+    }
+    pub fn default_type() -> &'static str {
+        "fido2luks"
+    }
+}
+
+impl Default for Fido2LuksToken {
+    fn default() -> Self {
+        Self {
+            type_: Self::default_type().into(),
+            credential: HashSet::new(),
+            keyslots: HashSet::new(),
+        }
+    }
+}

src/main.rs

@@ -1,13 +1,12 @@
 #[macro_use]
 extern crate failure;
 extern crate ctap_hmac as ctap;
+#[macro_use]
+extern crate serde_derive;
 use crate::cli::*;
 use crate::config::*;
 use crate::device::*;
 use crate::error::*;
-use cryptsetup_rs as luks;
-use cryptsetup_rs::Luks1CryptDevice;
-
 use std::io;
 use std::path::PathBuf;
 use std::process::exit;
@@ -16,44 +15,15 @@ mod cli;
 mod config;
 mod device;
 mod error;
+mod luks;
 mod util;
 
-fn open_container(device: &PathBuf, name: &str, secret: &[u8; 32]) -> Fido2LuksResult<()> {
-    let mut handle = luks::open(device.canonicalize()?)?.luks1()?;
-    let _slot = handle.activate(name, &secret[..])?;
-    Ok(())
-}
-
-fn assemble_secret(hmac_result: &[u8], salt: &[u8]) -> [u8; 32] {
-    util::sha256(&[salt, hmac_result])
-}
-
 fn main() -> Fido2LuksResult<()> {
     match run_cli() {
         Err(e) => {
-            #[cfg(debug_assertions)]
             eprintln!("{:?}", e);
-            #[cfg(not(debug_assertions))]
-            eprintln!("{}", e);
             exit(e.exit_code())
         }
         _ => exit(0),
     }
 }
-
-#[cfg(test)]
-mod test {
-
-    use super::*;
-
-    #[test]
-    fn test_assemble_secret() {
-        assert_eq!(
-            assemble_secret(b"abc", b"def"),
-            [
-                46, 82, 82, 140, 142, 159, 249, 196, 227, 160, 142, 72, 151, 77, 59, 62, 180, 36,
-                33, 47, 241, 94, 17, 232, 133, 103, 247, 32, 152, 253, 43, 19
-            ]
-        )
-    }
-}

src/util.rs

@@ -4,7 +4,7 @@ use std::fs::File;
 use std::io::Read;
 use std::path::PathBuf;
 
-pub fn sha256<'a>(messages: &[&[u8]]) -> [u8; 32] {
+pub fn sha256(messages: &[&[u8]]) -> [u8; 32] {
     let mut digest = digest::Context::new(&digest::SHA256);
     for m in messages.iter() {
         digest.update(m);
@@ -23,12 +23,16 @@ pub fn read_password(q: &str, verify: bool) -> Fido2LuksResult<String> {
         {
             Err(Fido2LuksError::AskPassError {
                 cause: AskPassError::Mismatch,
-            })?
+            })
         }
         pass => Ok(pass),
     }
 }
 
+pub fn read_password_hashed(q: &str, verify: bool) -> Fido2LuksResult<[u8; 32]> {
+    read_password(q, verify).map(|pass| sha256(&[pass.as_bytes()]))
+}
+
 pub fn read_keyfile<P: Into<PathBuf>>(path: P) -> Fido2LuksResult<Vec<u8>> {
     let mut file = File::open(path.into())?;
     let mut key = Vec::new();