update libcryptsetup_rs to 0.4.0

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "fido2luks"
-version = "0.2.4"
+version = "0.2.8"
 authors = ["shimunn <shimun@shimun.net>"]
 edition = "2018"
 
@@ -14,15 +14,16 @@ categories = ["command-line-utilities"]
 license-file = "LICENSE"
 
 [dependencies]
-ctap_hmac = "0.2.1"
+ctap_hmac = { version="0.4.2", features = ["request_multiple"] }
-
-
 hex = "0.3.2"
 ring = "0.13.5"
 failure = "0.1.5"
 rpassword = "4.0.1"
 structopt = "0.3.2"
-libcryptsetup-rs = "0.2.0"
+libcryptsetup-rs = "0.4.0"
+serde_json = "1.0.51"
+serde_derive = "1.0.106"
+serde = "1.0.106"
 
 [profile.release]
 lto = true

README.md

@@ -9,7 +9,7 @@ Note: This has only been tested under Fedora 31 using a Solo Key, Trezor Model T
 ### Prerequisites
 
 ```
-dnf install cargo cryptsetup-devel -y
+dnf install clang cargo cryptsetup-devel -y
 ```
 
 ### Device

src/cli.rs

@@ -4,19 +4,21 @@ use crate::*;
 
 use structopt::StructOpt;
 
-use failure::_core::fmt::{Error, Formatter};
+use ctap::{FidoCredential, FidoErrorKind};
+use failure::_core::fmt::{Display, Error, Formatter};
 use failure::_core::str::FromStr;
 use failure::_core::time::Duration;
 use std::io::Write;
-
 use std::process::exit;
 use std::thread;
 
+use crate::util::read_password;
 use std::time::SystemTime;
-#[derive(Debug, Eq, PartialEq, Clone)]
-pub struct HexEncoded(Vec<u8>);
 
-impl std::fmt::Display for HexEncoded {
+#[derive(Debug, Eq, PartialEq, Clone)]
+pub struct HexEncoded(pub Vec<u8>);
+
+impl Display for HexEncoded {
     fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error> {
         f.write_str(&hex::encode(&self.0))
     }
@@ -30,6 +32,30 @@ impl FromStr for HexEncoded {
     }
 }
 
+#[derive(Debug, Eq, PartialEq, Clone)]
+pub struct CommaSeparated<T: FromStr + Display>(pub Vec<T>);
+
+impl<T: Display + FromStr> Display for CommaSeparated<T> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error> {
+        for i in &self.0 {
+            f.write_str(&i.to_string())?;
+            f.write_str(",")?;
+        }
+        Ok(())
+    }
+}
+
+impl<T: Display + FromStr> FromStr for CommaSeparated<T> {
+    type Err = <T as FromStr>::Err;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        Ok(CommaSeparated(
+            s.split(',')
+                .map(|part| <T as FromStr>::from_str(part))
+                .collect::<Result<Vec<_>, _>>()?,
+        ))
+    }
+}
+
 #[derive(Debug, StructOpt)]
 pub struct Args {
     /// Request passwords via Stdin instead of using the password helper
@@ -41,9 +67,9 @@ pub struct Args {
 
 #[derive(Debug, StructOpt, Clone)]
 pub struct SecretGeneration {
-    /// FIDO credential id, generate using fido2luks credential
+    /// FIDO credential ids, seperated by ',' generate using fido2luks credential
     #[structopt(name = "credential-id", env = "FIDO2LUKS_CREDENTIAL_ID")]
-    pub credential_id: HexEncoded,
+    pub credential_ids: CommaSeparated<HexEncoded>,
     /// Salt for secret generation, defaults to 'ask'
     ///
     /// Options:{n}
@@ -73,25 +99,54 @@ pub struct SecretGeneration {
         default_value = "15"
     )]
     pub await_authenticator: u64,
+
+    /// Request the password twice to ensure it being correct
+    #[structopt(
+        long = "verify-password",
+        env = "FIDO2LUKS_VERIFY_PASSWORD",
+        hidden = true
+    )]
+    pub verify_password: Option<bool>,
 }
 
 impl SecretGeneration {
-    pub fn patch(&self, args: &Args) -> Self {
+    pub fn patch(&self, args: &Args, verify_password: Option<bool>) -> Self {
         let mut me = self.clone();
         if args.interactive {
             me.password_helper = PasswordHelper::Stdin;
         }
+        me.verify_password = me.verify_password.or(verify_password);
         me
     }
 
-    pub fn obtain_secret(&self) -> Fido2LuksResult<[u8; 32]> {
+    pub fn obtain_secret(&self, password_query: &str) -> Fido2LuksResult<[u8; 32]> {
-        let salt = self.salt.obtain(&self.password_helper)?;
+        self.obtain_secret_and_credential(password_query)
+            .map(|(secret, _)| secret)
+    }
+
+    pub fn obtain_secret_and_credential(
+        &self,
+        password_query: &str,
+    ) -> Fido2LuksResult<([u8; 32], FidoCredential)> {
+        let mut salt = [0u8; 32];
+        match self.password_helper {
+            PasswordHelper::Stdin if !self.verify_password.unwrap_or(true) => {
+                salt.copy_from_slice(&util::sha256(&[&read_password(
+                    password_query,
+                    self.verify_password.unwrap_or(true),
+                )?
+                .as_bytes()[..]]));
+            }
+            _ => {
+                salt = self.salt.obtain(&self.password_helper)?;
+            }
+        }
         let timeout = Duration::from_secs(self.await_authenticator);
         let start = SystemTime::now();
 
         while let Ok(el) = start.elapsed() {
             if el > timeout {
-                Err(error::Fido2LuksError::NoAuthenticatorError)?;
+                return Err(error::Fido2LuksError::NoAuthenticatorError);
             }
             if get_devices()
                 .map(|devices| !devices.is_empty())
@@ -101,10 +156,56 @@ impl SecretGeneration {
             }
             thread::sleep(Duration::from_millis(500));
         }
-        Ok(assemble_secret(
+        let credentials = &self
-            &perform_challenge(&self.credential_id.0, &salt)?,
+            .credential_ids
-            &salt,
+            .0
-        ))
+            .iter()
+            .map(|HexEncoded(id)| FidoCredential {
+                id: id.to_vec(),
+                public_key: None,
+            })
+            .collect::<Vec<_>>();
+        let credentials = credentials.iter().collect::<Vec<_>>();
+        let (secret, credential) =
+            perform_challenge(&credentials[..], &salt, timeout - start.elapsed().unwrap())?;
+        Ok((assemble_secret(&secret, &salt), credential.clone()))
+    }
+}
+
+#[derive(Debug, StructOpt, Clone)]
+pub struct LuksSettings {
+    /// Number of milliseconds required to derive the volume decryption key
+    /// Defaults to 10ms when using an authenticator or the default by cryptsetup when using a password
+    #[structopt(long = "kdf-time", name = "kdf-time")]
+    kdf_time: Option<u64>,
+}
+
+#[derive(Debug, StructOpt, Clone)]
+pub struct OtherSecret {
+    /// Use a keyfile instead of a password
+    #[structopt(short = "d", long = "keyfile", conflicts_with = "fido_device")]
+    keyfile: Option<PathBuf>,
+    /// Use another fido device instead of a password
+    /// Note: this requires for the credential fot the other device to be passed as argument as well
+    #[structopt(short = "f", long = "fido-device", conflicts_with = "keyfile")]
+    fido_device: bool,
+}
+
+impl OtherSecret {
+    pub fn obtain(
+        &self,
+        secret_gen: &SecretGeneration,
+        verify_password: bool,
+        password_question: &str,
+    ) -> Fido2LuksResult<Vec<u8>> {
+        match &self.keyfile {
+            Some(keyfile) => util::read_keyfile(keyfile.clone()),
+            None if self.fido_device => {
+                Ok(Vec::from(&secret_gen.obtain_secret(password_question)?[..]))
+            }
+            None => util::read_password(password_question, verify_password)
+                .map(|p| p.as_bytes().to_vec()),
+        }
     }
 }
 
@@ -126,11 +227,15 @@ pub enum Command {
         /// Will wipe all other keys
         #[structopt(short = "e", long = "exclusive")]
         exclusive: bool,
-        /// Use a keyfile instead of typing a previous password
+        /// Will add an token to your LUKS 2 header, including the credential id
-        #[structopt(short = "d", long = "keyfile")]
+        #[structopt(short = "t", long = "token")]
-        keyfile: Option<PathBuf>,
+        token: bool,
+        #[structopt(flatten)]
+        existing_secret: OtherSecret,
         #[structopt(flatten)]
         secret_gen: SecretGeneration,
+        #[structopt(flatten)]
+        luks_settings: LuksSettings,
     },
     /// Replace a previously added key with a password
     #[structopt(name = "replace-key")]
@@ -140,11 +245,15 @@ pub enum Command {
         /// Add the password and keep the key
         #[structopt(short = "a", long = "add-password")]
         add_password: bool,
-        /// Use a keyfile instead of typing a previous password
+        // /// Will add an token to your LUKS 2 header, including the credential id
-        #[structopt(short = "d", long = "keyfile")]
+        // #[structopt(short = "t", long = "token")]
-        keyfile: Option<PathBuf>,
+        //  token: bool,
+        #[structopt(flatten)]
+        replacement: OtherSecret,
         #[structopt(flatten)]
         secret_gen: SecretGeneration,
+        #[structopt(flatten)]
+        luks_settings: LuksSettings,
     },
     /// Open the LUKS device
     #[structopt(name = "open")]
@@ -158,6 +267,15 @@ pub enum Command {
         #[structopt(flatten)]
         secret_gen: SecretGeneration,
     },
+    /// Open the LUKS device using information embedded into the LUKS 2 header
+    #[structopt(name = "open-token")]
+    OpenToken {
+        #[structopt(env = "FIDO2LUKS_DEVICE")]
+        device: PathBuf,
+        #[structopt(env = "FIDO2LUKS_MAPPER_NAME")]
+        name: String,
+        salt: String,
+    },
     /// Generate a new FIDO credential
     #[structopt(name = "credential")]
     Credential {
@@ -187,27 +305,34 @@ pub fn run_cli() -> Fido2LuksResult<()> {
             binary,
             ref secret_gen,
         } => {
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            let secret = secret_gen
+                .patch(&args, Some(false))
+                .obtain_secret("Password")?;
             if *binary {
-                stdout.write(&secret[..])?;
+                stdout.write_all(&secret[..])?;
             } else {
-                stdout.write(hex::encode(&secret[..]).as_bytes())?;
+                stdout.write_all(hex::encode(&secret[..]).as_bytes())?;
             }
             Ok(stdout.flush()?)
         }
         Command::AddKey {
             device,
             exclusive,
-            keyfile,
+            token,
+            existing_secret,
             ref secret_gen,
+            luks_settings,
         } => {
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            let secret_gen = secret_gen.patch(&args, None);
-            let old_secret = if let Some(keyfile) = keyfile.clone() {
+            let old_secret = existing_secret.obtain(&secret_gen, false, "Existing password")?;
-                util::read_keyfile(keyfile.clone())
+            let (secret, credential) = secret_gen.obtain_secret_and_credential("Password")?;
-            } else {
+            let added_slot = luks::add_key(
-                util::read_password("Old password", false).map(|p| p.as_bytes().to_vec())
+                device.clone(),
-            }?;
+                &secret,
-            let added_slot = luks::add_key(device.clone(), &secret, &old_secret[..], Some(10))?;
+                &old_secret[..],
+                luks_settings.kdf_time.or(Some(10)),
+                Some(&credential.id[..]).filter(|_| *token),
+            )?;
             if *exclusive {
                 let destroyed = luks::remove_keyslots(&device, &[added_slot])?;
                 println!(
@@ -228,19 +353,30 @@ pub fn run_cli() -> Fido2LuksResult<()> {
         Command::ReplaceKey {
             device,
             add_password,
-            keyfile,
+            //token,
+            replacement,
             ref secret_gen,
+            luks_settings,
         } => {
-            let secret = secret_gen.patch(&args).obtain_secret()?;
+            let secret_gen = secret_gen.patch(&args, Some(false));
-            let new_secret = if let Some(keyfile) = keyfile.clone() {
+            let secret = secret_gen.obtain_secret("Password")?;
-                util::read_keyfile(keyfile.clone())
+            let new_secret = replacement.obtain(&secret_gen, true, "Replacement password")?;
-            } else {
-                util::read_password("Password to add", *add_password).map(|p| p.as_bytes().to_vec())
-            }?;
             let slot = if *add_password {
-                luks::add_key(device, &new_secret[..], &secret, None)
+                luks::add_key(
+                    device,
+                    &new_secret[..],
+                    &secret,
+                    luks_settings.kdf_time,
+                    None,
+                )
             } else {
-                luks::replace_key(device, &new_secret[..], &secret, Some(5))
+                luks::replace_key(
+                    device,
+                    &new_secret[..],
+                    &secret,
+                    luks_settings.kdf_time,
+                    None,
+                )
             }?;
             println!(
                 "Added to password to device {}, slot: {}",
@@ -257,20 +393,51 @@ pub fn run_cli() -> Fido2LuksResult<()> {
         } => {
             let mut retries = *retries;
             loop {
-                let secret = secret_gen.patch(&args).obtain_secret()?;
+                match secret_gen
-                match luks::open_container(&device, &name, &secret) {
+                    .patch(&args, Some(false))
-                    Err(e) => match e {
+                    .obtain_secret("Password")
-                        Fido2LuksError::WrongSecret if retries > 0 => {
+                    .and_then(|secret| luks::open_container(&device, &name, &secret))
+                {
+                    Err(e) => {
+                        match e {
+                            Fido2LuksError::WrongSecret if retries > 0 => {}
+                            Fido2LuksError::AuthenticatorError { ref cause }
+                                if cause.kind() == FidoErrorKind::Timeout && retries > 0 => {}
+
+                            e => return Err(e),
+                        }
                         retries -= 1;
                         eprintln!("{}", e);
-                            continue;
                     }
-                        e => Err(e)?,
-                    },
                     res => break res,
                 }
             }
         }
+        // TODO: utilise salt
+        Command::OpenToken {
+            device,
+            name,
+            salt: _,
+        } => luks::open_container_token(
+            device,
+            &name[..],
+            Box::new(|creds| {
+                let (secret, cred) = SecretGeneration {
+                    credential_ids: CommaSeparated(
+                        creds
+                            .iter()
+                            .map(|c| HexEncoded::from_str(&c[..]).unwrap())
+                            .collect(),
+                    ),
+                    salt: InputSalt::String("".into()),
+                    password_helper: Default::default(),
+                    await_authenticator: 100,
+                    verify_password: None,
+                }
+                .obtain_secret_and_credential("Password")?;
+                Ok((secret, hex::encode(cred.id)))
+            }),
+        ),
         Command::Connected => match get_devices() {
             Ok(ref devs) if !devs.is_empty() => {
                 println!("Found {} devices", devs.len());

src/config.rs

@@ -24,7 +24,7 @@ impl Default for InputSalt {
 
 impl From<&str> for InputSalt {
     fn from(s: &str) -> Self {
-        let mut parts = s.split(":").into_iter();
+        let mut parts = s.split(':');
         match parts.next() {
             Some("ask") | Some("Ask") => InputSalt::AskPassword,
             Some("file") => InputSalt::File {
@@ -87,6 +87,7 @@ impl InputSalt {
 #[derive(Debug, Clone)]
 pub enum PasswordHelper {
     Script(String),
+    #[allow(dead_code)]
     Systemd,
     Stdin,
 }
@@ -134,7 +135,7 @@ impl PasswordHelper {
             Systemd => unimplemented!(),
             Stdin => Ok(util::read_password("Password", true)?),
             Script(password_helper) => {
-                let mut helper_parts = password_helper.split(" ");
+                let mut helper_parts = password_helper.split(' ');
 
                 let password = Command::new((&mut helper_parts).next().unwrap())
                     .args(helper_parts)

src/device.rs

@@ -1,91 +1,49 @@
 use crate::error::*;
-use crate::util::sha256;
 
+use crate::util;
 use ctap::{
-    self,
+    self, extensions::hmac::HmacExtension, request_multiple_devices, FidoAssertionRequestBuilder,
-    extensions::hmac::{FidoHmacCredential, HmacExtension},
+    FidoCredential, FidoCredentialRequestBuilder, FidoDevice, FidoError, FidoErrorKind,
-    AuthenticatorOptions, FidoDevice, FidoError, FidoErrorKind, PublicKeyCredentialRpEntity,
-    PublicKeyCredentialUserEntity,
 };
+use std::time::Duration;
 
-const RP_ID: &'static str = "fido2luks";
+const RP_ID: &str = "fido2luks";
 
-fn authenticator_options() -> Option<AuthenticatorOptions> {
+pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoCredential> {
-    Some(AuthenticatorOptions {
+    let mut request = FidoCredentialRequestBuilder::default().rp_id(RP_ID);
-        uv: false, //TODO: should get this from config
+    if let Some(user_name) = name {
-        rk: true,
+        request = request.user_name(user_name);
-    })
+    }
+    let request = request.build().unwrap();
+    let make_credential = |device: &mut FidoDevice| device.make_hmac_credential(&request);
+    Ok(request_multiple_devices(
+        get_devices()?
+            .iter_mut()
+            .map(|device| (device, &make_credential)),
+        None,
+    )?)
 }
 
-fn authenticator_rp() -> PublicKeyCredentialRpEntity<'static> {
+pub fn perform_challenge<'a>(
-    PublicKeyCredentialRpEntity {
+    credentials: &'a [&'a FidoCredential],
-        id: RP_ID,
+    salt: &[u8; 32],
-        name: None,
+    timeout: Duration,
-        icon: None,
+) -> Fido2LuksResult<([u8; 32], &'a FidoCredential)> {
-    }
+    let request = FidoAssertionRequestBuilder::default()
-}
+        .rp_id(RP_ID)
-
+        .credentials(credentials)
-fn authenticator_user(name: Option<&str>) -> PublicKeyCredentialUserEntity {
+        .build()
-    PublicKeyCredentialUserEntity {
+        .unwrap();
-        id: &[0u8],
+    let get_assertion = |device: &mut FidoDevice| {
-        name: name.unwrap_or(""),
+        device.get_hmac_assertion(&request, &util::sha256(&[&salt[..]]), None)
-        icon: None,
-        display_name: name,
-    }
-}
-
-pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoHmacCredential> {
-    let mut errs = Vec::new();
-    match get_devices()? {
-        ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
-        devs => {
-            for mut dev in devs.into_iter() {
-                match dev
-                    .make_hmac_credential_full(
-                        authenticator_rp(),
-                        authenticator_user(name),
-                        &[0u8; 32],
-                        &[],
-                        authenticator_options(),
-                    )
-                    .map(|cred| cred.into())
-                {
-                    //TODO: make credentials device specific
-                    Ok(cred) => {
-                        return Ok(cred);
-                    }
-                    Err(e) => {
-                        errs.push(e);
-                    }
-                }
-            }
-        }
-    }
-    Err(errs.pop().ok_or(Fido2LuksError::NoAuthenticatorError)?)?
-}
-
-pub fn perform_challenge(credential_id: &[u8], salt: &[u8; 32]) -> Fido2LuksResult<[u8; 32]> {
-    let cred = FidoHmacCredential {
-        id: credential_id.to_vec(),
-        rp_id: RP_ID.to_string(),
     };
-    let mut errs = Vec::new();
+    let (credential, (secret, _)) = request_multiple_devices(
-    match get_devices()? {
+        get_devices()?
-        ref devs if devs.is_empty() => Err(Fido2LuksError::NoAuthenticatorError)?,
+            .iter_mut()
-        devs => {
+            .map(|device| (device, &get_assertion)),
-            for mut dev in devs.into_iter() {
+        Some(timeout),
-                match dev.get_hmac_assertion(&cred, &sha256(&[&salt[..]]), None, None) {
+    )?;
-                    Ok(secret) => {
+    Ok((secret, credential))
-                        return Ok(secret.0);
-                    }
-                    Err(e) => {
-                        errs.push(e);
-                    }
-                }
-            }
-        }
-    }
-    Err(errs.pop().ok_or(Fido2LuksError::NoAuthenticatorError)?)?
 }
 
 pub fn get_devices() -> Fido2LuksResult<Vec<FidoDevice>> {
@@ -94,7 +52,7 @@ pub fn get_devices() -> Fido2LuksResult<Vec<FidoDevice>> {
         match FidoDevice::new(&di) {
             Err(e) => match e.kind() {
                 FidoErrorKind::ParseCtap | FidoErrorKind::DeviceUnsupported => (),
-                err => Err(FidoError::from(err))?,
+                err => return Err(FidoError::from(err).into()),
             },
             Ok(dev) => devices.push(dev),
         }

src/error.rs

@@ -13,11 +13,13 @@ pub enum Fido2LuksError {
     AuthenticatorError { cause: ctap::FidoError },
     #[fail(display = "no authenticator found, please ensure your device is plugged in")]
     NoAuthenticatorError,
-    #[fail(display = "luks err")]
+    #[fail(display = " {}", cause)]
-    LuksError {
+    CryptsetupError {
         cause: libcryptsetup_rs::LibcryptErr,
     },
-    #[fail(display = "no authenticator found, please ensure your device is plugged in")]
+    #[fail(display = "{}", cause)]
+    LuksError { cause: LuksError },
+    #[fail(display = "{}", cause)]
     IoError { cause: io::Error },
     #[fail(display = "supplied secret isn't valid for this device")]
     WrongSecret,
@@ -46,7 +48,35 @@ pub enum AskPassError {
     Mismatch,
 }
 
+#[derive(Debug, Fail)]
+pub enum LuksError {
+    #[fail(display = "This feature requires to the LUKS device to be formatted as LUKS 2")]
+    Luks2Required,
+    #[fail(display = "Invalid token: {}", _0)]
+    InvalidToken(String),
+    #[fail(display = "No token found")]
+    NoToken,
+    #[fail(display = "The device already exists")]
+    DeviceExists,
+}
+
+impl LuksError {
+    pub fn activate(e: LibcryptErr) -> Fido2LuksError {
+        match e {
+            LibcryptErr::IOError(ref io) => match io.raw_os_error() {
+                Some(1) if io.kind() == ErrorKind::PermissionDenied => Fido2LuksError::WrongSecret,
+                Some(17) => Fido2LuksError::LuksError {
+                    cause: LuksError::DeviceExists,
+                },
+                _ => return Fido2LuksError::CryptsetupError { cause: e },
+            },
+            _ => Fido2LuksError::CryptsetupError { cause: e },
+        }
+    }
+}
+
 use libcryptsetup_rs::LibcryptErr;
+use std::io::ErrorKind;
 use std::string::FromUtf8Error;
 use Fido2LuksError::*;
 
@@ -62,7 +92,7 @@ impl From<LibcryptErr> for Fido2LuksError {
             LibcryptErr::IOError(e) if e.raw_os_error().iter().any(|code| code == &1i32) => {
                 WrongSecret
             }
-            _ => LuksError { cause: e },
+            _ => CryptsetupError { cause: e },
         }
     }
 }

src/luks.rs

@@ -1,23 +1,45 @@
 use crate::error::*;
 
-use libcryptsetup_rs::{CryptActivateFlags, CryptDevice, CryptInit, EncryptionFormat, KeyslotInfo};
+use libcryptsetup_rs::{
+    CryptActivateFlags, CryptDevice, CryptInit, CryptTokenInfo, EncryptionFormat, KeyslotInfo,
+    TokenInput,
+};
+use std::collections::{HashMap, HashSet};
 use std::path::Path;
 
 fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
     let mut device = CryptInit::init(path.as_ref())?;
-    //TODO: determine luks version some way other way than just trying
+    device.context_handle().load::<()>(None, None)?;
-    let mut load = |format| device.context_handle().load::<()>(format, None).map(|_| ());
-    vec![EncryptionFormat::Luks2, EncryptionFormat::Luks1]
-        .into_iter()
-        .fold(None, |res, format| match res {
-            Some(Ok(())) => res,
-            Some(e) => Some(e.or(load(format))),
-            None => Some(load(format)),
-        })
-        .unwrap()?;
     Ok(device)
 }
 
+fn check_luks2(device: &mut CryptDevice) -> Fido2LuksResult<()> {
+    match device.format_handle().get_type()? {
+        EncryptionFormat::Luks2 => Ok(()),
+        _ => Err(Fido2LuksError::LuksError {
+            cause: LuksError::Luks2Required,
+        }),
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+struct Fido2LuksToken {
+    #[serde(rename = "type")]
+    type_: String,
+    credential: Vec<String>,
+    keyslots: Vec<String>,
+}
+
+impl Fido2LuksToken {
+    fn new(credential_id: impl AsRef<[u8]>, slot: u32) -> Self {
+        Self {
+            type_: "fido2luks\0".into(), // Doubles as c style string
+            credential: vec![hex::encode(credential_id)],
+            keyslots: vec![slot.to_string()],
+        }
+    }
+}
+
 pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8]) -> Fido2LuksResult<()> {
     let mut device = load_device_handle(path)?;
     device
@@ -27,42 +49,157 @@ pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8]) -> Fid
         .map_err(|_e| Fido2LuksError::WrongSecret)
 }
 
+pub fn open_container_token<P: AsRef<Path>>(
+    path: P,
+    name: &str,
+    secret: Box<dyn Fn(Vec<String>) -> Fido2LuksResult<([u8; 32], String)>>,
+) -> Fido2LuksResult<()> {
+    let mut device = load_device_handle(path)?;
+    check_luks2(&mut device)?;
+
+    let mut creds = HashMap::new();
+    for i in 0..256 {
+        let status = device.token_handle().status(i)?;
+        match status {
+            CryptTokenInfo::Inactive => break,
+            CryptTokenInfo::Internal(s)
+            | CryptTokenInfo::InternalUnknown(s)
+            | CryptTokenInfo::ExternalUnknown(s)
+            | CryptTokenInfo::External(s)
+                if &s != "fido2luks" =>
+            {
+                continue
+            }
+            _ => (),
+        };
+        let json = device.token_handle().json_get(i)?;
+        let info: Fido2LuksToken =
+            serde_json::from_value(json.clone()).map_err(|_| Fido2LuksError::LuksError {
+                cause: LuksError::InvalidToken(json.to_string()),
+            })?;
+        let slots = || {
+            info.keyslots
+                .iter()
+                .filter_map(|slot| slot.parse::<u32>().ok())
+        };
+        for cred in info.credential.iter().cloned() {
+            creds
+                .entry(cred)
+                .or_insert_with(|| slots().collect::<HashSet<u32>>())
+                .extend(slots());
+        }
+    }
+    if creds.is_empty() {
+        return Err(Fido2LuksError::LuksError {
+            cause: LuksError::NoToken,
+        });
+    }
+    let (secret, credential) = secret(creds.keys().cloned().collect())?;
+    let slots = creds.get(&credential).unwrap();
+    let slots = slots
+        .iter()
+        .cloned()
+        .map(Option::Some)
+        .chain(std::iter::once(None).take(slots.is_empty() as usize));
+    for slot in slots {
+        match device
+            .activate_handle()
+            .activate_by_passphrase(Some(name), slot, &secret, CryptActivateFlags::empty())
+            .map(|_slot| ())
+            .map_err(LuksError::activate)
+        {
+            Err(Fido2LuksError::WrongSecret) => (),
+            res => return res,
+        }
+    }
+    Err(Fido2LuksError::WrongSecret)
+}
+
 pub fn add_key<P: AsRef<Path>>(
     path: P,
     secret: &[u8],
     old_secret: &[u8],
     iteration_time: Option<u64>,
+    credential_id: Option<&[u8]>,
 ) -> Fido2LuksResult<u32> {
     let mut device = load_device_handle(path)?;
-    // Set iteration time not sure wether this applies to luks2 as well
     if let Some(millis) = iteration_time {
         device.settings_handle().set_iteration_time(millis)
     }
     let slot = device
-        .keyslot_handle(None)
+        .keyslot_handle()
-        .add_by_passphrase(old_secret, secret)?;
+        .add_by_passphrase(None, old_secret, secret)?;
+    if let Some(id) = credential_id {
+        /*  if let e @ Err(_) = check_luks2(&mut device) {
+            //rollback
+            device.keyslot_handle(Some(slot)).destroy()?;
+            return e.map(|_| 0u32);
+        }*/
+        device.token_handle().json_set(TokenInput::AddToken(
+            &serde_json::to_value(&Fido2LuksToken::new(id, slot)).unwrap(),
+        ))?;
+    }
+
     Ok(slot)
 }
 
+fn find_token(
+    device: &mut CryptDevice,
+    slot: u32,
+) -> Fido2LuksResult<Option<(u32, Fido2LuksToken)>> {
+    for i in 0..256 {
+        let status = device.token_handle().status(i)?;
+        match status {
+            CryptTokenInfo::Inactive => break,
+            CryptTokenInfo::Internal(s)
+            | CryptTokenInfo::InternalUnknown(s)
+            | CryptTokenInfo::ExternalUnknown(s)
+            | CryptTokenInfo::External(s)
+                if &s != "fido2luks" =>
+            {
+                continue
+            }
+            _ => (),
+        };
+        let json = device.token_handle().json_get(i)?;
+        let info: Fido2LuksToken =
+            serde_json::from_value(json.clone()).map_err(|_| Fido2LuksError::LuksError {
+                cause: LuksError::InvalidToken(json.to_string()),
+            })?;
+        if info.keyslots.contains(&slot.to_string()) {
+            return Ok(Some((i, info)));
+        }
+    }
+    Ok(None)
+}
+
 pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksResult<u32> {
     let mut device = load_device_handle(path)?;
-    let mut handle;
     let mut destroyed = 0;
-    //TODO: detect how many keyslots there are instead of trying within a given range
+    let mut tokens = Vec::new();
-    for slot in 0..1024 {
+    for slot in 0..256 {
-        handle = device.keyslot_handle(Some(slot));
+        match device.keyslot_handle().status(slot)? {
-        match handle.status()? {
             KeyslotInfo::Inactive => continue,
-            KeyslotInfo::Active if !exclude.contains(&slot) => {
+            KeyslotInfo::Active | KeyslotInfo::ActiveLast if !exclude.contains(&slot) => {
-                handle.destroy()?;
+                if let Ok(_) = check_luks2(&mut device) {
+                    if let Some((token, _)) = dbg!(find_token(&mut device, slot))? {
+                        tokens.push(token);
+                    }
+                }
+                device.keyslot_handle().destroy(slot)?;
                 destroyed += 1;
             }
-            _ => (),
-        }
-        match handle.status()? {
             KeyslotInfo::ActiveLast => break,
             _ => (),
         }
+        if device.keyslot_handle().status(slot)? == KeyslotInfo::ActiveLast {
+            break;
+        }
+    }
+    for token in tokens.iter() {
+        device
+            .token_handle()
+            .json_set(TokenInput::RemoveToken(*token))?;
     }
     Ok(destroyed)
 }
@@ -72,13 +209,26 @@ pub fn replace_key<P: AsRef<Path>>(
     secret: &[u8],
     old_secret: &[u8],
     iteration_time: Option<u64>,
+    credential_id: Option<&[u8]>,
 ) -> Fido2LuksResult<u32> {
     let mut device = load_device_handle(path)?;
     // Set iteration time not sure wether this applies to luks2 as well
     if let Some(millis) = iteration_time {
         device.settings_handle().set_iteration_time(millis)
     }
-    Ok(device
+    let slot = device
-        .keyslot_handle(None)
+        .keyslot_handle()
-        .change_by_passphrase(None, None, old_secret, secret)? as u32)
+        .change_by_passphrase(None, None, old_secret, secret)? as u32;
+    if let Some(id) = credential_id {
+        if check_luks2(&mut device).is_ok() {
+            let token = find_token(&mut device, slot)?.map(|(t, _)| t);
+            if let Some(token) = token {
+                device.token_handle().json_set(TokenInput::ReplaceToken(
+                    token,
+                    &serde_json::to_value(&Fido2LuksToken::new(id, slot)).unwrap(),
+                ))?;
+            }
+        }
+    }
+    Ok(slot)
 }

src/main.rs

@@ -1,6 +1,8 @@
 #[macro_use]
 extern crate failure;
 extern crate ctap_hmac as ctap;
+#[macro_use]
+extern crate serde_derive;
 use crate::cli::*;
 use crate::config::*;
 use crate::device::*;

src/util.rs

@@ -4,7 +4,7 @@ use std::fs::File;
 use std::io::Read;
 use std::path::PathBuf;
 
-pub fn sha256<'a>(messages: &[&[u8]]) -> [u8; 32] {
+pub fn sha256(messages: &[&[u8]]) -> [u8; 32] {
     let mut digest = digest::Context::new(&digest::SHA256);
     for m in messages.iter() {
         digest.update(m);
@@ -23,7 +23,7 @@ pub fn read_password(q: &str, verify: bool) -> Fido2LuksResult<String> {
         {
             Err(Fido2LuksError::AskPassError {
                 cause: AskPassError::Mismatch,
-            })?
+            })
         }
         pass => Ok(pass),
     }