Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
5c0364587e
|
|||
|
9307503bdc
|
6
Cargo.lock
generated
6
Cargo.lock
generated
@@ -247,9 +247,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "ctap_hmac"
|
name = "ctap_hmac"
|
||||||
version = "0.4.1"
|
version = "0.4.2"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "6b22457233b74539c53c10658eb3effb7c3d50907276dab6b5fbd8391d2b4351"
|
checksum = "c5fec79b66e3a7bc6a7ace0f4c98f0748892b36d3c5c317fadfce0344fd185dc"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"byteorder",
|
"byteorder",
|
||||||
"cbor-codec",
|
"cbor-codec",
|
||||||
@@ -369,7 +369,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "fido2luks"
|
name = "fido2luks"
|
||||||
version = "0.2.6"
|
version = "0.2.7"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"ctap_hmac",
|
"ctap_hmac",
|
||||||
"failure",
|
"failure",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "fido2luks"
|
name = "fido2luks"
|
||||||
version = "0.2.6"
|
version = "0.2.7"
|
||||||
authors = ["shimunn <shimun@shimun.net>"]
|
authors = ["shimunn <shimun@shimun.net>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
@@ -14,7 +14,7 @@ categories = ["command-line-utilities"]
|
|||||||
license-file = "LICENSE"
|
license-file = "LICENSE"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
ctap_hmac = { version="0.4.1", features = ["request_multiple"] }
|
ctap_hmac = { version="0.4.2", features = ["request_multiple"] }
|
||||||
hex = "0.3.2"
|
hex = "0.3.2"
|
||||||
ring = "0.13.5"
|
ring = "0.13.5"
|
||||||
failure = "0.1.5"
|
failure = "0.1.5"
|
||||||
|
|||||||
15
src/cli.rs
15
src/cli.rs
@@ -138,7 +138,7 @@ impl SecretGeneration {
|
|||||||
|
|
||||||
while let Ok(el) = start.elapsed() {
|
while let Ok(el) = start.elapsed() {
|
||||||
if el > timeout {
|
if el > timeout {
|
||||||
Err(error::Fido2LuksError::NoAuthenticatorError)?;
|
return Err(error::Fido2LuksError::NoAuthenticatorError);
|
||||||
}
|
}
|
||||||
if get_devices()
|
if get_devices()
|
||||||
.map(|devices| !devices.is_empty())
|
.map(|devices| !devices.is_empty())
|
||||||
@@ -287,9 +287,9 @@ pub fn run_cli() -> Fido2LuksResult<()> {
|
|||||||
.patch(&args, Some(false))
|
.patch(&args, Some(false))
|
||||||
.obtain_secret("Password")?;
|
.obtain_secret("Password")?;
|
||||||
if *binary {
|
if *binary {
|
||||||
stdout.write(&secret[..])?;
|
stdout.write_all(&secret[..])?;
|
||||||
} else {
|
} else {
|
||||||
stdout.write(hex::encode(&secret[..]).as_bytes())?;
|
stdout.write_all(hex::encode(&secret[..]).as_bytes())?;
|
||||||
}
|
}
|
||||||
Ok(stdout.flush()?)
|
Ok(stdout.flush()?)
|
||||||
}
|
}
|
||||||
@@ -363,14 +363,11 @@ pub fn run_cli() -> Fido2LuksResult<()> {
|
|||||||
{
|
{
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
match e {
|
match e {
|
||||||
Fido2LuksError::WrongSecret if retries > 0 => (),
|
Fido2LuksError::WrongSecret if retries > 0 => {}
|
||||||
Fido2LuksError::AuthenticatorError { ref cause }
|
Fido2LuksError::AuthenticatorError { ref cause }
|
||||||
if cause.kind() == FidoErrorKind::Timeout && retries > 0 =>
|
if cause.kind() == FidoErrorKind::Timeout && retries > 0 => {}
|
||||||
{
|
|
||||||
()
|
|
||||||
}
|
|
||||||
|
|
||||||
e => break Err(e)?,
|
e => return Err(e),
|
||||||
}
|
}
|
||||||
retries -= 1;
|
retries -= 1;
|
||||||
eprintln!("{}", e);
|
eprintln!("{}", e);
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ impl Default for InputSalt {
|
|||||||
|
|
||||||
impl From<&str> for InputSalt {
|
impl From<&str> for InputSalt {
|
||||||
fn from(s: &str) -> Self {
|
fn from(s: &str) -> Self {
|
||||||
let mut parts = s.split(":").into_iter();
|
let mut parts = s.split(':');
|
||||||
match parts.next() {
|
match parts.next() {
|
||||||
Some("ask") | Some("Ask") => InputSalt::AskPassword,
|
Some("ask") | Some("Ask") => InputSalt::AskPassword,
|
||||||
Some("file") => InputSalt::File {
|
Some("file") => InputSalt::File {
|
||||||
@@ -87,6 +87,7 @@ impl InputSalt {
|
|||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone)]
|
||||||
pub enum PasswordHelper {
|
pub enum PasswordHelper {
|
||||||
Script(String),
|
Script(String),
|
||||||
|
#[allow(dead_code)]
|
||||||
Systemd,
|
Systemd,
|
||||||
Stdin,
|
Stdin,
|
||||||
}
|
}
|
||||||
@@ -134,7 +135,7 @@ impl PasswordHelper {
|
|||||||
Systemd => unimplemented!(),
|
Systemd => unimplemented!(),
|
||||||
Stdin => Ok(util::read_password("Password", true)?),
|
Stdin => Ok(util::read_password("Password", true)?),
|
||||||
Script(password_helper) => {
|
Script(password_helper) => {
|
||||||
let mut helper_parts = password_helper.split(" ");
|
let mut helper_parts = password_helper.split(' ');
|
||||||
|
|
||||||
let password = Command::new((&mut helper_parts).next().unwrap())
|
let password = Command::new((&mut helper_parts).next().unwrap())
|
||||||
.args(helper_parts)
|
.args(helper_parts)
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ use ctap::{
|
|||||||
};
|
};
|
||||||
use std::time::Duration;
|
use std::time::Duration;
|
||||||
|
|
||||||
const RP_ID: &'static str = "fido2luks";
|
const RP_ID: &str = "fido2luks";
|
||||||
|
|
||||||
pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoCredential> {
|
pub fn make_credential_id(name: Option<&str>) -> Fido2LuksResult<FidoCredential> {
|
||||||
let mut request = FidoCredentialRequestBuilder::default().rp_id(RP_ID);
|
let mut request = FidoCredentialRequestBuilder::default().rp_id(RP_ID);
|
||||||
@@ -52,7 +52,7 @@ pub fn get_devices() -> Fido2LuksResult<Vec<FidoDevice>> {
|
|||||||
match FidoDevice::new(&di) {
|
match FidoDevice::new(&di) {
|
||||||
Err(e) => match e.kind() {
|
Err(e) => match e.kind() {
|
||||||
FidoErrorKind::ParseCtap | FidoErrorKind::DeviceUnsupported => (),
|
FidoErrorKind::ParseCtap | FidoErrorKind::DeviceUnsupported => (),
|
||||||
err => Err(FidoError::from(err))?,
|
err => return Err(FidoError::from(err).into()),
|
||||||
},
|
},
|
||||||
Ok(dev) => devices.push(dev),
|
Ok(dev) => devices.push(dev),
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
|
|||||||
.into_iter()
|
.into_iter()
|
||||||
.fold(None, |res, format| match res {
|
.fold(None, |res, format| match res {
|
||||||
Some(Ok(())) => res,
|
Some(Ok(())) => res,
|
||||||
Some(e) => Some(e.or(load(format))),
|
Some(e) => Some(e.or_else(|_| load(format))),
|
||||||
None => Some(load(format)),
|
None => Some(load(format)),
|
||||||
})
|
})
|
||||||
.unwrap()?;
|
.unwrap()?;
|
||||||
@@ -58,9 +58,8 @@ pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksRes
|
|||||||
}
|
}
|
||||||
_ => (),
|
_ => (),
|
||||||
}
|
}
|
||||||
match handle.status()? {
|
if let KeyslotInfo::ActiveLast = handle.status()? {
|
||||||
KeyslotInfo::ActiveLast => break,
|
break;
|
||||||
_ => (),
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Ok(destroyed)
|
Ok(destroyed)
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ use std::fs::File;
|
|||||||
use std::io::Read;
|
use std::io::Read;
|
||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
|
|
||||||
pub fn sha256<'a>(messages: &[&[u8]]) -> [u8; 32] {
|
pub fn sha256(messages: &[&[u8]]) -> [u8; 32] {
|
||||||
let mut digest = digest::Context::new(&digest::SHA256);
|
let mut digest = digest::Context::new(&digest::SHA256);
|
||||||
for m in messages.iter() {
|
for m in messages.iter() {
|
||||||
digest.update(m);
|
digest.update(m);
|
||||||
@@ -23,7 +23,7 @@ pub fn read_password(q: &str, verify: bool) -> Fido2LuksResult<String> {
|
|||||||
{
|
{
|
||||||
Err(Fido2LuksError::AskPassError {
|
Err(Fido2LuksError::AskPassError {
|
||||||
cause: AskPassError::Mismatch,
|
cause: AskPassError::Mismatch,
|
||||||
})?
|
})
|
||||||
}
|
}
|
||||||
pass => Ok(pass),
|
pass => Ok(pass),
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user