0.2.12

Added documentation and tweaked readme

.drone.yml

@@ -7,28 +7,23 @@ steps:
    commands:
      - rustup component add rustfmt
      - cargo fmt --all -- --check
- - name: readme
-   image: msrd0/cargo-readme@sha256:2b916451e576cda54f1e02703fa092b9d5af95bcf48426a1ef42872a19467fd3
-   commands:
-     - cargo readme > ~README.md
-     - cmp -s README.md ~README.md || (printf "README.md need to be updated:\n"; cat ~README.md; exit 1)
  - name: test
-   image: rust:1.43.0
-   commands:
-    - apt update && apt install -y libkeyutils-dev libclang-dev clang pkg-config  
-    - echo 'deb http://http.us.debian.org/debian unstable main non-free contrib' >> /etc/apt/sources.list.d/unstable.list && apt update && apt install -y libcryptsetup-dev
-    - cargo test
- - name: publish
-   image: rust:1.43.0
+   image: ubuntu:focal
    environment:
+    DEBIAN_FRONTEND: noninteractive
+   commands:
+    - apt update && apt install -y cargo libkeyutils-dev libclang-dev clang pkg-config libcryptsetup-dev 
+    - cargo test --locked
+ - name: publish
+   image: ubuntu:focal
+   environment:
+    DEBIAN_FRONTEND: noninteractive
     CARGO_REGISTRY_TOKEN:
      from_secret: cargo_tkn
    commands:
     - grep -E 'version ?= ?"${DRONE_TAG}"' -i Cargo.toml || (printf "incorrect crate/tag version" && exit 1)
-    - apt update && apt install -y libkeyutils-dev libclang-dev clang pkg-config  
-    - echo 'deb http://http.us.debian.org/debian unstable main non-free contrib' >> /etc/apt/sources.list.d/unstable.list && apt update && apt install -y libcryptsetup-dev
+    - apt update && apt install -y cargo libkeyutils-dev libclang-dev clang pkg-config libcryptsetup-dev 
     - cargo package --all-features
     - cargo publish --all-features
    when:
     event: tag
-   depends_on: ["fmt", "test", "readme"]

Cargo.lock

@@ -1,10 +1,25 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
 [[package]]
-name = "aho-corasick"
-version = "0.7.10"
+name = "addr2line"
+version = "0.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8716408b8bc624ed7f65d223ddb9ac2d044c0547b6fa4b0d554f3a9540496ada"
+checksum = "1b6a2d3371669ab3ca9797670853d61402b03d0b4b9ebf33d677dfa720203072"
+dependencies = [
+ "gimli",
+]
+
+[[package]]
+name = "adler"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ee2a4ec343196209d6594e19543ae87a39f96d5534d7174822a3ad825dd6ed7e"
+
+[[package]]
+name = "aho-corasick"
+version = "0.7.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "043164d8ba5c4c3035fec9bbee8647c0261d788f3474306f93bb65901cae0e86"
 dependencies = [
  "memchr",
 ]
@@ -43,31 +58,23 @@ checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d"
 
 [[package]]
 name = "backtrace"
-version = "0.3.46"
+version = "0.3.50"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b1e692897359247cc6bb902933361652380af0f1b7651ae5c5013407f30e109e"
+checksum = "46254cf2fdcdf1badb5934448c1bcbe046a56537b3987d96c51a7afc5d03f293"
 dependencies = [
- "backtrace-sys",
+ "addr2line",
  "cfg-if",
  "libc",
+ "miniz_oxide",
+ "object",
  "rustc-demangle",
 ]
 
-[[package]]
-name = "backtrace-sys"
-version = "0.1.36"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "78848718ee1255a2485d1309ad9cdecfc2e7d0362dd11c6829364c6b35ae1bc7"
-dependencies = [
- "cc",
- "libc",
-]
-
 [[package]]
 name = "bindgen"
-version = "0.53.2"
+version = "0.54.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6bb26d6a69a335b8cb0e7c7e9775cd5666611dc50a37177c3f2cedcfc040e8c8"
+checksum = "f4d49b80beb70d76cdac92f5681e666f9a697c737c4f4117a67229a0386dc736"
 dependencies = [
  "bitflags",
  "cexpr",
@@ -79,8 +86,8 @@ dependencies = [
  "lazycell",
  "log",
  "peeking_take_while",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
  "regex",
  "rustc-hash",
  "shlex",
@@ -111,9 +118,9 @@ dependencies = [
 
 [[package]]
 name = "cc"
-version = "1.0.52"
+version = "1.0.58"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3d87b23d6a92cd03af510a5ade527033f6aa6fa92161e2d5863a907d4c5e31d"
+checksum = "f9a06fb2e53271d7c279ec1efea6ab691c35a2ae67ec0d91d7acec0caf13b518"
 
 [[package]]
 name = "cexpr"
@@ -143,9 +150,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "2.33.0"
+version = "2.33.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5067f5bb2d80ef5d68b4c87db81601f0b75bca627bc2ef76b141d7b846a3c6d9"
+checksum = "10040cdf04294b565d9e0319955430099ec3813a64c952b86a41200ad714ae48"
 dependencies = [
  "ansi_term",
  "atty",
@@ -181,12 +188,12 @@ dependencies = [
 
 [[package]]
 name = "crossbeam-channel"
-version = "0.4.2"
+version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cced8691919c02aac3cb0a1bc2e9b73d89e832bf9a06fc579d4e71b68a2da061"
+checksum = "09ee0cc8804d5393478d743b035099520087a5186f3b93fa58cec08fa62407b6"
 dependencies = [
+ "cfg-if",
  "crossbeam-utils",
- "maybe-uninit",
 ]
 
 [[package]]
@@ -217,12 +224,13 @@ dependencies = [
 
 [[package]]
 name = "crossbeam-queue"
-version = "0.2.1"
+version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c695eeca1e7173472a32221542ae469b3e9aac3a4fc81f7696bcad82029493db"
+checksum = "774ba60a54c213d409d5353bda12d49cd68d14e45036a285234c8d6f91f92570"
 dependencies = [
  "cfg-if",
  "crossbeam-utils",
+ "maybe-uninit",
 ]
 
 [[package]]
@@ -284,10 +292,10 @@ checksum = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b"
 dependencies = [
  "fnv",
  "ident_case",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
  "strsim 0.9.3",
- "syn 1.0.18",
+ "syn 1.0.38",
 ]
 
 [[package]]
@@ -297,8 +305,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72"
 dependencies = [
  "darling_core",
- "quote 1.0.3",
- "syn 1.0.18",
+ "quote 1.0.7",
+ "syn 1.0.38",
 ]
 
 [[package]]
@@ -309,9 +317,9 @@ checksum = "a2658621297f2cf68762a6f7dc0bb7e1ff2cfd6583daef8ee0fed6f7ec468ec0"
 dependencies = [
  "darling",
  "derive_builder_core",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
 ]
 
 [[package]]
@@ -321,16 +329,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2791ea3e372c8495c0bc2033991d76b512cd799d07491fbd6890124db9458bef"
 dependencies = [
  "darling",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
 ]
 
 [[package]]
 name = "either"
-version = "1.5.3"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3"
+checksum = "cd56b59865bce947ac5958779cfa508f6c3b9497cc762b7e24a12d11ccde2c4f"
 
 [[package]]
 name = "env_logger"
@@ -347,9 +355,9 @@ dependencies = [
 
 [[package]]
 name = "failure"
-version = "0.1.7"
+version = "0.1.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b8529c2421efa3066a5cbd8063d2244603824daccb6936b079010bb2aa89464b"
+checksum = "d32e9bd16cc02eae7db7ef620b392808b89f6a5e16bb3497d159c6b92a0f4f86"
 dependencies = [
  "backtrace",
  "failure_derive",
@@ -357,19 +365,19 @@ dependencies = [
 
 [[package]]
 name = "failure_derive"
-version = "0.1.7"
+version = "0.1.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "030a733c8287d6213886dd487564ff5c8f6aae10278b3588ed177f9d18f8d231"
+checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4"
 dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
  "synstructure",
 ]
 
 [[package]]
 name = "fido2luks"
-version = "0.2.9"
+version = "0.2.12"
 dependencies = [
  "ctap_hmac",
  "failure",
@@ -385,9 +393,9 @@ dependencies = [
 
 [[package]]
 name = "fnv"
-version = "1.0.6"
+version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3"
+checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
 [[package]]
 name = "fuchsia-cprng"
@@ -401,6 +409,12 @@ version = "0.3.55"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8f5f3913fa0bfe7ee1fd8248b6b9f42a5af4b9d65ec2dd2c3c26132b950ecfc2"
 
+[[package]]
+name = "gimli"
+version = "0.22.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aaf91faf136cb47367fa430cd46e37a788775e7fa104f8b4bcb3861dc389b724"
+
 [[package]]
 name = "glob"
 version = "0.3.0"
@@ -418,9 +432,9 @@ dependencies = [
 
 [[package]]
 name = "hermit-abi"
-version = "0.1.12"
+version = "0.1.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "61565ff7aaace3525556587bd2dc31d4a07071957be715e63ce7b1eccf51a8f4"
+checksum = "3deed196b6e7f9e44a2ae8d94225d80302d81208b1bb673fd21fe634645c85a9"
 dependencies = [
  "libc",
 ]
@@ -448,9 +462,9 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
 
 [[package]]
 name = "itoa"
-version = "0.4.5"
+version = "0.4.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
+checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6"
 
 [[package]]
 name = "lazy_static"
@@ -466,15 +480,15 @@ checksum = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f"
 
 [[package]]
 name = "libc"
-version = "0.2.69"
+version = "0.2.74"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "99e85c08494b21a9054e7fe1374a732aeadaff3980b6990b94bfd3a70f690005"
+checksum = "a2f02823cf78b754822df5f7f268fb59822e7296276d3e069d8e8cb26a14bd10"
 
 [[package]]
 name = "libcryptsetup-rs"
-version = "0.4.1"
+version = "0.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "38cd24132ee0239515bc895782f65ab3e382a0f78e7cee30417159e5c6f81b6b"
+checksum = "b9042dbf4b7e4309494949696496e230c9052af64559d3441627d639898c172c"
 dependencies = [
  "either",
  "libc",
@@ -487,9 +501,9 @@ dependencies = [
 
 [[package]]
 name = "libcryptsetup-rs-sys"
-version = "0.1.2"
+version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0c605998e81e2a99c1f4c5d0be45ea1df6f1dc45dc64f5ca2847b0dbebf49ae7"
+checksum = "4b75a2b946509fb39fdb4b232c973166da14be373d09a43eb36b82f775d8244e"
 dependencies = [
  "bindgen",
  "cc",
@@ -509,9 +523,9 @@ dependencies = [
 
 [[package]]
 name = "log"
-version = "0.4.8"
+version = "0.4.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7"
+checksum = "4fabed175da42fed1fa0746b0ea71f412aa9d35e76e95e59b192c64b9dc2bf8b"
 dependencies = [
  "cfg-if",
 ]
@@ -530,18 +544,27 @@ checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400"
 
 [[package]]
 name = "memoffset"
-version = "0.5.4"
+version = "0.5.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b4fc2c02a7e374099d4ee95a193111f72d2110197fe200272371758f6c3643d8"
+checksum = "c198b026e1bbf08a937e94c6c60f9ec4a2267f5b0d2eec9c1b21b061ce2be55f"
 dependencies = [
  "autocfg 1.0.0",
 ]
 
 [[package]]
-name = "nom"
-version = "5.1.1"
+name = "miniz_oxide"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0b471253da97532da4b61552249c521e01e736071f71c1a4f7ebbfbf0a06aad6"
+checksum = "be0f75932c1f6cfae3c04000e40114adf955636e19040f9c0a2c380702aa1c7f"
+dependencies = [
+ "adler",
+]
+
+[[package]]
+name = "nom"
+version = "5.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ffb4262d26ed83a1c0a33a38fe2bb15797329c85770da05e6b828ddb782627af"
 dependencies = [
  "memchr",
  "version_check",
@@ -560,13 +583,19 @@ dependencies = [
 
 [[package]]
 name = "num-traits"
-version = "0.2.11"
+version = "0.2.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c62be47e61d1842b9170f0fdeec8eba98e60e90e5446449a0545e5152acd7096"
+checksum = "ac267bcc07f48ee5f8935ab0d24f316fb722d7a1292e2913f0cc196b29ffd611"
 dependencies = [
  "autocfg 1.0.0",
 ]
 
+[[package]]
+name = "object"
+version = "0.20.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1ab52be62400ca80aa00285d25253d7f7c437b7375c4de678f5405d3afe82ca5"
+
 [[package]]
 name = "peeking_take_while"
 version = "0.1.2"
@@ -575,33 +604,31 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099"
 
 [[package]]
 name = "pkg-config"
-version = "0.3.17"
+version = "0.3.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "05da548ad6865900e60eaba7f589cc0783590a92e940c26953ff81ddbab2d677"
+checksum = "d36492546b6af1463394d46f0c834346f31548646f6ba10849802c9c9a27ac33"
 
 [[package]]
 name = "proc-macro-error"
-version = "1.0.2"
+version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "98e9e4b82e0ef281812565ea4751049f1bdcdfccda7d3f459f2e138a40c08678"
+checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c"
 dependencies = [
  "proc-macro-error-attr",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
  "version_check",
 ]
 
 [[package]]
 name = "proc-macro-error-attr"
-version = "1.0.2"
+version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f5444ead4e9935abd7f27dc51f7e852a0569ac888096d5ec2499470794e2e53"
+checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869"
 dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
- "syn-mid",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
  "version_check",
 ]
 
@@ -616,11 +643,11 @@ dependencies = [
 
 [[package]]
 name = "proc-macro2"
-version = "1.0.10"
+version = "1.0.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df246d292ff63439fea9bc8c0a270bed0e390d5ebd4db4ba15aba81111b5abe3"
+checksum = "04f5f085b5d71e2188cb8271e5da0161ad52c3f227a661a3c135fdf28e258b12"
 dependencies = [
- "unicode-xid 0.2.0",
+ "unicode-xid 0.2.1",
 ]
 
 [[package]]
@@ -640,11 +667,11 @@ dependencies = [
 
 [[package]]
 name = "quote"
-version = "1.0.3"
+version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2bdc6c187c65bca4260c9011c9e3132efe4909da44726bad24cf7572ae338d7f"
+checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37"
 dependencies = [
- "proc-macro2 1.0.10",
+ "proc-macro2 1.0.19",
 ]
 
 [[package]]
@@ -787,9 +814,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.3.7"
+version = "1.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a6020f034922e3194c711b82a627453881bc4682166cabb07134a10c26ba7692"
+checksum = "9c3780fcf44b193bc4d09f36d2a3c87b251da4a046c87795a0d35f4f927ad8e6"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -799,9 +826,9 @@ dependencies = [
 
 [[package]]
 name = "regex-syntax"
-version = "0.6.17"
+version = "0.6.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7fe5bd57d1d7414c6b5ed48563a2c855d995ff777729dcd91c369ec7fea395ae"
+checksum = "26412eb97c6b088a6997e05f69403a802a92d520de2f8e63c2b65f9e0f47c4e8"
 
 [[package]]
 name = "ring"
@@ -858,9 +885,9 @@ checksum = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda"
 
 [[package]]
 name = "ryu"
-version = "1.0.4"
+version = "1.0.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ed3d612bc64430efeb3f7ee6ef26d590dce0c43249217bddc62112540c7941e1"
+checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e"
 
 [[package]]
 name = "scopeguard"
@@ -885,26 +912,26 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
 
 [[package]]
 name = "serde"
-version = "1.0.106"
+version = "1.0.115"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "36df6ac6412072f67cf767ebbde4133a5b2e88e76dc6187fa7104cd16f783399"
+checksum = "e54c9a88f2da7238af84b5101443f0c0d0a3bbdc455e34a5c9497b1903ed55d5"
 
 [[package]]
 name = "serde_derive"
-version = "1.0.106"
+version = "1.0.115"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9e549e3abf4fb8621bd1609f11dfc9f5e50320802273b12f3811a67e6716ea6c"
+checksum = "609feed1d0a73cc36a0182a840a9b37b4a82f0b1150369f0536a9e3f2a31dc48"
 dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
 ]
 
 [[package]]
 name = "serde_json"
-version = "1.0.51"
+version = "1.0.57"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da07b57ee2623368351e9a0488bb0b261322a15a6e0ae53e243cbdc0f4208da9"
+checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c"
 dependencies = [
  "itoa",
  "ryu",
@@ -931,9 +958,9 @@ checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c"
 
 [[package]]
 name = "structopt"
-version = "0.3.14"
+version = "0.3.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "863246aaf5ddd0d6928dfeb1a9ca65f505599e4e1b399935ef7e75107516b4ef"
+checksum = "de5472fb24d7e80ae84a7801b7978f95a19ec32cb1876faea59ab711eb901976"
 dependencies = [
  "clap",
  "lazy_static",
@@ -942,15 +969,15 @@ dependencies = [
 
 [[package]]
 name = "structopt-derive"
-version = "0.4.7"
+version = "0.4.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d239ca4b13aee7a2142e6795cbd69e457665ff8037aed33b3effdc430d2f927a"
+checksum = "1e0eb37335aeeebe51be42e2dc07f031163fbabfa6ac67d7ea68b5c2f68d5f99"
 dependencies = [
  "heck",
  "proc-macro-error",
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
 ]
 
 [[package]]
@@ -966,36 +993,25 @@ dependencies = [
 
 [[package]]
 name = "syn"
-version = "1.0.18"
+version = "1.0.38"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "410a7488c0a728c7ceb4ad59b9567eb4053d02e8cc7f5c0e0eeeb39518369213"
+checksum = "e69abc24912995b3038597a7a593be5053eb0fb44f3cc5beec0deb421790c1f4"
 dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "unicode-xid 0.2.0",
-]
-
-[[package]]
-name = "syn-mid"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7be3539f6c128a931cf19dcee741c1af532c7fd387baa739c03dd2e96479338a"
-dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "unicode-xid 0.2.1",
 ]
 
 [[package]]
 name = "synstructure"
-version = "0.12.3"
+version = "0.12.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "67656ea1dc1b41b1451851562ea232ec2e5a80242139f7e679ceccfb5d61f545"
+checksum = "b834f2d66f734cb897113e34aaff2f1ab4719ca946f9a7358dba8f8064148701"
 dependencies = [
- "proc-macro2 1.0.10",
- "quote 1.0.3",
- "syn 1.0.18",
- "unicode-xid 0.2.0",
+ "proc-macro2 1.0.19",
+ "quote 1.0.7",
+ "syn 1.0.38",
+ "unicode-xid 0.2.1",
 ]
 
 [[package]]
@@ -1043,9 +1059,9 @@ checksum = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0"
 
 [[package]]
 name = "unicode-width"
-version = "0.1.7"
+version = "0.1.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "caaa9d531767d1ff2150b9332433f32a24622147e5ebb1f26409d5da67afd479"
+checksum = "9337591893a19b88d8d87f2cec1e73fad5cdfd10e5a6f349f498ad6ea2ffb1e3"
 
 [[package]]
 name = "unicode-xid"
@@ -1055,9 +1071,9 @@ checksum = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc"
 
 [[package]]
 name = "unicode-xid"
-version = "0.2.0"
+version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c"
+checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564"
 
 [[package]]
 name = "untrusted"
@@ -1076,15 +1092,15 @@ dependencies = [
 
 [[package]]
 name = "vec_map"
-version = "0.8.1"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "05c78687fb1a80548ae3250346c3db86a80a7cdd77bda190189f2d0a0987c81a"
+checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191"
 
 [[package]]
 name = "version_check"
-version = "0.9.1"
+version = "0.9.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "078775d0255232fb988e6fccf26ddc9d1ac274299aaedcedce21c6f72cc533ce"
+checksum = "b5a972e5669d67ba988ce3dc826706fb0a8b01471c088cb0b6110b805cc36aed"
 
 [[package]]
 name = "which"
@@ -1097,9 +1113,9 @@ dependencies = [
 
 [[package]]
 name = "winapi"
-version = "0.3.8"
+version = "0.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
+checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
 dependencies = [
  "winapi-i686-pc-windows-gnu",
  "winapi-x86_64-pc-windows-gnu",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "fido2luks"
-version = "0.2.9"
+version = "0.2.12"
 authors = ["shimunn <shimun@shimun.net>"]
 edition = "2018"
 
@@ -11,7 +11,7 @@ repository = "https://github.com/shimunn/fido2luks"
 readme = "README.md"
 keywords = ["luks", "fido2", "u2f"]
 categories = ["command-line-utilities"]
-license = "MPL 2.0"
+license = "MPL-2.0"
 
 [dependencies]
 ctap_hmac = { version="0.4.2", features = ["request_multiple"] }
@@ -42,3 +42,4 @@ assets = [
     ["initramfs-tools/hook/fido2luks.sh", "etc/initramfs-tools/hooks/", "755" ],
     ["initramfs-tools/fido2luks.conf", "etc/", "644"],
 ]
+conf-files = ["/etc/fido2luks.conf"]

README.md

@@ -1,75 +1,86 @@
-[![Crates.io](https://img.shields.io/crates/v/fido2luks.svg)](https://crates.io/crates/fido2luks)
-# fido2luks
+# fido2luks [![Crates.io Version](https://img.shields.io/crates/v/fido2luks.svg)](https://crates.io/crates/fido2luks)
 
-This will allow you to unlock your luks encrypted disk with an fido2 compatible key
+This will allow you to unlock your LUKS encrypted disk with an FIDO2 compatible key.
 
 Note: This has only been tested under Fedora 31, [Ubuntu 20.04](initramfs-tools/), [NixOS](https://nixos.org/nixos/manual/#sec-luks-file-systems-fido2) using a Solo Key, Trezor Model T
 
-### Setup
+## Setup
 
-#### Prerequisites
+### Prerequisites
 
-```rust
+```
 dnf install clang cargo cryptsetup-devel -y
 ```
 
-#### Device
+### Device
 
-```rust
+```
 git clone https://github.com/shimunn/fido2luks.git && cd fido2luks
 
+# Alternativly cargo build --release && sudo cp target/release/fido2luks /usr/bin/
 sudo -E cargo install -f --path . --root /usr
 
+# Copy template
 cp dracut/96luks-2fa/fido2luks.conf /etc/
+# Name is optional but useful if your authenticator has a display
 echo FIDO2LUKS_CREDENTIAL_ID=$(fido2luks credential [NAME]) >> /etc/fido2luks.conf
 
+# Load config into env
 set -a
 . /etc/fido2luks.conf
 
+# Repeat for each luks volume
+# You can also use the `--token` flag when using LUKS2 which will then store the credential in the LUKS header,
+# enabling you to use `fido2luks open-token` without passing a credential as parameter
 sudo -E fido2luks -i add-key /dev/disk/by-uuid/<DISK_UUID>
 
+# Test(only works if the luks container isn't active)
 sudo -E fido2luks -i open /dev/disk/by-uuid/<DISK_UUID> luks-<DISK_UUID>
 
 ```
 
-#### Dracut
+### Dracut
 
-```rust
+```
 cd dracut
 
 sudo make install
 ```
 
-#### Grub
+### Grub
 
 Add `rd.luks.2fa=<CREDENTIAL_ID>:<DISK_UUID>` to `GRUB_CMDLINE_LINUX` in /etc/default/grub
 
 Note: This is only required for your root disk, systemd will try to unlock all other LUKS partions using the same key if you added it using `fido2luks add-key`
 
-```rust
+```
 grub2-mkconfig > /boot/grub2/grub.cfg
 ```
 
 I'd also recommend to copy the executable onto /boot so that it is accessible in case you have to access your disk from a rescue system
 
-```rust
+```
 mkdir /boot/fido2luks/
 cp /usr/bin/fido2luks /boot/fido2luks/
 cp /etc/fido2luks.conf /boot/fido2luks/
 ```
 
-### Test
+## Testing
 
 Just reboot and see if it works, if that's the case you should remove your old less secure password from your LUKS header:
 
-```rust
+```
+# Recommend in case you lose your authenticator, store this backupfile somewhere safe
 cryptsetup luksHeaderBackup /dev/disk/by-uuid/<DISK_UUID> --header-backup-file luks_backup_<DISK_UUID>
+# There is no turning back if you mess this up, make sure you made a backup
+# You can also pass `--token` if you're using LUKS2 which will then store the credential in the LUKS header,
+# which will enable you to use `fido2luks open-token` without passing a credential as parameter
 fido2luks -i add-key --exclusive /dev/disk/by-uuid/<DISK_UUID>
 ```
 
-### Addtional settings
+## Addtional settings
 
-#### Password less
+### Password less
 
 Remove your previous secret as described in the next section, in case you've already added one.
 
@@ -78,18 +89,25 @@ but be warned that this password will be included to into your initramfs.
 
 Import the new config into env:
 
-```rust
+```
 set -a
 . /etc/fido2luks.conf
 ```
 
 Then add the new secret to each device and update dracut afterwards `dracut -f`
 
-### Removal
+### Multiple keys
+
+Additional/backup keys are supported, Multiple fido2luks credentials can be added to your /etc/fido2luks.conf file. Credential tokens are comma separated.
+```
+FIDO2LUKS_CREDENTIAL_ID=<CREDENTIAL1>,<CREDENTIAL2>,<CREDENTIAL3>
+```
+
+## Removal
 
 Remove `rd.luks.2fa` from `GRUB_CMDLINE_LINUX` in /etc/default/grub
 
-```rust
+```
 set -a
 . fido2luks.conf
 sudo -E fido2luks -i replace-key /dev/disk/by-uuid/<DISK_UUID>
@@ -99,11 +117,14 @@ sudo rm -rf /usr/lib/dracut/modules.d/96luks-2fa /etc/dracut.conf.d/luks-2fa.con
 
 ## License
 
-Licensed under the Mozilla Public License 2.0, ([LICENSE-MPL](LICENSE) or https://www.mozilla.org/en-US/MPL/2.0/)
+Licensed under
+
+ * Mozilla Public License 2.0, ([LICENSE-MPL](LICENSE-MPL) or https://www.mozilla.org/en-US/MPL/2.0/)
 
 ### Contribution
 
 Unless you explicitly state otherwise, any contribution intentionally
 submitted for inclusion in the work by you, as defined in the MPL 2.0
-license, shall be dual licensed as above, without any additional terms or
+license, shall be licensed as above, without any additional terms or
 conditions.
+

README.tpl

@@ -1,15 +0,0 @@
-[![Crates.io](https://img.shields.io/crates/v/fido2luks.svg)](https://crates.io/crates/fido2luks)
-# {{crate}}
-
-{{readme}}
-
-## License
-
-Licensed under the Mozilla Public License 2.0, ([LICENSE-MPL](LICENSE) or https://www.mozilla.org/en-US/MPL/2.0/)
-
-### Contribution
-
-Unless you explicitly state otherwise, any contribution intentionally
-submitted for inclusion in the work by you, as defined in the MPL 2.0
-license, shall be dual licensed as above, without any additional terms or
-conditions.

initramfs-tools/README.md

@@ -1,13 +1,34 @@
 ## Initramfs-tools based systems(Ubuntu and derivatives)
 
-After installation generate your credentials and add keys to your disk as described in the top-level README
-then add `initramfs,keyscript=fido2luks` to your `/etc/crypttab`
+For easiest installation [download and install the precompiled deb from releases.](https://github.com/shimunn/fido2luks/releases). However it is possible to build from source via the instructions on the main readme.
 
-Example:
-```
-sda6_crypt UUID=9793d81a-4cfb-4712-85f3-c7a8d715112c none luks,discard,initramfs,keyscript=fido2luks
 ```
+sudo -s
 
-But don't forget to run `make install` which will install all necessary scripts and regenerate your intrid.
+# Insert FIDO key.
+fido2luks credential
+# Tap FIDO key
+# Copy returned string <CREDENTIAL>
+
+nano /etc/fido2luks.conf
+# Insert <CREDENTIAL> 
+# FIDO2LUKS_CREDENTIAL_ID=<CREDENTIAL> 
+
+set -a
+. /etc/fido2luks.conf
+fido2luks -i add-key /dev/<LUKS PARTITION>
+# Current password: <Any current LUKS password>
+# Password: <Password used as FIDO challange>
+# Tap FIDO key
+
+nano /etc/crypttab
+# Append to end ",discard,initramfs,keyscript=fido2luks"
+# E.g. sda6_crypt UUID=XXXXXXXXXX none luks,discard,initramfs,keyscript=fido2luks
+
+update-initramfs -u
+
+
+```
 
 [Recording showing part of the setup](https://shimun.net/fido2luks/setup.svg)
+

initramfs-tools/fido2luks.conf

@@ -1,3 +1,3 @@
 FIDO2LUKS_SALT=Ask
-#FIDO2LUKS_PASSWORD_HELPER="/usr/bin/plymouth ask-for-password --promt 'FIDO2 password salt'"
+#FIDO2LUKS_PASSWORD_HELPER="/usr/bin/plymouth ask-for-password --prompt 'FIDO2 password salt'"
 FIDO2LUKS_CREDENTIAL_ID=

initramfs-tools/keyscript.sh

@@ -3,7 +3,8 @@ set -a
 . /etc/fido2luks.conf
 
 if [ -z "$FIDO2LUKS_PASSWORD_HELPER" ]; then
-	export FIDO2LUKS_PASSWORD_HELPER="plymouth ask-for-password --promt 'FIDO2 password salt for $CRYPTTAB_NAME'"
+	MSG="FIDO2 password salt for $CRYPTTAB_NAME"
+	export FIDO2LUKS_PASSWORD_HELPER="plymouth ask-for-password --prompt '$MSG'"
 fi
 
 fido2luks print-secret --bin

src/cli.rs

@@ -1,54 +1,3 @@
-//! ## Command line interface
-//! ### Generating a credential
-//! Credentials can be generated by using `fido2luks credential`
-//! this command will take an optional string as username your authenticator might be able to display
-//!
-//! `fido2luks credential 'My 2FA protected disk'`
-//!
-//! It is advisable to repeat this step and the next step for more than one authenticator, as backup
-//! ### Securing a disk
-//! To utilise the previously generated credential you simply run
-//!
-//! `fido2luks -i add-key <device> [<credential>,..]`
-//!
-//! You can also use `fido2luks -i add-key --exclusive <device> [<credential>,..]`
-//!
-//! which will add a new key and then remove ALL other keys.
-//! This command supports a fair amount of options for instance `--keyfile` which will allow you to
-//! add an authenticator to the `<device>`
-//!
-//! `-f` will utilise an previously added fido protected key to add another one
-//!
-//! `--token` will store the credential within the LUKS header, making it easily accessible even if
-//! you're unable to boot your system.
-//!
-//!
-//! `fido2luks -i replace-key <device> [<credential>,..]`
-//! works in a similar fashion but instead of adding a new key it'll update an existing one
-//!
-//!
-//! ### Unlocking a disk
-//! To open an LUKS container using your authenticator you simply run
-//!
-//! `fido2luks -i open <device> <name> [<credential>,..]`
-//!
-//! if successful your LUKS container will be accessible under `/dev/mapper/<name>`
-//! To avoid having to specify your credentials you may want to to use
-//!
-//! `fido2luks -i open-token <device> <name>`
-//!
-//! which should even be faster since it allows for the credential to be matched to the right keyslot
-//!
-//!
-//! ### Common options
-//!
-//! `--salt` Determines what data will be provided to the authenticator in order to derive the secret, the default being `ask` which will prompt the user for an password.
-//! Alternatives being `file:<PATH>` where the specified file will be hashed and then used as input, the same goes for the `string:<STRING>` option which will behave in the same manner as the `ask` option.
-//!
-//! `--pin` Allows for a PIN to be passed to the authenticator if needed, it is however recommended not to use a PIN since the bootscript doesn't support this feature atm.
-//!
-//! `--help` Will provide context dependant help for each command
-
 use crate::error::*;
 use crate::*;
 
@@ -58,7 +7,7 @@ use ctap::{FidoCredential, FidoErrorKind};
 use failure::_core::fmt::{Display, Error, Formatter};
 use failure::_core::str::FromStr;
 use failure::_core::time::Duration;
-use std::io::Write;
+use std::io::{Read, Write};
 use std::process::exit;
 use std::thread;
 
@@ -66,6 +15,7 @@ use crate::luks::{Fido2LuksToken, LuksDevice};
 use crate::util::sha256;
 use std::borrow::Cow;
 use std::collections::HashSet;
+use std::fs::File;
 use std::time::SystemTime;
 
 #[derive(Debug, Eq, PartialEq, Clone)]
@@ -128,6 +78,10 @@ pub struct AuthenticatorParameters {
     #[structopt(short = "P", long = "pin")]
     pub pin: bool,
 
+    /// Location to read PIN from
+    #[structopt(long = "pin-source", env = "FIDO2LUKS_PIN_SOURCE")]
+    pub pin_source: Option<PathBuf>,
+
     /// Await for an authenticator to be connected, timeout after n seconds
     #[structopt(
         long = "await-dev",
@@ -138,6 +92,18 @@ pub struct AuthenticatorParameters {
     pub await_time: u64,
 }
 
+impl AuthenticatorParameters {
+    fn read_pin(&self) -> Fido2LuksResult<String> {
+        if let Some(src) = self.pin_source.as_ref() {
+            let mut pin = String::new();
+            File::open(src)?.read_to_string(&mut pin)?;
+            Ok(pin)
+        } else {
+            util::read_password("Authenticator PIN", false)
+        }
+    }
+}
+
 #[derive(Debug, StructOpt)]
 pub struct LuksParameters {
     #[structopt(env = "FIDO2LUKS_DEVICE")]
@@ -216,10 +182,6 @@ fn derive_secret(
     Ok((sha256(&[salt, &unsalted[..]]), cred.clone()))
 }
 
-fn read_pin() -> Fido2LuksResult<String> {
-    util::read_password("Authenticator PIN", false)
-}
-
 #[derive(Debug, StructOpt)]
 pub struct Args {
     /// Request passwords via Stdin instead of using the password helper
@@ -396,7 +358,7 @@ pub fn run_cli() -> Fido2LuksResult<()> {
         } => {
             let pin_string;
             let pin = if authenticator.pin {
-                pin_string = read_pin()?;
+                pin_string = authenticator.read_pin()?;
                 Some(pin_string.as_ref())
             } else {
                 None
@@ -413,7 +375,7 @@ pub fn run_cli() -> Fido2LuksResult<()> {
         } => {
             let pin_string;
             let pin = if authenticator.pin {
-                pin_string = read_pin()?;
+                pin_string = authenticator.read_pin()?;
                 Some(pin_string.as_ref())
             } else {
                 None
@@ -457,7 +419,7 @@ pub fn run_cli() -> Fido2LuksResult<()> {
             ..
         } => {
             let pin = if authenticator.pin {
-                Some(read_pin()?)
+                Some(authenticator.read_pin()?)
             } else {
                 None
             };
@@ -573,7 +535,7 @@ pub fn run_cli() -> Fido2LuksResult<()> {
         } => {
             let pin_string;
             let pin = if authenticator.pin {
-                pin_string = read_pin()?;
+                pin_string = authenticator.read_pin()?;
                 Some(pin_string.as_ref())
             } else {
                 None

src/config.rs

@@ -135,10 +135,9 @@ impl PasswordHelper {
             Systemd => unimplemented!(),
             Stdin => Ok(util::read_password("Password", true)?),
             Script(password_helper) => {
-                let mut helper_parts = password_helper.split(' ');
-
-                let password = Command::new((&mut helper_parts).next().unwrap())
-                    .args(helper_parts)
+                let password = Command::new("sh")
+                    .arg("-c")
+                    .arg(&password_helper)
                     .output()
                     .map_err(|e| Fido2LuksError::AskPassError {
                         cause: error::AskPassError::IO(e),

src/luks.rs

@@ -11,7 +11,7 @@ pub struct LuksDevice {
     device: CryptDevice,
     luks2: Option<bool>,
 }
-/// Wrapper around [CryptDevice](libcryptsetup_rs::CryptDevice)
+
 impl LuksDevice {
     pub fn load<P: AsRef<Path>>(path: P) -> Fido2LuksResult<LuksDevice> {
         let mut device = CryptInit::init(path.as_ref())?;
@@ -22,7 +22,6 @@ impl LuksDevice {
         })
     }
 
-    /// Check whether the device supports LUKS2
     pub fn is_luks2(&mut self) -> Fido2LuksResult<bool> {
         if let Some(luks2) = self.luks2 {
             Ok(luks2)
@@ -35,7 +34,6 @@ impl LuksDevice {
         }
     }
 
-    /// Check whether the device supports LUKS2, return an appropriate error if it does not
     fn require_luks2(&mut self) -> Fido2LuksResult<()> {
         if !self.is_luks2()? {
             return Err(LuksError::Luks2Required.into());
@@ -43,7 +41,6 @@ impl LuksDevice {
         Ok(())
     }
 
-    /// Returns an iterator over all tokens, of type fido2luks
     pub fn tokens<'a>(
         &'a mut self,
     ) -> Fido2LuksResult<Box<dyn Iterator<Item = Fido2LuksResult<(u32, Fido2LuksToken)>> + 'a>>
@@ -87,7 +84,6 @@ impl LuksDevice {
         ))
     }
 
-    /// Returns the first token with an reference to the specified keyslot
     pub fn find_token(&mut self, slot: u32) -> Fido2LuksResult<Option<(u32, Fido2LuksToken)>> {
         let slot_str = slot.to_string();
         for token in self.tokens()? {
@@ -126,8 +122,6 @@ impl LuksDevice {
         Ok(())
     }
 
-    /// Add a new key `secret` using `old_secret` with the specified `iteration_time` in milliseconds
-    /// an LUKS2 token will be created if the device supports LUKS2 and a `credential_id` is provided
     pub fn add_key(
         &mut self,
         secret: &[u8],
@@ -181,8 +175,6 @@ impl LuksDevice {
         Ok(destroyed)
     }
 
-    /// Replaces an existing key with `secret` using `old_secret` with the specified `iteration_time` in milliseconds
-    /// an LUKS2 token will be created or updated if the device supports LUKS2 and a `credential_id` is provided
     pub fn replace_key(
         &mut self,
         secret: &[u8],
@@ -293,7 +285,6 @@ impl LuksDevice {
     }
 }
 
-/// Represents a LUKS2 token
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct Fido2LuksToken {
     #[serde(rename = "type")]

src/main.rs

@@ -1,111 +1,3 @@
-//! This will allow you to unlock your luks encrypted disk with an fido2 compatible key
-//!
-//! Note: This has only been tested under Fedora 31, [Ubuntu 20.04](initramfs-tools/), [NixOS](https://nixos.org/nixos/manual/#sec-luks-file-systems-fido2) using a Solo Key, Trezor Model T
-//!
-//! ## Setup
-//!
-//! ### Prerequisites
-//!
-//! ```
-//! dnf install clang cargo cryptsetup-devel -y
-//! ```
-//!
-//! ### Device
-//!
-//! ```
-//! git clone https://github.com/shimunn/fido2luks.git && cd fido2luks
-//!
-//! # Alternativly cargo build --release && sudo cp target/release/fido2luks /usr/bin/
-//! sudo -E cargo install -f --path . --root /usr
-//!
-//! # Copy template
-//! cp dracut/96luks-2fa/fido2luks.conf /etc/
-//! # Name is optional but useful if your authenticator has a display
-//! echo FIDO2LUKS_CREDENTIAL_ID=$(fido2luks credential [NAME]) >> /etc/fido2luks.conf
-//!
-//! # Load config into env
-//! set -a
-//! . /etc/fido2luks.conf
-//!
-//! # Repeat for each luks volume
-//! # You can also use the `--token` flag when using LUKS2 which will then store the credential in the LUKS header,
-//! # enabling you to use `fido2luks open-token` without passing a credential as parameter
-//! sudo -E fido2luks -i add-key /dev/disk/by-uuid/<DISK_UUID>
-//!
-//! # Test(only works if the luks container isn't active)
-//! sudo -E fido2luks -i open /dev/disk/by-uuid/<DISK_UUID> luks-<DISK_UUID>
-//!
-//! ```
-//!
-//! ### Dracut
-//!
-//! ```
-//! cd dracut
-//!
-//! sudo make install
-//! ```
-//!
-//! ### Grub
-//!
-//! Add `rd.luks.2fa=<CREDENTIAL_ID>:<DISK_UUID>` to `GRUB_CMDLINE_LINUX` in /etc/default/grub
-//!
-//! Note: This is only required for your root disk, systemd will try to unlock all other LUKS partions using the same key if you added it using `fido2luks add-key`
-//!
-//! ```
-//! grub2-mkconfig > /boot/grub2/grub.cfg
-//! ```
-//!
-//! I'd also recommend to copy the executable onto /boot so that it is accessible in case you have to access your disk from a rescue system
-//!
-//! ```
-//! mkdir /boot/fido2luks/
-//! cp /usr/bin/fido2luks /boot/fido2luks/
-//! cp /etc/fido2luks.conf /boot/fido2luks/
-//! ```
-//!
-//! ## Test
-//!
-//! Just reboot and see if it works, if that's the case you should remove your old less secure password from your LUKS header:
-//!
-//! ```
-//! # Recommend in case you lose your authenticator, store this backupfile somewhere safe
-//! cryptsetup luksHeaderBackup /dev/disk/by-uuid/<DISK_UUID> --header-backup-file luks_backup_<DISK_UUID>
-//! # There is no turning back if you mess this up, make sure you made a backup
-//! # You can also pass `--token` if you're using LUKS2 which will then store the credential in the LUKS header,
-//! # which will enable you to use `fido2luks open-token` without passing a credential as parameter
-//! fido2luks -i add-key --exclusive /dev/disk/by-uuid/<DISK_UUID>
-//! ```
-//!
-//! ## Addtional settings
-//!
-//! ### Password less
-//!
-//! Remove your previous secret as described in the next section, in case you've already added one.
-//!
-//! Open `/etc/fido2luks.conf` and replace `FIDO2LUKS_SALT=Ask` with `FIDO2LUKS_SALT=string:<YOUR_RANDOM_STRING>`
-//! but be warned that this password will be included to into your initramfs.
-//!
-//! Import the new config into env:
-//!
-//! ```
-//! set -a
-//! . /etc/fido2luks.conf
-//! ```
-//!
-//! Then add the new secret to each device and update dracut afterwards `dracut -f`
-//!
-//! ## Removal
-//!
-//! Remove `rd.luks.2fa` from `GRUB_CMDLINE_LINUX` in /etc/default/grub
-//!
-//! ```
-//! set -a
-//! . fido2luks.conf
-//! sudo -E fido2luks -i replace-key /dev/disk/by-uuid/<DISK_UUID>
-//!
-//! sudo rm -rf /usr/lib/dracut/modules.d/96luks-2fa /etc/dracut.conf.d/luks-2fa.conf /etc/fido2luks.conf
-//!```
-
 #[macro_use]
 extern crate failure;
 extern crate ctap_hmac as ctap;
@@ -129,10 +21,7 @@ mod util;
 fn main() -> Fido2LuksResult<()> {
     match run_cli() {
         Err(e) => {
-            #[cfg(debug_assertions)]
             eprintln!("{:?}", e);
-            #[cfg(not(debug_assertions))]
-            eprintln!("{}", e);
             exit(e.exit_code())
         }
         _ => exit(0),