change ykfde_enroll

2023-09-29 20:46:09 +02:00
parent 1f596f833f
commit a5774454b3
1 changed files with 4 additions and 3 deletions
--- a/utils/pkgs/ykfde/scripts/ykfde_enroll
+++ b/utils/pkgs/ykfde/scripts/ykfde_enroll
@@ -2,7 +2,8 @@

 set -euo pipefail

-echo "start in\nnix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz"
+echo "start in"
+echo "nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz"

 # sanitize environment
 YKFDE_SLOT=2
@@ -25,9 +26,9 @@ if [ "$YKFDE_SLOT_CHECK" != 1 ]; then
 fi

 YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)"
-YKFDE_CHALLENGE="$(echo -n $salt | openssl dgst -binary -sha512 | rbtohex)"
+YKFDE_CHALLENGE="$(echo -n $YKFDE_SALT | openssl dgst -binary -sha512 | rbtohex)"
 YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)"
-YKFDE_K_LUKS="$(echo | pbkdf2-sha512 $(($YKFDE_KEY_LENGTH / 8)) $YKFDE_ITERATIONS $YKFDE_RESPONSE)"
+YKFDE_K_LUKS="$(echo | pbkdf2-sha512 $(($YKFDE_KEY_LENGTH / 8)) $YKFDE_ITERATIONS $YKFDE_RESPONSE | rbtohex)"
 mkdir -p "$(dirname $YKFDE_STORAGE)"
 echo -ne "$YKFDE_SALT\n$YKFDE_ITERATIONS" > $YKFDE_STORAGE
 echo $YKFDE_K_LUKS > luks.key