Update fido2-manage.sh

Add extended use data (UPN)
2026-04-09 10:45:39 +00:00 · 2024-06-10 10:15:27 +02:00
parent 709721261c
commit 500744bdcc
1 changed files with 38 additions and 16 deletions
--- a/fido2-manage.sh
+++ b/fido2-manage.sh
@@ -192,24 +192,46 @@ if [[ -n $device ]]; then
        exit 0
    fi
-    if $storage; then
+# Main logic
-        $FIDO2_TOKEN_CMD -I -c "$device_string" $([[ -n $pin ]] && echo "-w $pin ")
+# Main logic
-        exit 0
+if $storage; then
-    elif $residentKeys; then
+    $FIDO2_TOKEN_CMD -I -c "$device_string" $([[ -n $pin ]] && echo "-w $pin")
-        if [[ -n $domain ]]; then
+    exit 0
-            output=$($FIDO2_TOKEN_CMD -L -k "$domain" "$device_string" $([[ -n $pin ]] && echo "-w $pin"))
+elif $residentKeys; then
-            echo "$output" | grep -oP '(\d+): (\S+) (.+)' | while read -r line; do
+    if [[ -n $domain ]]; then
-                key_id=$(echo "$line" | awk '{print $1}')
+        domain_command="$FIDO2_TOKEN_CMD -L -k \"$domain\" \"$device_string\" $([[ -n $pin ]] && echo "-w $pin")"
-                credential_id=$(echo "$line" | awk '{print $2}')
+        domain_output=$(eval $domain_command)
                user=$(echo "$line" | grep -oP '(\S+\s+\S+).+ es256' | head -1)
                show_message "Credential ID: $credential_id, User: $user"
            done
        else
            $FIDO2_TOKEN_CMD -L -r "$device_string" $(if [[ -n $pin ]]; then echo "-w $pin"; fi)
-        fi
+        
-        exit 0
+
        # Process the output line by line
        echo "$domain_output" | while read -r line; do
            key_id=$(echo "$line" | awk '{print $1}')
            credential_id=$(echo "$line" | awk '{print $2}')
            user_field=$(echo "$line" | awk '{print $3 , $4}')
            email_field=$(echo "$line" | awk '{print $5, $6}')
            if [[ "$user_field" == "(null)" ]]; then
                user_field=""
            fi
            # Determine if user_field is an email
            if [[ "$user_field" == *"@"* ]]; then
                email=$user_field
                user=""
            else
                user=$user_field
                email=$email_field
            fi
            show_message "Credential ID: $credential_id, User: $user $email"
        done
    else
        $FIDO2_TOKEN_CMD -L -r "$device_string" $(if [[ -n $pin ]]; then echo "-w $pin"; fi)
    fi
    exit 0
 fi
    if $info; then
        command_output=$($FIDO2_TOKEN_CMD -I "$device_string")