keyfork-shard: add message for PIN too short

2023-11-10 18:11:24 -05:00 · 2023-11-10 18:11:24 -05:00 · ca2ce33d7a
parent 01fce410a5
commit ca2ce33d7a
3 changed files with 22 additions and 12 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1077,6 +1077,7 @@ dependencies = [
 "card-backend-pcsc",
 "keyfork-derive-openpgp",
 "keyfork-pinentry",
+ "openpgp-card",
 "openpgp-card-sequoia",
 "sequoia-openpgp",
 "serde",
--- a/keyfork-shard/Cargo.toml
+++ b/keyfork-shard/Cargo.toml
@ -8,7 +8,7 @@ edition = "2021"
 [features]
 default = ["openpgp", "openpgp-card"]
 openpgp = ["sequoia-openpgp", "prompt"]
-openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend"]
+openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend", "dep:openpgp-card"]
 prompt = ["keyfork-pinentry"]

 [dependencies]
@ -19,6 +19,7 @@ card-backend-pcsc = { version = "0.5.0", optional = true }
 keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp" }
 keyfork-pinentry = { version = "0.5.0", path = "../keyfork-pinentry", optional = true }
 openpgp-card-sequoia = { version = "0.2.0", optional = true }
+openpgp-card = { version = "0.4.0", optional = true }
 sequoia-openpgp = { version = "1.16.1", optional = true }
 serde = "1.0.188"
 sharks = "0.5.0"
--- a/keyfork-shard/src/openpgp/smartcard.rs
+++ b/keyfork-shard/src/openpgp/smartcard.rs
@ -13,6 +13,7 @@ use crate::prompt_manager::{PinentryError, PromptManager};

 use anyhow::Context;
 use card_backend_pcsc::PcscBackend;
+use openpgp_card::{Error as CardError, StatusBytes};
 use openpgp_card_sequoia::{state::Open, types::Error as SequoiaCardError, Card};

 #[derive(thiserror::Error, Debug)]
@ -52,7 +53,7 @@ fn format_name(input: impl AsRef<str>) -> String {
        .as_ref()
        .split("<<")
        .take(2)
-        .map(|s| s.replace('>', " "))
+        .map(|s| s.replace('<', " "))
        .collect::<Vec<_>>();
    n.reverse();
    n.join(" ")
@ -214,11 +215,13 @@ impl DecryptionHelper for &mut SmartcardManager {
            .application_identifier()
            .context("Could not load application identifier")?
            .ident();
-        let pw_status = transaction
-            .pw_status_bytes()
-            .map_err(Error::PwStatusBytes)?;
        let mut pin = None;
-        for _ in 0..pw_status.err_count_pw1() {
+        while transaction
+            .pw_status_bytes()
+            .map_err(Error::PwStatusBytes)?
+            .err_count_pw1()
+            > 0
+        {
            transaction.reload_ard()?;
            let attempts = transaction
                .pw_status_bytes()
@ -231,12 +234,17 @@ impl DecryptionHelper for &mut SmartcardManager {
                format!("Unlock card {card_id} ({cardholder_name})\n\n{rpea}: {attempts}")
            };
            let temp_pin = self.pm.prompt_passphrase("Smartcard User PIN", message)?;
-            if transaction
-                .verify_user_pin(temp_pin.expose_secret().as_str().trim())
-                .is_ok()
-            {
-                pin.replace(temp_pin);
-                break;
+            let verification_status =
+                transaction.verify_user_pin(temp_pin.expose_secret().as_str().trim());
+            match verification_status {
+                Ok(_) => {
+                    pin.replace(temp_pin);
+                    break;
+                }
+                Err(CardError::CardStatus(StatusBytes::IncorrectParametersCommandDataField)) => {
+                    self.pm.prompt_message("Invalid PIN length entered.")?;
+                }
+                Err(_) => {}
            }
        }
        let pin = pin.ok_or(Error::InvalidPIN)?;