From ca2ce33d7a6ae46ef8ba5f22f86dfd2fa7966933 Mon Sep 17 00:00:00 2001 From: ryan Date: Fri, 10 Nov 2023 18:11:24 -0500 Subject: [PATCH] keyfork-shard: add message for PIN too short --- Cargo.lock | 1 + keyfork-shard/Cargo.toml | 3 ++- keyfork-shard/src/openpgp/smartcard.rs | 30 ++++++++++++++++---------- 3 files changed, 22 insertions(+), 12 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 19d4286..82d8e43 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1077,6 +1077,7 @@ dependencies = [ "card-backend-pcsc", "keyfork-derive-openpgp", "keyfork-pinentry", + "openpgp-card", "openpgp-card-sequoia", "sequoia-openpgp", "serde", diff --git a/keyfork-shard/Cargo.toml b/keyfork-shard/Cargo.toml index 2bf7786..7105826 100644 --- a/keyfork-shard/Cargo.toml +++ b/keyfork-shard/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" [features] default = ["openpgp", "openpgp-card"] openpgp = ["sequoia-openpgp", "prompt"] -openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend"] +openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend", "dep:openpgp-card"] prompt = ["keyfork-pinentry"] [dependencies] @@ -19,6 +19,7 @@ card-backend-pcsc = { version = "0.5.0", optional = true } keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp" } keyfork-pinentry = { version = "0.5.0", path = "../keyfork-pinentry", optional = true } openpgp-card-sequoia = { version = "0.2.0", optional = true } +openpgp-card = { version = "0.4.0", optional = true } sequoia-openpgp = { version = "1.16.1", optional = true } serde = "1.0.188" sharks = "0.5.0" diff --git a/keyfork-shard/src/openpgp/smartcard.rs b/keyfork-shard/src/openpgp/smartcard.rs index 096d9a7..86cb54f 100644 --- a/keyfork-shard/src/openpgp/smartcard.rs +++ b/keyfork-shard/src/openpgp/smartcard.rs @@ -13,6 +13,7 @@ use crate::prompt_manager::{PinentryError, PromptManager}; use anyhow::Context; use card_backend_pcsc::PcscBackend; +use openpgp_card::{Error as CardError, StatusBytes}; use openpgp_card_sequoia::{state::Open, types::Error as SequoiaCardError, Card}; #[derive(thiserror::Error, Debug)] @@ -52,7 +53,7 @@ fn format_name(input: impl AsRef) -> String { .as_ref() .split("<<") .take(2) - .map(|s| s.replace('>', " ")) + .map(|s| s.replace('<', " ")) .collect::>(); n.reverse(); n.join(" ") @@ -214,11 +215,13 @@ impl DecryptionHelper for &mut SmartcardManager { .application_identifier() .context("Could not load application identifier")? .ident(); - let pw_status = transaction - .pw_status_bytes() - .map_err(Error::PwStatusBytes)?; let mut pin = None; - for _ in 0..pw_status.err_count_pw1() { + while transaction + .pw_status_bytes() + .map_err(Error::PwStatusBytes)? + .err_count_pw1() + > 0 + { transaction.reload_ard()?; let attempts = transaction .pw_status_bytes() @@ -231,12 +234,17 @@ impl DecryptionHelper for &mut SmartcardManager { format!("Unlock card {card_id} ({cardholder_name})\n\n{rpea}: {attempts}") }; let temp_pin = self.pm.prompt_passphrase("Smartcard User PIN", message)?; - if transaction - .verify_user_pin(temp_pin.expose_secret().as_str().trim()) - .is_ok() - { - pin.replace(temp_pin); - break; + let verification_status = + transaction.verify_user_pin(temp_pin.expose_secret().as_str().trim()); + match verification_status { + Ok(_) => { + pin.replace(temp_pin); + break; + } + Err(CardError::CardStatus(StatusBytes::IncorrectParametersCommandDataField)) => { + self.pm.prompt_message("Invalid PIN length entered.")?; + } + Err(_) => {} } } let pin = pin.ok_or(Error::InvalidPIN)?;