keyfork-shard: add message for PIN too short
This commit is contained in:
parent
01fce410a5
commit
ca2ce33d7a
|
@ -1077,6 +1077,7 @@ dependencies = [
|
||||||
"card-backend-pcsc",
|
"card-backend-pcsc",
|
||||||
"keyfork-derive-openpgp",
|
"keyfork-derive-openpgp",
|
||||||
"keyfork-pinentry",
|
"keyfork-pinentry",
|
||||||
|
"openpgp-card",
|
||||||
"openpgp-card-sequoia",
|
"openpgp-card-sequoia",
|
||||||
"sequoia-openpgp",
|
"sequoia-openpgp",
|
||||||
"serde",
|
"serde",
|
||||||
|
|
|
@ -8,7 +8,7 @@ edition = "2021"
|
||||||
[features]
|
[features]
|
||||||
default = ["openpgp", "openpgp-card"]
|
default = ["openpgp", "openpgp-card"]
|
||||||
openpgp = ["sequoia-openpgp", "prompt"]
|
openpgp = ["sequoia-openpgp", "prompt"]
|
||||||
openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend"]
|
openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend", "dep:openpgp-card"]
|
||||||
prompt = ["keyfork-pinentry"]
|
prompt = ["keyfork-pinentry"]
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
|
@ -19,6 +19,7 @@ card-backend-pcsc = { version = "0.5.0", optional = true }
|
||||||
keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp" }
|
keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp" }
|
||||||
keyfork-pinentry = { version = "0.5.0", path = "../keyfork-pinentry", optional = true }
|
keyfork-pinentry = { version = "0.5.0", path = "../keyfork-pinentry", optional = true }
|
||||||
openpgp-card-sequoia = { version = "0.2.0", optional = true }
|
openpgp-card-sequoia = { version = "0.2.0", optional = true }
|
||||||
|
openpgp-card = { version = "0.4.0", optional = true }
|
||||||
sequoia-openpgp = { version = "1.16.1", optional = true }
|
sequoia-openpgp = { version = "1.16.1", optional = true }
|
||||||
serde = "1.0.188"
|
serde = "1.0.188"
|
||||||
sharks = "0.5.0"
|
sharks = "0.5.0"
|
||||||
|
|
|
@ -13,6 +13,7 @@ use crate::prompt_manager::{PinentryError, PromptManager};
|
||||||
|
|
||||||
use anyhow::Context;
|
use anyhow::Context;
|
||||||
use card_backend_pcsc::PcscBackend;
|
use card_backend_pcsc::PcscBackend;
|
||||||
|
use openpgp_card::{Error as CardError, StatusBytes};
|
||||||
use openpgp_card_sequoia::{state::Open, types::Error as SequoiaCardError, Card};
|
use openpgp_card_sequoia::{state::Open, types::Error as SequoiaCardError, Card};
|
||||||
|
|
||||||
#[derive(thiserror::Error, Debug)]
|
#[derive(thiserror::Error, Debug)]
|
||||||
|
@ -52,7 +53,7 @@ fn format_name(input: impl AsRef<str>) -> String {
|
||||||
.as_ref()
|
.as_ref()
|
||||||
.split("<<")
|
.split("<<")
|
||||||
.take(2)
|
.take(2)
|
||||||
.map(|s| s.replace('>', " "))
|
.map(|s| s.replace('<', " "))
|
||||||
.collect::<Vec<_>>();
|
.collect::<Vec<_>>();
|
||||||
n.reverse();
|
n.reverse();
|
||||||
n.join(" ")
|
n.join(" ")
|
||||||
|
@ -214,11 +215,13 @@ impl DecryptionHelper for &mut SmartcardManager {
|
||||||
.application_identifier()
|
.application_identifier()
|
||||||
.context("Could not load application identifier")?
|
.context("Could not load application identifier")?
|
||||||
.ident();
|
.ident();
|
||||||
let pw_status = transaction
|
|
||||||
.pw_status_bytes()
|
|
||||||
.map_err(Error::PwStatusBytes)?;
|
|
||||||
let mut pin = None;
|
let mut pin = None;
|
||||||
for _ in 0..pw_status.err_count_pw1() {
|
while transaction
|
||||||
|
.pw_status_bytes()
|
||||||
|
.map_err(Error::PwStatusBytes)?
|
||||||
|
.err_count_pw1()
|
||||||
|
> 0
|
||||||
|
{
|
||||||
transaction.reload_ard()?;
|
transaction.reload_ard()?;
|
||||||
let attempts = transaction
|
let attempts = transaction
|
||||||
.pw_status_bytes()
|
.pw_status_bytes()
|
||||||
|
@ -231,13 +234,18 @@ impl DecryptionHelper for &mut SmartcardManager {
|
||||||
format!("Unlock card {card_id} ({cardholder_name})\n\n{rpea}: {attempts}")
|
format!("Unlock card {card_id} ({cardholder_name})\n\n{rpea}: {attempts}")
|
||||||
};
|
};
|
||||||
let temp_pin = self.pm.prompt_passphrase("Smartcard User PIN", message)?;
|
let temp_pin = self.pm.prompt_passphrase("Smartcard User PIN", message)?;
|
||||||
if transaction
|
let verification_status =
|
||||||
.verify_user_pin(temp_pin.expose_secret().as_str().trim())
|
transaction.verify_user_pin(temp_pin.expose_secret().as_str().trim());
|
||||||
.is_ok()
|
match verification_status {
|
||||||
{
|
Ok(_) => {
|
||||||
pin.replace(temp_pin);
|
pin.replace(temp_pin);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
Err(CardError::CardStatus(StatusBytes::IncorrectParametersCommandDataField)) => {
|
||||||
|
self.pm.prompt_message("Invalid PIN length entered.")?;
|
||||||
|
}
|
||||||
|
Err(_) => {}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
let pin = pin.ok_or(Error::InvalidPIN)?;
|
let pin = pin.ok_or(Error::InvalidPIN)?;
|
||||||
let mut user = transaction
|
let mut user = transaction
|
||||||
|
|
Loading…
Reference in New Issue