keyfork-shard: add message for PIN too short

Cargo.lock

@@ -1077,6 +1077,7 @@ dependencies = [
  "card-backend-pcsc",
  "keyfork-derive-openpgp",
  "keyfork-pinentry",
+ "openpgp-card",
  "openpgp-card-sequoia",
  "sequoia-openpgp",
  "serde",

keyfork-shard/Cargo.toml

@@ -8,7 +8,7 @@ edition = "2021"
 [features]
 default = ["openpgp", "openpgp-card"]
 openpgp = ["sequoia-openpgp", "prompt"]
-openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend"]
+openpgp-card = ["openpgp-card-sequoia", "card-backend-pcsc", "card-backend", "dep:openpgp-card"]
 prompt = ["keyfork-pinentry"]
 
 [dependencies]
@@ -19,6 +19,7 @@ card-backend-pcsc = { version = "0.5.0", optional = true }
 keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp" }
 keyfork-pinentry = { version = "0.5.0", path = "../keyfork-pinentry", optional = true }
 openpgp-card-sequoia = { version = "0.2.0", optional = true }
+openpgp-card = { version = "0.4.0", optional = true }
 sequoia-openpgp = { version = "1.16.1", optional = true }
 serde = "1.0.188"
 sharks = "0.5.0"

keyfork-shard/src/openpgp/smartcard.rs

@@ -13,6 +13,7 @@ use crate::prompt_manager::{PinentryError, PromptManager};
 
 use anyhow::Context;
 use card_backend_pcsc::PcscBackend;
+use openpgp_card::{Error as CardError, StatusBytes};
 use openpgp_card_sequoia::{state::Open, types::Error as SequoiaCardError, Card};
 
 #[derive(thiserror::Error, Debug)]
@@ -52,7 +53,7 @@ fn format_name(input: impl AsRef<str>) -> String {
         .as_ref()
         .split("<<")
         .take(2)
-        .map(|s| s.replace('>', " "))
+        .map(|s| s.replace('<', " "))
         .collect::<Vec<_>>();
     n.reverse();
     n.join(" ")
@@ -214,11 +215,13 @@ impl DecryptionHelper for &mut SmartcardManager {
             .application_identifier()
             .context("Could not load application identifier")?
             .ident();
-        let pw_status = transaction
-            .pw_status_bytes()
-            .map_err(Error::PwStatusBytes)?;
         let mut pin = None;
-        for _ in 0..pw_status.err_count_pw1() {
+        while transaction
+            .pw_status_bytes()
+            .map_err(Error::PwStatusBytes)?
+            .err_count_pw1()
+            > 0
+        {
             transaction.reload_ard()?;
             let attempts = transaction
                 .pw_status_bytes()
@@ -231,12 +234,17 @@ impl DecryptionHelper for &mut SmartcardManager {
                 format!("Unlock card {card_id} ({cardholder_name})\n\n{rpea}: {attempts}")
             };
             let temp_pin = self.pm.prompt_passphrase("Smartcard User PIN", message)?;
-            if transaction
+            let verification_status =
-                .verify_user_pin(temp_pin.expose_secret().as_str().trim())
+                transaction.verify_user_pin(temp_pin.expose_secret().as_str().trim());
-                .is_ok()
+            match verification_status {
-            {
+                Ok(_) => {
-                pin.replace(temp_pin);
+                    pin.replace(temp_pin);
-                break;
+                    break;
+                }
+                Err(CardError::CardStatus(StatusBytes::IncorrectParametersCommandDataField)) => {
+                    self.pm.prompt_message("Invalid PIN length entered.")?;
+                }
+                Err(_) => {}
             }
         }
         let pin = pin.ok_or(Error::InvalidPIN)?;