Compare commits
No commits in common. "9375bc39337c9b8ad4651163cb9559cd2cd45c3f" and "3df3caa235456fb3fbd9f75cafc5e13e29f8784c" have entirely different histories.
9375bc3933
...
3df3caa235
|
|
@ -46,8 +46,6 @@ fn derive_key(seed: &[u8], index: u8) -> Result<Cert> {
|
||||||
/// Factory reset the current card so long as it does not match the last-used backend.
|
/// Factory reset the current card so long as it does not match the last-used backend.
|
||||||
fn factory_reset_current_card(
|
fn factory_reset_current_card(
|
||||||
seen_cards: &mut HashSet<String>,
|
seen_cards: &mut HashSet<String>,
|
||||||
user_pin: &str,
|
|
||||||
admin_pin: &str,
|
|
||||||
cert: &Cert,
|
cert: &Cert,
|
||||||
) -> Result<()> {
|
) -> Result<()> {
|
||||||
let policy = openpgp::policy::NullPolicy::new();
|
let policy = openpgp::policy::NullPolicy::new();
|
||||||
|
|
@ -85,8 +83,6 @@ fn factory_reset_current_card(
|
||||||
admin.upload_key(signing_key, KeyType::Signing, None)?;
|
admin.upload_key(signing_key, KeyType::Signing, None)?;
|
||||||
admin.upload_key(decryption_key, KeyType::Decryption, None)?;
|
admin.upload_key(decryption_key, KeyType::Decryption, None)?;
|
||||||
admin.upload_key(authentication_key, KeyType::Authentication, None)?;
|
admin.upload_key(authentication_key, KeyType::Authentication, None)?;
|
||||||
transaction.change_user_pin("123456", user_pin)?;
|
|
||||||
transaction.change_admin_pin("12345678", admin_pin)?;
|
|
||||||
} else {
|
} else {
|
||||||
panic!("No smart card found");
|
panic!("No smart card found");
|
||||||
}
|
}
|
||||||
|
|
@ -108,16 +104,7 @@ fn generate_shard_secret(threshold: u8, max: u8, keys_per_shard: u8) -> Result<(
|
||||||
i + 1,
|
i + 1,
|
||||||
index + 1,
|
index + 1,
|
||||||
)))?;
|
)))?;
|
||||||
// TODO: add a second prompt for verification, perhaps as an argument to
|
factory_reset_current_card(&mut seen_cards, &cert)?;
|
||||||
// prompt_passphrase
|
|
||||||
let user_pin = pm.prompt_passphrase("Please enter the new smartcard User PIN: ")?;
|
|
||||||
let admin_pin = pm.prompt_passphrase("Please enter the new smartcard Admin PIN: ")?;
|
|
||||||
factory_reset_current_card(
|
|
||||||
&mut seen_cards,
|
|
||||||
user_pin.trim(),
|
|
||||||
admin_pin.trim(),
|
|
||||||
&cert,
|
|
||||||
)?;
|
|
||||||
}
|
}
|
||||||
certs.push(cert);
|
certs.push(cert);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@ fn main() -> ExitCode {
|
||||||
let opts = cli::Keyfork::parse();
|
let opts = cli::Keyfork::parse();
|
||||||
|
|
||||||
if let Err(e) = opts.command .handle(&opts) {
|
if let Err(e) = opts.command .handle(&opts) {
|
||||||
eprintln!("Unable to run command: {e}");
|
println!("Unable to run command: {e}");
|
||||||
let mut source = e.source();
|
let mut source = e.source();
|
||||||
while let Some(new_error) = source.take() {
|
while let Some(new_error) = source.take() {
|
||||||
eprintln!("Source: {new_error}");
|
eprintln!("Source: {new_error}");
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,7 @@ pub enum Error {
|
||||||
#[error("Neither KEYFORK_SOCKET_PATH nor XDG_RUNTIME_DIR were set")]
|
#[error("Neither KEYFORK_SOCKET_PATH nor XDG_RUNTIME_DIR were set")]
|
||||||
EnvVarsNotFound,
|
EnvVarsNotFound,
|
||||||
|
|
||||||
#[error("Socket was unable to connect to {1}: {0} (make sure keyforkd is running)")]
|
#[error("Socket was unable to connect to {1}: {0}")]
|
||||||
Connect(std::io::Error, PathBuf),
|
Connect(std::io::Error, PathBuf),
|
||||||
|
|
||||||
#[error("Could not write to or from the socket: {0}")]
|
#[error("Could not write to or from the socket: {0}")]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue