security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

Add user defined pinentry prompts for SCD.

Browse source 
This adds scdaemon "OPTION pin-prompt" and "OPTION pin-admin-prompt"
along with special escapes to replace in the prompt string to inform the
user of a signature count and admin PIN attempts remaining.

It also adds another "standard" pinentry escape "|I|" to ignore the
default pinentry prompt from gpg-agent and use the supplied 'info'
parameter unmodified (cannot be used with other pinentry flags).

* agent/divert-scd.c (getpin_cb): Add |I| pinentry flag to ignore the
default prompt and use the 'info' parameter as the entire prompt.
* scd/app-common.h (PIN_PROMPT_NONE, PIN_SIGN_PROMPT, PIN_ADMIN_PROMPT):
New enumeration.
(set_pin_prompt): New application callback to set a user-defined
pinentry prompt.
* scd/app-openpgp.c (verify_a_chv): Expand a user-defined pinentry
prompt.
(build_enter_admin_pin_prompt): Ditto.
(do_change_pin): Ditto.
(do_set_pin_prompt): New.
* scd/app.c (expand_pin_prompt): New.
(app_set_pin_prompt): Ditto.
* scd/command.c (set_pinentry_prompt): New.
(option_handler): Add option 'pin-prompt' and 'pin-admin-prompt'.
(open_card): Set the user-defined pinentry prompts after selecting an
application.
This commit is contained in:
Ben Kibbey 2012-01-10 22:10:36 -05:00
parent 30ec869b8c
commit 633ea8531e
6 changed files with 313 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

12
agent/divert-scd.c
View file

@ -166,6 +166,8 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo,
'A' = The PIN is an Admin PIN, SO-PIN or alike.
'P' = The PIN is a PUK (Personal Unblocking Key).
'R' = The PIN is a Reset Code.
'I' = Ignore using the default prompt and use 'info' as the entire
prompt. Cannot be used with other flags.
Example:
@ -185,6 +187,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
int newpin = 0;
int resetcode = 0;
int is_puk = 0;
int ignore = 0;
const char *again_text = NULL;
const char *prompt = "PIN";
@ -212,6 +215,8 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
prompt = _("Reset Code");
resetcode = 1;
}
else if (*s == 'I')
ignore = 1;
}
info = ends+1;
any_flags = 1;
@ -219,6 +224,9 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
else if (info && *info == '|')
log_debug ("pin_cb called without proper PIN info hack\n");
if (ignore)
any_flags = 0;
/* If BUF has been passed as NULL, we are in keypad mode: The
callback opens the popup and immediatley returns. */
if (!buf)
@ -305,8 +313,8 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
}
else
{
char *desc;
if ( asprintf (&desc,
char *desc = NULL;
if (!ignore && asprintf (&desc,
_("Please enter the PIN%s%s%s to unlock the card"),
info? " (`":"",
info? info:"",