aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <me@robin-krahl.de>2018-12-11 12:09:21 +0100
committerDaniel Müller <d-e-s-o@users.noreply.github.com>2018-12-11 17:34:18 -0800
commitc67ecea7e22b890a3014a884585d801a2fcc3293 (patch)
tree7b70da4eceb6a5ad5797e97c879e1151a4bbc6c6
parent96108bef3fecff98509f6200025d7993c820cd58 (diff)
downloadnitrocli-c67ecea7e22b890a3014a884585d801a2fcc3293.tar.gz
nitrocli-c67ecea7e22b890a3014a884585d801a2fcc3293.tar.bz2
Show error in pinentry dialog instead of printing to stdout
Currently, the error message for a wrong password is printed to the standard output. Yet the standard output might not be visible to the user if they are using the curses frontend for pinentry. Pinentry already supports displaying an error message in the passphrase prompt. This patch moves the error message from the standard output to the pinentry prompt.
-rw-r--r--nitrocli/src/main.rs5
-rw-r--r--nitrocli/src/pinentry.rs8
2 files changed, 8 insertions, 5 deletions
diff --git a/nitrocli/src/main.rs b/nitrocli/src/main.rs
index 3ec3243..0ba232f 100644
--- a/nitrocli/src/main.rs
+++ b/nitrocli/src/main.rs
@@ -253,8 +253,9 @@ fn open() -> Result<()> {
nitrokey_do(&|handle| {
let mut retry = 3;
+ let mut error_msg: Option<&str> = None;
loop {
- let passphrase = pinentry::inquire_passphrase()?;
+ let passphrase = pinentry::inquire_passphrase(error_msg)?;
let payload = nitrokey::EnableEncryptedVolumeCommand::new(&passphrase);
let report = nitrokey::Report::from(payload);
@@ -267,7 +268,7 @@ fn open() -> Result<()> {
retry -= 1;
if retry > 0 {
- println!("Wrong password, please reenter");
+ error_msg = Some("Wrong password, please reenter");
continue;
}
let error = "Opening encrypted volume failed: Wrong password";
diff --git a/nitrocli/src/pinentry.rs b/nitrocli/src/pinentry.rs
index 028550f..6cf3093 100644
--- a/nitrocli/src/pinentry.rs
+++ b/nitrocli/src/pinentry.rs
@@ -49,12 +49,14 @@ fn parse_pinentry_passphrase(response: Vec<u8>) -> Result<Vec<u8>, Error> {
}
-pub fn inquire_passphrase() -> Result<Vec<u8>, Error> {
- const PINENTRY_ERROR_MSG: &str = "+";
+pub fn inquire_passphrase(error_msg: Option<&str>) -> Result<Vec<u8>, Error> {
+ const PINENTRY_ERROR_MSG_EMPTY: &str = "+";
const PINENTRY_PROMPT: &str = "PIN";
const PINENTRY_DESCR: &str = "Please+enter+user+PIN";
- let args = vec![CACHE_ID, PINENTRY_ERROR_MSG, PINENTRY_PROMPT, PINENTRY_DESCR].join(" ");
+ let error_msg = error_msg.map(|msg| msg.replace(" ", "+"))
+ .unwrap_or(PINENTRY_ERROR_MSG_EMPTY.to_string());
+ let args = vec![CACHE_ID, &error_msg, PINENTRY_PROMPT, PINENTRY_DESCR].join(" ");
let command = "GET_PASSPHRASE --data ".to_string() + &args;
// We could also use the --data parameter here to have a more direct
// representation of the passphrase but the resulting response was