diff options
| author | Robin Krahl <me@robin-krahl.de> | 2018-12-11 12:09:21 +0100 |
|---|---|---|
| committer | Daniel Müller <d-e-s-o@users.noreply.github.com> | 2018-12-11 17:34:18 -0800 |
| commit | c67ecea7e22b890a3014a884585d801a2fcc3293 (patch) | |
| tree | 7b70da4eceb6a5ad5797e97c879e1151a4bbc6c6 | |
| parent | 96108bef3fecff98509f6200025d7993c820cd58 (diff) | |
| download | nitrocli-c67ecea7e22b890a3014a884585d801a2fcc3293.tar.gz nitrocli-c67ecea7e22b890a3014a884585d801a2fcc3293.tar.bz2 | |
Show error in pinentry dialog instead of printing to stdout
Currently, the error message for a wrong password is printed to the
standard output. Yet the standard output might not be visible to the
user if they are using the curses frontend for pinentry. Pinentry
already supports displaying an error message in the passphrase prompt.
This patch moves the error message from the standard output to the
pinentry prompt.
| -rw-r--r-- | nitrocli/src/main.rs | 5 | ||||
| -rw-r--r-- | nitrocli/src/pinentry.rs | 8 |
2 files changed, 8 insertions, 5 deletions
diff --git a/nitrocli/src/main.rs b/nitrocli/src/main.rs index 3ec3243..0ba232f 100644 --- a/nitrocli/src/main.rs +++ b/nitrocli/src/main.rs @@ -253,8 +253,9 @@ fn open() -> Result<()> { nitrokey_do(&|handle| { let mut retry = 3; + let mut error_msg: Option<&str> = None; loop { - let passphrase = pinentry::inquire_passphrase()?; + let passphrase = pinentry::inquire_passphrase(error_msg)?; let payload = nitrokey::EnableEncryptedVolumeCommand::new(&passphrase); let report = nitrokey::Report::from(payload); @@ -267,7 +268,7 @@ fn open() -> Result<()> { retry -= 1; if retry > 0 { - println!("Wrong password, please reenter"); + error_msg = Some("Wrong password, please reenter"); continue; } let error = "Opening encrypted volume failed: Wrong password"; diff --git a/nitrocli/src/pinentry.rs b/nitrocli/src/pinentry.rs index 028550f..6cf3093 100644 --- a/nitrocli/src/pinentry.rs +++ b/nitrocli/src/pinentry.rs @@ -49,12 +49,14 @@ fn parse_pinentry_passphrase(response: Vec<u8>) -> Result<Vec<u8>, Error> { } -pub fn inquire_passphrase() -> Result<Vec<u8>, Error> { - const PINENTRY_ERROR_MSG: &str = "+"; +pub fn inquire_passphrase(error_msg: Option<&str>) -> Result<Vec<u8>, Error> { + const PINENTRY_ERROR_MSG_EMPTY: &str = "+"; const PINENTRY_PROMPT: &str = "PIN"; const PINENTRY_DESCR: &str = "Please+enter+user+PIN"; - let args = vec![CACHE_ID, PINENTRY_ERROR_MSG, PINENTRY_PROMPT, PINENTRY_DESCR].join(" "); + let error_msg = error_msg.map(|msg| msg.replace(" ", "+")) + .unwrap_or(PINENTRY_ERROR_MSG_EMPTY.to_string()); + let args = vec![CACHE_ID, &error_msg, PINENTRY_PROMPT, PINENTRY_DESCR].join(" "); let command = "GET_PASSPHRASE --data ".to_string() + &args; // We could also use the --data parameter here to have a more direct // representation of the passphrase but the resulting response was |