summaryrefslogtreecommitdiff
path: root/rand/src/rngs/adapter
diff options
context:
space:
mode:
authorDaniel Mueller <deso@posteo.net>2017-03-27 20:45:25 -0700
committerDaniel Mueller <deso@posteo.net>2017-03-27 20:45:25 -0700
commit1e9627ad412f364f3c5f556c5bb2ca2bb076d06d (patch)
treead1e3191d72869234fa55d0ff993d1450866e372 /rand/src/rngs/adapter
parentde5ae8656387267bb4614bbab6b62784323f23c0 (diff)
downloadnitrocli-1e9627ad412f364f3c5f556c5bb2ca2bb076d06d.tar.gz
nitrocli-1e9627ad412f364f3c5f556c5bb2ca2bb076d06d.tar.bz2
Add pinentry module
We do not want to roll our own infrastructure for entering a password (or PIN) securely, as there are existing providers of such functionality. gpg-agent, which uses pinentry for this very purpose, is such a program and we can safely assume to be present because we use it with the smartcard part of the nitrokey. This change introduces a new module, pinentry.rs, that provides the means to invoke gpg-agent to ask the user for a PIN and to parse the result. Using gpg-agent like this has two advantages that other solutions do not necessarily provide: first, because we use gpg-agent anyway it's pinentry configuration is as the user desires it and, hence, the integration appears seamless. And second, the agent caches pass phrases which alleviates the need for repeated entry should the credential be required again.
Diffstat (limited to 'rand/src/rngs/adapter')
0 files changed, 0 insertions, 0 deletions