From 1e9627ad412f364f3c5f556c5bb2ca2bb076d06d Mon Sep 17 00:00:00 2001 From: Daniel Mueller Date: Mon, 27 Mar 2017 20:45:25 -0700 Subject: Add pinentry module We do not want to roll our own infrastructure for entering a password (or PIN) securely, as there are existing providers of such functionality. gpg-agent, which uses pinentry for this very purpose, is such a program and we can safely assume to be present because we use it with the smartcard part of the nitrokey. This change introduces a new module, pinentry.rs, that provides the means to invoke gpg-agent to ask the user for a PIN and to parse the result. Using gpg-agent like this has two advantages that other solutions do not necessarily provide: first, because we use gpg-agent anyway it's pinentry configuration is as the user desires it and, hence, the integration appears seamless. And second, the agent caches pass phrases which alleviates the need for repeated entry should the credential be required again. --- nitrocli/src/error.rs | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'nitrocli/src/error.rs') diff --git a/nitrocli/src/error.rs b/nitrocli/src/error.rs index 65992f0..a88b5a7 100644 --- a/nitrocli/src/error.rs +++ b/nitrocli/src/error.rs @@ -19,11 +19,15 @@ use libhid; use std::fmt; +use std::io; +use std::string; #[derive(Debug)] pub enum Error { HidError(libhid::Error), + IoError(io::Error), + Utf8Error(string::FromUtf8Error), Error(String), } @@ -35,10 +39,26 @@ impl From for Error { } +impl From for Error { + fn from(e: io::Error) -> Error { + return Error::IoError(e); + } +} + + +impl From for Error { + fn from(e: string::FromUtf8Error) -> Error { + return Error::Utf8Error(e); + } +} + + impl fmt::Display for Error { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match *&self { &Error::HidError(ref e) => return write!(f, "hidapi error: {}", e), + &Error::Utf8Error(_) => return write!(f, "Encountered UTF-8 conversion error"), + &Error::IoError(ref e) => return write!(f, "IO error: {}", e.get_ref().unwrap()), &Error::Error(ref e) => return write!(f, "{}", e), } } -- cgit v1.2.1