Merge pull request #64 from str4d/remove-touch-request-message
Don't print message if YubiKey is waiting for touch
This commit is contained in:
@@ -164,8 +164,6 @@ plugin-err-pin-too-short = PIN was too short.
|
|||||||
plugin-err-pin-too-long = PIN was too long.
|
plugin-err-pin-too-long = PIN was too long.
|
||||||
plugin-err-pin-required = A PIN is required for {-yubikey} with serial {$yubikey_serial}
|
plugin-err-pin-required = A PIN is required for {-yubikey} with serial {$yubikey_serial}
|
||||||
|
|
||||||
plugin-touch-yk = 👆 Please touch the {-yubikey}
|
|
||||||
|
|
||||||
## Errors
|
## Errors
|
||||||
|
|
||||||
err-custom-mgmt-key = Custom unprotected management keys are not supported.
|
err-custom-mgmt-key = Custom unprotected management keys are not supported.
|
||||||
|
|||||||
+10
-20
@@ -447,26 +447,16 @@ impl Connection {
|
|||||||
Ok(Ok(()))
|
Ok(Ok(()))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) fn unwrap_file_key<E>(
|
pub(crate) fn unwrap_file_key(&mut self, line: &RecipientLine) -> Result<FileKey, ()> {
|
||||||
&mut self,
|
|
||||||
line: &RecipientLine,
|
|
||||||
callbacks: &mut dyn Callbacks<E>,
|
|
||||||
) -> io::Result<Result<FileKey, ()>> {
|
|
||||||
assert_eq!(self.tag, line.tag);
|
assert_eq!(self.tag, line.tag);
|
||||||
|
|
||||||
// If the touch policy requires it, request a touch.
|
// Check if the touch policy requires a touch.
|
||||||
let requested_touch = match (
|
let needs_touch = match (
|
||||||
self.cached_metadata.as_ref().and_then(|m| m.touch_policy),
|
self.cached_metadata.as_ref().and_then(|m| m.touch_policy),
|
||||||
self.last_touch,
|
self.last_touch,
|
||||||
) {
|
) {
|
||||||
(Some(TouchPolicy::Always), _) | (Some(TouchPolicy::Cached), None) => {
|
(Some(TouchPolicy::Always), _) | (Some(TouchPolicy::Cached), None) => true,
|
||||||
callbacks.message(&fl!("plugin-touch-yk"))?.unwrap();
|
(Some(TouchPolicy::Cached), Some(last)) if last.elapsed() >= FIFTEEN_SECONDS => true,
|
||||||
true
|
|
||||||
}
|
|
||||||
(Some(TouchPolicy::Cached), Some(last)) if last.elapsed() >= FIFTEEN_SECONDS => {
|
|
||||||
callbacks.message(&fl!("plugin-touch-yk"))?.unwrap();
|
|
||||||
true
|
|
||||||
}
|
|
||||||
_ => false,
|
_ => false,
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -479,11 +469,11 @@ impl Connection {
|
|||||||
SlotId::Retired(self.slot),
|
SlotId::Retired(self.slot),
|
||||||
) {
|
) {
|
||||||
Ok(res) => res,
|
Ok(res) => res,
|
||||||
Err(_) => return Ok(Err(())),
|
Err(_) => return Err(()),
|
||||||
};
|
};
|
||||||
|
|
||||||
// If we requested a touch and reached here, the user touched the YubiKey.
|
// If we requested a touch and reached here, the user touched the YubiKey.
|
||||||
if requested_touch {
|
if needs_touch {
|
||||||
if let Some(TouchPolicy::Cached) =
|
if let Some(TouchPolicy::Cached) =
|
||||||
self.cached_metadata.as_ref().and_then(|m| m.touch_policy)
|
self.cached_metadata.as_ref().and_then(|m| m.touch_policy)
|
||||||
{
|
{
|
||||||
@@ -500,10 +490,10 @@ impl Connection {
|
|||||||
// A failure to decrypt is fatal, because we assume that we won't
|
// A failure to decrypt is fatal, because we assume that we won't
|
||||||
// encounter 32-bit collisions on the key tag embedded in the header.
|
// encounter 32-bit collisions on the key tag embedded in the header.
|
||||||
match aead_decrypt(&enc_key, FILE_KEY_BYTES, &line.encrypted_file_key) {
|
match aead_decrypt(&enc_key, FILE_KEY_BYTES, &line.encrypted_file_key) {
|
||||||
Ok(pt) => Ok(Ok(TryInto::<[u8; FILE_KEY_BYTES]>::try_into(&pt[..])
|
Ok(pt) => Ok(TryInto::<[u8; FILE_KEY_BYTES]>::try_into(&pt[..])
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.into())),
|
.into()),
|
||||||
Err(_) => Ok(Err(())),
|
Err(_) => Err(()),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-1
@@ -222,7 +222,7 @@ impl IdentityPluginV1 for IdentityPlugin {
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (stanza_index, line) in stanzas.iter().enumerate() {
|
for (stanza_index, line) in stanzas.iter().enumerate() {
|
||||||
match conn.unwrap_file_key(line, &mut callbacks)? {
|
match conn.unwrap_file_key(line) {
|
||||||
Ok(file_key) => {
|
Ok(file_key) => {
|
||||||
// We've managed to decrypt this file!
|
// We've managed to decrypt this file!
|
||||||
file_keys.entry(file_index).or_insert(Ok(file_key));
|
file_keys.entry(file_index).or_insert(Ok(file_key));
|
||||||
|
|||||||
Reference in New Issue
Block a user