Detect invalid PIN lengths and ask the user again
We also detect the specific case where the PIN returned by the user is likely a YubiKey OTP, generated by the user touching it early. Closes str4d/age-plugin-yubikey#37.
This commit is contained in:
+10
@@ -1,4 +1,5 @@
|
||||
use std::fmt;
|
||||
use std::iter;
|
||||
|
||||
use x509_parser::{certificate::X509Certificate, der_parser::oid::Oid};
|
||||
use yubikey::{
|
||||
@@ -61,6 +62,15 @@ pub(crate) fn touch_policy_to_str(policy: Option<TouchPolicy>) -> &'static str {
|
||||
}
|
||||
}
|
||||
|
||||
const MODHEX: &str = "cbdefghijklnrtuv";
|
||||
pub(crate) fn otp_serial_prefix(serial: Serial) -> String {
|
||||
iter::repeat(0)
|
||||
.take(4)
|
||||
.chain((0..8).rev().map(|i| (serial.0 >> (4 * i)) & 0x0f))
|
||||
.map(|i| MODHEX.char_indices().nth(i as usize).unwrap().1)
|
||||
.collect()
|
||||
}
|
||||
|
||||
pub(crate) fn extract_name(cert: &X509Certificate, all: bool) -> Option<(String, bool)> {
|
||||
// Look at Subject Organization to determine if we created this.
|
||||
match cert.subject().iter_organization().next() {
|
||||
|
||||
Reference in New Issue
Block a user