Intercept PIN errors and replace with PUK errors as necessary

Once iqlusioninc/yubikey.rs#479 is part of a `yubikey` release we
can migrate to, this will mean that users get correctly notified
of incorrect PUK entry, instead of being told it is an incorrect
PIN issue.
This commit is contained in:
Jack Grigg
2023-02-12 20:47:58 +00:00
parent 70c109aa1d
commit e86cd8113c
3 changed files with 23 additions and 3 deletions
+7 -1
View File
@@ -333,7 +333,13 @@ pub(crate) fn manage(yubikey: &mut YubiKey) -> Result<(), Error> {
}
};
let new_pin = new_pin.expose_secret();
yubikey.change_puk(current_puk.as_bytes(), new_pin.as_bytes())?;
yubikey
.change_puk(current_puk.as_bytes(), new_pin.as_bytes())
.map_err(|e| match e {
yubikey::Error::PinLocked => Error::PukLocked,
yubikey::Error::WrongPin { tries } => Error::WrongPuk(tries),
_ => Error::YubiKey(e),
})?;
yubikey.change_pin(pin.as_bytes(), new_pin.as_bytes())?;
}