feat: v1.7.3, supports pinentry

2024-01-10 00:44:27 +08:00
parent 2bcb0fe5c4
commit 2bf0614854
3 changed files with 11 additions and 11 deletions
--- a/src/cmd_decrypt.rs
+++ b/src/cmd_decrypt.rs
@@ -488,7 +488,7 @@ fn try_decrypt_piv_key_ecdh(config: &Option<TinyEncryptConfig>,
        SubjectPublicKeyInfo::from_der(&e_pub_key_bytes), "Invalid envelop: {}");

    let slot = util_piv::read_piv_slot(config, &envelop.kid, slot)?;
-    let pin = util::read_pin(pin);
+    let pin = util::read_pin(pin)?;
    let epk_bytes = subject_public_key_info.subject_public_key.as_ref();

    let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");
@@ -518,7 +518,7 @@ fn try_decrypt_piv_key_rsa(config: &Option<TinyEncryptConfig>,
    let encrypted_key_bytes = opt_result!(util::decode_base64(&envelop.encrypted_key), "Decode encrypt key failed: {}");

    let slot = util_piv::read_piv_slot(config, &envelop.kid, slot)?;
-    let pin = util::read_pin(pin);
+    let pin = util::read_pin(pin)?;

    let mut yk = opt_result!(YubiKey::open(), "YubiKey not found: {}");
    let slot_id = util_piv::get_slot_id(&slot)?;
--- a/src/util.rs
+++ b/src/util.rs
@@ -28,8 +28,8 @@ impl AsRef<[u8]> for SecVec {
    }
 }

-pub fn read_pin(pin: &Option<String>) -> String {
-    match pin {
+pub fn read_pin(pin: &Option<String>) -> XResult<String> {
+    let rpin = match pin {
        Some(pin) => pin.to_string(),
        None => if !util_env::get_no_default_pin_hint() && util_term::read_yes_no("Use default PIN 123456, please confirm") {
            "123456".into()
@@ -37,18 +37,18 @@ pub fn read_pin(pin: &Option<String>) -> String {
            let pin_entry = util_env::get_pin_entry().unwrap_or_else(|| "pinentry".to_string());
            if let Some(mut input) = PassphraseInput::with_binary(pin_entry) {
                let secret = input
-                    .with_description("Enter new passphrase for FooBar")
-                    .with_prompt("Passphrase:")
-                    .with_confirmation("Confirm passphrase:", "Passphrases do not match")
+                    .with_description("Please input your PIN.")
+                    .with_prompt("PIN:")
                    .interact();
-                secret.expect("Read PIN from pinentry failed")
+                opt_result!(secret, "Read PIN from pinentry failed: {}")
                    .expose_secret()
                    .to_string()
            } else {
-                rpassword::prompt_password("Please input PIN: ").expect("Read PIN failed")
+                opt_result!(rpassword::prompt_password("Please input PIN: "), "Read PIN failed: {}")
            }
        }
-    }
+    };
+    Ok(rpin)
 }

 pub fn remove_file_with_msg(path: &PathBuf) {
--- a/src/util_pgp.rs
+++ b/src/util_pgp.rs
@@ -5,7 +5,7 @@ use rust_util::{failure, opt_result, opt_value_result, simple_error, success, wa
 use crate::util;

 pub fn read_and_verify_openpgp_pin(trans: &mut OpenPgpTransaction, pin: &Option<String>) -> XResult<()> {
-    let pin = util::read_pin(pin);
+    let pin = util::read_pin(pin)?;
    if let Err(e) = trans.verify_pw1_user(pin.as_ref()) {
        failure!("Verify user pin failed: {}", e);
        return simple_error!("User pin verify failed: {}", e);