[rs-commit] r47 - in /redwax-signtext/trunk/src/linux: crypto.c signtext.h
rs-commit at redwax.eu
rs-commit at redwax.eu
Tue Sep 13 18:05:30 CEST 2022
Author: minfrin at redwax.eu
Date: Tue Sep 13 18:05:29 2022
New Revision: 47
Log:
Fix the sensitivity of the PIN.
Modified:
redwax-signtext/trunk/src/linux/crypto.c
redwax-signtext/trunk/src/linux/signtext.h
Modified: redwax-signtext/trunk/src/linux/crypto.c
==============================================================================
--- redwax-signtext/trunk/src/linux/crypto.c (original)
+++ redwax-signtext/trunk/src/linux/crypto.c Tue Sep 13 18:05:29 2022
@@ -110,12 +110,13 @@
SignTextData *signtext = signtext_token->signtext;
GList *incoming, *current, *l;
GError *gerror = NULL;
+ guint certificates_len;
g_printerr("crypto_slots_done\n");
incoming = gck_enumerator_next_finish(GCK_ENUMERATOR(source_object), res, &gerror);
- for (l = incoming; l; l = g_list_next (l)) {
+ for (l = incoming, certificates_len = 0; l; l = g_list_next (l), certificates_len++) {
if (!gcr_collection_contains(signtext->incoming, l->data)) {
g_object_ref(l->data);
@@ -132,6 +133,8 @@
}
gck_list_unref_free(incoming);
+
+ signtext->certificates_len += certificates_len;
if (signtext_token->next) {
g_idle_add((GSourceFunc)crypto_slot_do, signtext_token->next);
@@ -238,6 +241,7 @@
g_idle_add((GSourceFunc)crypto_slot_do, signtext_token);
signtext->slots_len = slots_len;
+ signtext->certificates_len = 0;
return FALSE;
}
@@ -264,12 +268,15 @@
{
SignTextData *signtext = user_data;
GError *gerror = NULL;
+ guint modules_len;
g_printerr("crypto_init_done\n");
signtext->modules = gck_modules_initialize_registered_finish(res, &gerror);
- if (!g_list_length(signtext->modules)) {
+ modules_len = g_list_length(signtext->modules);
+
+ if (!modules_len) {
gerror = g_error_new(RST_CORE_ERROR, RST_CORE_ERROR_NO_MODULES, "No PKCS11 modules are available on this system. Text cannot be signed.");
goto fatal;
}
@@ -288,6 +295,8 @@
g_error_free (gerror);
}
+ signtext->modules_len = modules_len;
+
}
@@ -313,11 +322,14 @@
GcrPkcs11Certificate *certificate = GCR_PKCS11_CERTIFICATE(selected);
- GckTokenInfo *token_info = g_object_get_data(G_OBJECT (certificate), "token-info");
+ GckSlot *slot = g_object_get_data(G_OBJECT (certificate), "slot");
+
+ GckTokenInfo *token_info = gck_slot_get_token_info (slot);
if (token_info) {
gboolean can_sign = FALSE;
+ gboolean can_pin = FALSE;
g_printerr("crypto_selector_changed: token\n");
@@ -325,74 +337,93 @@
if (token_info->flags & CKF_PROTECTED_AUTHENTICATION_PATH) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "accessories-calculator-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), FALSE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "Use pinpad to enter PIN");
gtk_entry_set_text(GTK_ENTRY(instance->pin), "");
can_sign = TRUE;
+ can_pin = FALSE;
+g_printerr("crypto_selector_changed: CKF_PROTECTED_AUTHENTICATION_PATH\n");
+
}
else {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-password-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), TRUE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "Enter your PIN");
gtk_entry_set_text(GTK_ENTRY(instance->pin), "");
can_sign = token_info->min_pin_len ? FALSE : TRUE;
+ can_pin = TRUE;
+
+g_printerr("crypto_selector_changed: PIN\n");
}
if (!(token_info->flags & CKF_USER_PIN_INITIALIZED)) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-error-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), FALSE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "PIN is not initialised");
can_sign = FALSE;
+ can_pin = FALSE;
+
+g_printerr("crypto_selector_changed: PIN is not initialised\n");
+
}
else if (token_info->flags & CKF_USER_PIN_LOCKED) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-error-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), FALSE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "PIN is locked");
can_sign = FALSE;
+ can_pin = FALSE;
+
+g_printerr("crypto_selector_changed: PIN is locked\n");
}
else if (token_info->flags & CKF_USER_PIN_TO_BE_CHANGED) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-unavailable-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), FALSE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "PIN must be changed before use");
can_sign = FALSE;
+ can_pin = FALSE;
+
+g_printerr("crypto_selector_changed: PIN must be changed before use\n");
}
else if (token_info->flags & CKF_USER_PIN_FINAL_TRY) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-warning-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), TRUE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "Final try on PIN");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), TRUE);
+
+g_printerr("crypto_selector_changed: Final try on PIN\n");
+
}
else if (token_info->flags & CKF_USER_PIN_COUNT_LOW) {
gtk_entry_set_icon_from_icon_name(instance->pin, GTK_ENTRY_ICON_PRIMARY, "dialog-warning-symbolic");
- gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), TRUE);
gtk_entry_set_placeholder_text(GTK_ENTRY(instance->pin), "PIN retries are low");
+
+g_printerr("crypto_selector_changed: PIN retries are low\n");
}
+else {
+g_printerr("crypto_selector_changed: %d\n", (int)token_info->flags);
+}
gtk_widget_set_sensitive(GTK_WIDGET(instance->sign), can_sign);
-
- }
- }
-
-}
-
-void crypto_pin_changed(GcrComboSelector *selector,
- gpointer user_data)
+ gtk_widget_set_sensitive(GTK_WIDGET(instance->pin), can_pin);
+
+ }
+ }
+
+}
+
+void crypto_pin_changed(GtkEntry *pin,
+ gpointer user_data)
{
GcrPkcs11Certificate *certificate;
SignTextInstance *instance = user_data;
g_printerr("crypto_pin_changed\n");
- certificate = GCR_PKCS11_CERTIFICATE(gcr_combo_selector_get_selected(selector));
+ certificate = GCR_PKCS11_CERTIFICATE(gcr_combo_selector_get_selected(instance->selector));
if (certificate) {
- GckTokenInfo *token_info = g_object_get_data(G_OBJECT (certificate), "token-info");
+ GckSlot *slot = g_object_get_data(G_OBJECT (certificate), "slot");
+
+ GckTokenInfo *token_info = gck_slot_get_token_info (slot);
if (token_info) {
@@ -837,7 +868,7 @@
g_error_free (gerror);
}
-// FIXME: update the UI with the new status of PIN attempts
+ crypto_selector_changed(instance->selector, instance);
}
Modified: redwax-signtext/trunk/src/linux/signtext.h
==============================================================================
--- redwax-signtext/trunk/src/linux/signtext.h (original)
+++ redwax-signtext/trunk/src/linux/signtext.h Tue Sep 13 18:05:29 2022
@@ -58,7 +58,9 @@
GList *slots;
GcrCollection *incoming;
GcrCollection *certificates;
+ guint modules_len;
guint slots_len;
+ guint certificates_len;
} SignTextData;
typedef struct SignTextToken SignTextToken;
More information about the rs-commit
mailing list