private void AddKeyButtonClick(object sender, EventArgs e)
{
if (keePassFIDO2Ext.PluginHost.Database.MasterKey.UserKeyCount > 1)
{
ShowStatusMessage("Error: The database is protected by more than one user key. Only one user key is supported at this time.");
return;
}
var keyBytes = keePassFIDO2Ext.PluginHost.Database.MasterKey.UserKeys.First().KeyData.ReadData();
if (keyBytes.Length != 32)
{
ShowStatusMessage("Error: Only 32-byte long keys are supported at this time.");
return;
}
byte[] pinBytes;
using (var pinForm = new PinForm())
{
if (pinForm.ShowDialog() != DialogResult.OK)
{
return;
}
pinBytes = pinForm.Pin;
}
if (pinBytes.Length > 63) // max length according to the spec
{
ShowStatusMessage("Error: max PIN length is 63 characters.");
MemUtil.ZeroByteArray(pinBytes);
return;
}
var result = DeviceCommunicator.ExecuteCreate(pinBytes, keyBytes);
// zero out all sensitive data
result.Clear();
if (result.ExitCode != 0)
{
ShowStatusMessage($"Error: device communicator exited with code {result.ExitCode}.");
return;
}
ShowStatusMessage("Key added. You can now unlock the database using the authenticator.");
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
MessageService.ShowWarning("KeePassFIDO2 can't be used to create new keys.");
return(null);
}
byte[] pinBytes;
// request device PIN via a new form
using (var pinForm = new PinForm())
{
if (pinForm.ShowDialog() != DialogResult.OK)
{
return(null);
}
pinBytes = pinForm.Pin;
}
// max ley length (spec)
if (pinBytes.Length > 63)
{
MemUtil.ZeroByteArray(pinBytes);
return(null);
}
var result = DeviceCommunicator.ExecuteGet(pinBytes);
if (result.ExitCode != 0)
{
// zero out all sensitive data
result.Clear();
MessageService.ShowWarning($"Device communicator exited with code {result.ExitCode}.");
return(null);
}
var keyBytes = result.ReadKey();
// zero out all sensitive data
result.Clear();
return(keyBytes);
}
