public void PerformTrustedGUIAuthorization (int key_handle, ref byte[] authorization, ref bool tga)
{
KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle);
if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0)
{
if (kpi.InputMethod == InputMethod.TRUSTED_GUI)
{
if (authorization != null)
{
throw new System.ArgumentException ("Redundant \"Authorization\"");
}
}
else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null)
{
tga = false;
return;
}
if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0)
{
MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors",
"Authorization Error",
MessageBoxButtons.OK,
MessageBoxIcon.Exclamation);
throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT);
}
KeyAttributes ka = getKeyAttributes (key_handle);
if (kpi.EnablePINCaching)
{
if (tga)
{
// Failed to authenticate - Clear cache
pin_cache.Remove (key_handle);
}
else if (pin_cache.ContainsKey (key_handle))
{
// First try and we do have a cache - Use it
tga = true;
authorization = GetEncryptedAuthorization (pin_cache[key_handle]);
return;
}
}
SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle,
(PassphraseFormat)kpi.Format,
(Grouping)kpi.Grouping,
(AppUsage)ka.AppUsage,
kpi.PINErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PINErrorCount);
if (authorization_form.ShowDialog() == DialogResult.OK)
{
authorization =
((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ?
Hex.Decode (authorization_form.password)
:
System.Text.Encoding.UTF8.GetBytes(authorization_form.password);
if (kpi.EnablePINCaching)
{
// Although the authorization may be incorrect we will just be
// prompted again so we can save it in the cache anyway
pin_cache[key_handle] = authorization;
}
authorization = GetEncryptedAuthorization (authorization);
tga = true;
}
else
{
throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT);
}
}
else
{
tga = false;
}
}
public void PerformTrustedGUIAuthorization(int key_handle, ref byte[] authorization, ref bool tga)
{
KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle);
if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0)
{
if (kpi.InputMethod == InputMethod.TRUSTED_GUI)
{
if (authorization != null)
{
throw new System.ArgumentException("Redundant \"Authorization\"");
}
}
else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null)
{
tga = false;
return;
}
if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0)
{
MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors",
"Authorization Error",
MessageBoxButtons.OK,
MessageBoxIcon.Exclamation);
throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT);
}
KeyAttributes ka = getKeyAttributes(key_handle);
if (kpi.EnablePinCaching)
{
if (tga)
{
// Failed to authenticate - Clear cache
pin_cache.Remove(key_handle);
}
else if (pin_cache.ContainsKey(key_handle))
{
// First try and we do have a cache - Use it
tga = true;
authorization = GetEncryptedAuthorization(pin_cache[key_handle]);
return;
}
}
SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle,
(PassphraseFormat)kpi.Format,
(Grouping)kpi.Grouping,
(AppUsage)ka.AppUsage,
kpi.PinErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PinErrorCount);
if (authorization_form.ShowDialog() == DialogResult.OK)
{
authorization =
((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ?
Hex.Decode(authorization_form.password)
:
System.Text.Encoding.UTF8.GetBytes(authorization_form.password);
if (kpi.EnablePinCaching)
{
// Although the authorization may be incorrect we will just be
// prompted again so we can save it in the cache anyway
pin_cache[key_handle] = authorization;
}
authorization = GetEncryptedAuthorization(authorization);
tga = true;
}
else
{
throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT);
}
}
else
{
tga = false;
}
}
