Пример #1
0
        public void PerformTrustedGUIAuthorization (int key_handle, ref byte[] authorization, ref bool tga)
        {
            KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle);
            if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0)
            {
                if (kpi.InputMethod == InputMethod.TRUSTED_GUI)
                {
                    if (authorization != null)
                    {
                        throw new System.ArgumentException ("Redundant \"Authorization\"");
                    }
                }
                else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null)
                {
					tga = false;
                    return;
                }
	            if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0)
	            {
	                MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors",
	                                "Authorization Error",
                                    MessageBoxButtons.OK,
                                    MessageBoxIcon.Exclamation);
	                throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT);
	            }
	            KeyAttributes ka = getKeyAttributes (key_handle);
	            if (kpi.EnablePINCaching)
	            {
	                if (tga)
	                {
						// Failed to authenticate - Clear cache
	                    pin_cache.Remove (key_handle);
	                }
	                else if (pin_cache.ContainsKey (key_handle))
	                {
	                    // First try and we do have a cache - Use it
	                    tga = true;
	                    authorization = GetEncryptedAuthorization (pin_cache[key_handle]);
	                    return;
	                }
	            }
                SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle,
                                                                                       (PassphraseFormat)kpi.Format,
                                                                                       (Grouping)kpi.Grouping,
                                                                                       (AppUsage)ka.AppUsage,
                                                                                       kpi.PINErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PINErrorCount);
                if (authorization_form.ShowDialog() == DialogResult.OK)
                {
                	authorization = 
                	   ((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ?
                	                                                Hex.Decode (authorization_form.password)
                	                                                             :
                	                                                System.Text.Encoding.UTF8.GetBytes(authorization_form.password);
    	            if (kpi.EnablePINCaching)
	                {
	                	// Although the authorization may be incorrect we will just be
	                	// prompted again so we can save it in the cache anyway
                    	pin_cache[key_handle] = authorization;
                    }
                    authorization = GetEncryptedAuthorization (authorization); 
					tga = true;
           		}
           		else
           		{
                    throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT);
                }
           	}
           	else
           	{
                tga = false;
            }
         }
        public void PerformTrustedGUIAuthorization(int key_handle, ref byte[] authorization, ref bool tga)
        {
            KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle);

            if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0)
            {
                if (kpi.InputMethod == InputMethod.TRUSTED_GUI)
                {
                    if (authorization != null)
                    {
                        throw new System.ArgumentException("Redundant \"Authorization\"");
                    }
                }
                else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null)
                {
                    tga = false;
                    return;
                }
                if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0)
                {
                    MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors",
                                    "Authorization Error",
                                    MessageBoxButtons.OK,
                                    MessageBoxIcon.Exclamation);
                    throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT);
                }
                KeyAttributes ka = getKeyAttributes(key_handle);
                if (kpi.EnablePinCaching)
                {
                    if (tga)
                    {
                        // Failed to authenticate - Clear cache
                        pin_cache.Remove(key_handle);
                    }
                    else if (pin_cache.ContainsKey(key_handle))
                    {
                        // First try and we do have a cache - Use it
                        tga           = true;
                        authorization = GetEncryptedAuthorization(pin_cache[key_handle]);
                        return;
                    }
                }
                SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle,
                                                                                       (PassphraseFormat)kpi.Format,
                                                                                       (Grouping)kpi.Grouping,
                                                                                       (AppUsage)ka.AppUsage,
                                                                                       kpi.PinErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PinErrorCount);
                if (authorization_form.ShowDialog() == DialogResult.OK)
                {
                    authorization =
                        ((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ?
                        Hex.Decode(authorization_form.password)
                                                                                     :
                        System.Text.Encoding.UTF8.GetBytes(authorization_form.password);
                    if (kpi.EnablePinCaching)
                    {
                        // Although the authorization may be incorrect we will just be
                        // prompted again so we can save it in the cache anyway
                        pin_cache[key_handle] = authorization;
                    }
                    authorization = GetEncryptedAuthorization(authorization);
                    tga           = true;
                }
                else
                {
                    throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT);
                }
            }
            else
            {
                tga = false;
            }
        }