public void PerformTrustedGUIAuthorization (int key_handle, ref byte[] authorization, ref bool tga) { KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle); if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0) { if (kpi.InputMethod == InputMethod.TRUSTED_GUI) { if (authorization != null) { throw new System.ArgumentException ("Redundant \"Authorization\""); } } else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null) { tga = false; return; } if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0) { MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors", "Authorization Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT); } KeyAttributes ka = getKeyAttributes (key_handle); if (kpi.EnablePINCaching) { if (tga) { // Failed to authenticate - Clear cache pin_cache.Remove (key_handle); } else if (pin_cache.ContainsKey (key_handle)) { // First try and we do have a cache - Use it tga = true; authorization = GetEncryptedAuthorization (pin_cache[key_handle]); return; } } SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle, (PassphraseFormat)kpi.Format, (Grouping)kpi.Grouping, (AppUsage)ka.AppUsage, kpi.PINErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PINErrorCount); if (authorization_form.ShowDialog() == DialogResult.OK) { authorization = ((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ? Hex.Decode (authorization_form.password) : System.Text.Encoding.UTF8.GetBytes(authorization_form.password); if (kpi.EnablePINCaching) { // Although the authorization may be incorrect we will just be // prompted again so we can save it in the cache anyway pin_cache[key_handle] = authorization; } authorization = GetEncryptedAuthorization (authorization); tga = true; } else { throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT); } } else { tga = false; } }
public void PerformTrustedGUIAuthorization(int key_handle, ref byte[] authorization, ref bool tga) { KeyProtectionInfo kpi = getKeyProtectionInfo(key_handle); if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_PROTECTED) != 0) { if (kpi.InputMethod == InputMethod.TRUSTED_GUI) { if (authorization != null) { throw new System.ArgumentException("Redundant \"Authorization\""); } } else if (kpi.InputMethod == InputMethod.PROGRAMMATIC || authorization != null) { tga = false; return; } if ((kpi.ProtectionStatus & KeyProtectionInfo.PROTSTAT_PIN_BLOCKED) != 0) { MessageBox.Show("Key #" + key_handle + " is blocked due to previous PIN errors", "Authorization Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); throw new SKSException("Key locked, user message", SKSException.ERROR_USER_ABORT); } KeyAttributes ka = getKeyAttributes(key_handle); if (kpi.EnablePinCaching) { if (tga) { // Failed to authenticate - Clear cache pin_cache.Remove(key_handle); } else if (pin_cache.ContainsKey(key_handle)) { // First try and we do have a cache - Use it tga = true; authorization = GetEncryptedAuthorization(pin_cache[key_handle]); return; } } SKSAuthorizationDialog authorization_form = new SKSAuthorizationDialog(key_handle, (PassphraseFormat)kpi.Format, (Grouping)kpi.Grouping, (AppUsage)ka.AppUsage, kpi.PinErrorCount == 0 ? 0 : kpi.RetryLimit - kpi.PinErrorCount); if (authorization_form.ShowDialog() == DialogResult.OK) { authorization = ((PassphraseFormat)kpi.Format == PassphraseFormat.BINARY) ? Hex.Decode(authorization_form.password) : System.Text.Encoding.UTF8.GetBytes(authorization_form.password); if (kpi.EnablePinCaching) { // Although the authorization may be incorrect we will just be // prompted again so we can save it in the cache anyway pin_cache[key_handle] = authorization; } authorization = GetEncryptedAuthorization(authorization); tga = true; } else { throw new SKSException("Canceled by user", SKSException.ERROR_USER_ABORT); } } else { tga = false; } }