From fe013cc895c83962a1fdba314ffb0f41d91ff7e7 Mon Sep 17 00:00:00 2001 From: "Thomas M. DuBuisson" Date: Tue, 25 Jun 2024 14:32:38 -0400 Subject: [PATCH 1/2] Prompt users for touching devices. --- pamu2fcfg/pamu2fcfg.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pamu2fcfg/pamu2fcfg.c b/pamu2fcfg/pamu2fcfg.c index cbc30a6..384a785 100644 --- a/pamu2fcfg/pamu2fcfg.c +++ b/pamu2fcfg/pamu2fcfg.c @@ -201,7 +201,7 @@ static int make_cred(const struct args *args, const char *path, fido_dev_t *dev, if ((devopts & PIN_SET) && (r == FIDO_ERR_PIN_REQUIRED || r == FIDO_ERR_UV_BLOCKED || r == FIDO_ERR_PIN_BLOCKED)) { - n = snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ", path); + n = snprintf(prompt, sizeof(prompt), "Enter PIN: "); if (n < 0 || (size_t) n >= sizeof(prompt)) { fprintf(stderr, "error: snprintf prompt"); return -1; @@ -211,6 +211,7 @@ static int make_cred(const struct args *args, const char *path, fido_dev_t *dev, explicit_bzero(pin, sizeof(pin)); return -1; } + printf("PIN complete. Completion of credential creation might require touching the device."); r = fido_dev_make_cred(dev, cred, pin); } explicit_bzero(pin, sizeof(pin)); From b6106cbf032504c726f7190e267bdc29a923250f Mon Sep 17 00:00:00 2001 From: "Thomas M. DuBuisson" Date: Wed, 26 Jun 2024 10:55:27 -0400 Subject: [PATCH 2/2] Condense message --- pamu2fcfg/pamu2fcfg.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pamu2fcfg/pamu2fcfg.c b/pamu2fcfg/pamu2fcfg.c index 384a785..0e80a65 100644 --- a/pamu2fcfg/pamu2fcfg.c +++ b/pamu2fcfg/pamu2fcfg.c @@ -201,7 +201,7 @@ static int make_cred(const struct args *args, const char *path, fido_dev_t *dev, if ((devopts & PIN_SET) && (r == FIDO_ERR_PIN_REQUIRED || r == FIDO_ERR_UV_BLOCKED || r == FIDO_ERR_PIN_BLOCKED)) { - n = snprintf(prompt, sizeof(prompt), "Enter PIN: "); + n = snprintf(prompt, sizeof(prompt), "Enter PIN (then touch device): "); if (n < 0 || (size_t) n >= sizeof(prompt)) { fprintf(stderr, "error: snprintf prompt"); return -1; @@ -211,7 +211,6 @@ static int make_cred(const struct args *args, const char *path, fido_dev_t *dev, explicit_bzero(pin, sizeof(pin)); return -1; } - printf("PIN complete. Completion of credential creation might require touching the device."); r = fido_dev_make_cred(dev, cred, pin); } explicit_bzero(pin, sizeof(pin));