return false;
}
- var dialog = new TrustAnchorDialog(userid, realm, ca_hash);
+ var dialog = new TrustAnchorDialog(card, userid, realm, ca_hash);
var response = dialog.run();
dialog.destroy();
bool is_confirmed = (response == ResponseType.OK);
public bool complete = false;
- public TrustAnchorDialog(string userid,
+ public TrustAnchorDialog(IdCard card,
+ string userid,
string realm,
string ca_hash)
{
+ string server_ta_label_text = null;
+
this.set_title(_("Trust Anchor"));
this.set_modal(true);
// this.set_transient_for(parent);
Label dialog_label = new Label("");
dialog_label.set_alignment(0, 0);
- string label_markup = "<span font-weight='heavy'>" + _("You are using this identity for the first time with the following trust anchor:") + "</span>";
+ string label_markup;
+ if (card.trust_anchor.server_cert == "") {
+ label_markup = "<span font-weight='heavy'>" + _("You are using this identity for the first time with the following trust anchor:") + "</span>";
+ }
+ else {
+ // The server's fingerprint isn't what we're expecting this server to provide.
+ label_markup = "<span font-weight='heavy'>" + _("WARNING: This connection may not be secure! ")
+ + _("The server's trust anchor does not match the expected trust anchor for this server.")
+ + "</span>";
+
+ server_ta_label_text = _("Server's trust anchor (SHA-256 fingerprint) :");
+ }
dialog_label.set_markup(label_markup);
dialog_label.set_line_wrap(true);
Label confirm_label = new Label(_("Please confirm that this is the correct trust anchor."));
confirm_label.set_alignment(0, 0.5f);
- var trust_anchor_display = make_ta_fingerprint_widget(ca_hash);
+ var trust_anchor_display = make_ta_fingerprint_widget(ca_hash, server_ta_label_text);
var vbox = new VBox(false, 0);
vbox.set_border_width(6);
vbox.pack_start(trust_anchor_display, true, true, 0);
vbox.pack_start(confirm_label, true, true, 12);
+ if (card.trust_anchor.server_cert != "") {
+ var expected_ta_display = make_ta_fingerprint_widget(card.trust_anchor.server_cert,
+ _("Expected trust anchor (SHA-256 fingerprint) :"));
+ vbox.pack_start(expected_ta_display, true, true, 0);
+ }
+
((Container) content_area).add(vbox);
this.set_border_width(6);
}
-internal Widget make_ta_fingerprint_widget(string server_cert)
+internal Widget make_ta_fingerprint_widget(string server_cert, string? label_text = null)
{
- var fingerprint_label = new Label(_("SHA-256 fingerprint:"));
- fingerprint_label.set_alignment(0, 0.5f);
-
- var fingerprint = new TextView();
- var fontdesc = FontDescription.from_string("monospace 10");
- fingerprint.modify_font(fontdesc);
- fingerprint.set_editable(false);
- fingerprint.set_left_margin(3);
- var buffer = fingerprint.get_buffer();
- buffer.set_text(colonize(server_cert, 16), -1);
- fingerprint.wrap_mode = Gtk.WrapMode.WORD_CHAR;
-
- set_atk_relation(fingerprint_label, fingerprint, Atk.RelationType.LABEL_FOR);
-
- var fingerprint_width_constraint = new ScrolledWindow(null, null);
- fingerprint_width_constraint.set_policy(PolicyType.NEVER, PolicyType.NEVER);
- fingerprint_width_constraint.set_shadow_type(ShadowType.IN);
- fingerprint_width_constraint.set_size_request(360, 60);
- fingerprint_width_constraint.add_with_viewport(fingerprint);
-
- var vbox = new VBox(false, 0);
- vbox.pack_start(fingerprint_label, true, true, 2);
- vbox.pack_start(fingerprint_width_constraint, true, true, 2);
- return vbox;
+ var fingerprint_label = new Label(label_text ?? _("SHA-256 fingerprint:"));
+ fingerprint_label.set_alignment(0, 0.5f);
+
+ var fingerprint = new TextView();
+ var fontdesc = FontDescription.from_string("monospace 10");
+ fingerprint.modify_font(fontdesc);
+ fingerprint.set_editable(false);
+ fingerprint.set_left_margin(3);
+ var buffer = fingerprint.get_buffer();
+ buffer.set_text(colonize(server_cert, 16), -1);
+ fingerprint.wrap_mode = Gtk.WrapMode.WORD_CHAR;
+
+ set_atk_relation(fingerprint_label, fingerprint, Atk.RelationType.LABEL_FOR);
+
+ var fingerprint_width_constraint = new ScrolledWindow(null, null);
+ fingerprint_width_constraint.set_policy(PolicyType.NEVER, PolicyType.NEVER);
+ fingerprint_width_constraint.set_shadow_type(ShadowType.IN);
+ fingerprint_width_constraint.set_size_request(360, 60);
+ fingerprint_width_constraint.add_with_viewport(fingerprint);
+
+ var vbox = new VBox(false, 0);
+ vbox.pack_start(fingerprint_label, true, true, 2);
+ vbox.pack_start(fingerprint_width_constraint, true, true, 2);
+ return vbox;
}
// Yeah, it doesn't mean "colonize" the way you might think... :-)
}
internal static void clear_password_entry(Entry entry) {
- string r = "[@R@Fid#4LPu6es@Mqteb<VqK?m%O}dW-:-4`oufKv24l6=k-*q_by*K&j)ftVF";
+
+ // Overwrite the entry with random data
var len = entry.get_text().length;
- r = r.slice(0, len);
+ var random_chars = new char[len + 1];
+ for (int i = 0; i < len; i++) {
+ random_chars[i] = (char) Random.int_range(40, 127);
+ }
+ random_chars[len] = 0;
+ string r = (string) random_chars;
var buf = entry.get_buffer();
buf.set_text(r.data);
+
+ // Now delete the data
buf.delete_text(0, len);
}