Verified Commit 6351e957 authored by Matt Devillier's avatar Matt Devillier
Browse files

gui-init/seal-libremkey: reduce friction when generating new secret



Reduce friction when generating a new TOTP/HOTP secret by eliminating
an unnecessary 'press enter to continue' prompt following QR code
generation, and by attempting to use the default admin PIN set by
the OEM factory reset function. Fall back to prompting the user
if the default PIN fails.

Also, ensure error messages are visible to users before being returned
back to the GUI menu from which they came by wrapping existing calls to die()
Signed-off-by: Matt Devillier's avatarMatt DeVillier <matt.devillier@puri.sm>
parent e6f7615c
......@@ -109,19 +109,13 @@ prompt_update_checksums()
}
update_totp()
{
echo -e "Generating new TOTP secret...\n\n"
if [ "$CONFIG_TPM" = "y" ]; then
echo "Scan the QR code to add the new TOTP secret"
/bin/seal-totp
else
echo "Generating new HOTP secret"
echo ""
fi
if [ -x /bin/hotp_verification ]; then
if [ "$CONFIG_TPM" = "y" ]; then
echo "Once you have scanned the QR code, hit Enter to configure your HOTP USB Security Dongle (e.g. Librem Key or Nitrokey)"
read
fi
/bin/seal-hotpkey
else
echo "Once you have scanned the QR code, hit Enter to continue"
......
......@@ -17,6 +17,13 @@ mount_boot()
fi
}
fatal_error()
{
echo -e "\nERROR: ${1}; press Enter to continue."
read
die "$1"
}
# Use stored HOTP key branding (this might be useful after OEM reset)
if [ -r /boot/kexec_hotp_key ]; then
HOTPKEY_BRANDING="$(cat /boot/kexec_hotp_key)"
......@@ -29,13 +36,13 @@ if [ "$CONFIG_TPM" = "y" ]; then
-in 4d47 \
-sz 312 \
-of "$HOTP_SEALED" \
|| die "Unable to retrieve sealed file from TPM NV"
|| fatal_error "Unable to retrieve sealed file from TPM NV"
tpm unsealfile \
-hk 40000000 \
-if "$HOTP_SEALED" \
-of "$HOTP_SECRET" \
|| die "Unable to unseal HOTP secret"
|| fatal_error "Unable to unseal HOTP secret"
shred -n 10 -z -u "$HOTP_SEALED" 2> /dev/null
else
......@@ -63,12 +70,12 @@ counter_value=1
enable_usb
if ! hotp_verification info ; then
echo "Insert your $HOTPKEY_BRANDING and press Enter to configure it"
echo -e "\nInsert your $HOTPKEY_BRANDING and press Enter to configure it"
read
if ! hotp_verification info ; then
# don't leak key on failure
shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null
die "Unable to find $HOTPKEY_BRANDING"
fatal_error "Unable to find $HOTPKEY_BRANDING"
fi
fi
......@@ -81,20 +88,29 @@ else
HOTPKEY_BRANDING="HOTP USB Security Dongle"
fi
echo -e ""
read -s -p "Enter your $HOTPKEY_BRANDING Admin PIN: " admin_pin
echo -e "\n"
hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING"
# try using factory default admin PIN
admin_pin="12345678"
hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING" >/dev/null 2>&1
if [ $? -ne 0 ]; then
# prompt user for PIN and retry
echo ""
read -s -p "Enter your $HOTPKEY_BRANDING Admin PIN: " admin_pin
echo -e "\n"
read -s -p "Error setting HOTP secret, re-enter Admin PIN and try again: " admin_pin
echo -e "\n"
if ! hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING" ; then
# don't leak key on failure
shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null
die "Setting HOTP secret failed"
hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING"
if [ $? -ne 0 ]; then
echo -e "\n"
read -s -p "Error setting HOTP secret, re-enter Admin PIN and try again: " admin_pin
echo -e "\n"
if ! hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value "$HOTPKEY_BRANDING" ; then
# don't leak key on failure
shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null
fatal_error "Setting HOTP secret failed"
fi
fi
else
# remind user to change admin password
echo -e "\nWARNING: default GPG admin PIN detected: please change this as soon as possible."
fi
# HOTP key no longer needed
......@@ -110,7 +126,7 @@ mount -o remount,rw /boot
counter_value=`expr $counter_value + 1`
echo $counter_value > $HOTP_COUNTER \
|| die "Unable to create hotp counter file"
|| fatal_error "Unable to create hotp counter file"
# Store/overwrite HOTP USB Security Dongle branding found out beforehand
echo $HOTPKEY_BRANDING > $HOTP_KEY \
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment