Commit 8f6b5ddd authored by Tristan A Spakes's avatar Tristan A Spakes

ver. 1.3.0 Added button for checking if a smart card has an entry in the...

ver. 1.3.0 Added button for checking if a smart card has an entry in the digest mapping file, seems to work fully
parent 5368ea8d
Pipeline #25868 passed with stages
in 1 minute and 8 seconds
/* Prevents highlighting of text, dragging of images, etc. */
*, *::after, *::before {
margin: 0;
padding: 0;
-webkit-user-select: none;
-webkit-user-drag: none;
-webkit-app-region: no-drag;
font-family: 'Montserrat', sans-serif;
}
div {
-webkit-user-select: none;
-webkit-user-drag: none;
-webkit-app-region: no-drag;
font-family: 'Montserrat', sans-serif;
}
/* Horizontal line formatting */
hr {
display: block;
margin-top: 0.15em;
margin-bottom: 0.15em;
}
/* For submission buttons */
input[type=submit] {
padding: 0;
border: none;
background: none;
font-size: 21px;
}
#MFAVerificationPage {
display: flex;
flex-direction: column;
height: 100vh;
justify-content: center;
align-items: center;
}
#MFAVerificationText {
text-align: center;
font-size: 15px;
margin-bottom: 15px;
margin-left: 12px;
margin-right: 12px;
}
#MFAVerificationButton {
align-self: center;
background-color: #007833;
border-radius: 8px;
width: 50vw;
height: 30vh;
text-align: center;
font-size: 30px;
box-shadow: 0 3px 6px 0 rgba(0,0,0,0.2), 0 4px 8px 0 rgba(0,0,0,0.19);
}
#MFAVerificationButton:hover {
background-color: Gray;
cursor: pointer;
}
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Smart Card Verification</title>
<link rel="stylesheet" href="./MFAVerification.css">
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet">
<script src="./MFAVerification.js"></script>
</head>
<body>
<div id="MFAVerificationPage">
<div id="MFAVerificationText">
Please ensure that there is one smart card inserted before clicking 'Verify'
</div>
<span title="Click 'Verify' to see if the currently inserted smart card has an entry in the digest mapping.">
<input type="submit" value="Verify" style="color:white" id="MFAVerificationButton" onclick="MFAVerification()">
</span>
</div>
</body>
</html>
const electron = require('electron')
const execSync = require('child_process').execSync
const ipcRenderer = require('electron').ipcRenderer
//Checks if the Yubikey is locked and alerts the user accordingly
function MFAVerification() {
ipcRenderer.send('log', 'ORNL Toolbox: Submitted MFA verification request', 'info')
try { //Scan for active smart card slots for inserted smart cards
var cardCheck = execSync(`pkcs11-tool -T | grep "Slot"`, (error, stdout, stderr) => {})
cardCheck = cardCheck.toString()
} catch(error) {
error = error.toString()
alert(error)
ipcRenderer.send('log', 'ORNL Toolbox: Error checking for smart card - request aborted', 'err')
return
}
//Check for the number of smart card slots
var count = (cardCheck.match(/Slot/g) || []).length;
if(count > 1) { //More than one slot found
alert('Please ensure only one smart card is inserted')
ipcRenderer.send('log', 'ORNL Toolbox: No smart card inserted - request aborted', 'err')
return
} else if(count < 1) { //No slots found
alert('No smart card inserted')
ipcRenderer.send('log', 'ORNL Toolbox: No smart card inserted - request aborted', 'err')
return
} else {
ipcRenderer.send('log', 'ORNL Toolbox: 1 smart card found inserted', 'info')
}
try { //Check for entry in digest mapping file
var inDigest = execSync(`grep $(pkcs15-tool -r 1 --rfc4716 2>/dev/null | openssl x509 -noout -fingerprint -sha1 -inform pem | grep -Po '(?<==).*(?=$)') /etc/pam_pkcs11/digest_mapping`, (error, stdout, stderr) => {})
} catch(error) {
error = error.toString()
if(error.includes('unable to load certificate')) { //Extra safety for no smartcard inserted scenario
alert('No smart card inserted')
ipcRenderer.send('log', 'ORNL Toolbox: No smart card inserted - request aborted', 'err')
return
} else {
inDigest = ""
}
}
if(inDigest == "") { //Tell user the if the smart card has an entry or not
//Not in digest mapping
alert('Inserted smart card absent from diggest mapping and will not function')
ipcRenderer.send('log', 'ORNL Toolbox: Inserted smart card was not found in /etc/pam_pkcs11/digest_mapping', 'info')
} else {
//In digest mapping
alert('Inserted smart card present in digest mapping and should function unless locked')
ipcRenderer.send('log', 'ORNL Toolbox: Inserted smart card has an entry in /etc/pam_pkcs11/digest_mapping', 'info')
}
ipcRenderer.send('log', 'ORNL Toolbox: Completed MFA verification request', 'info')
}
......@@ -88,6 +88,12 @@ input[type=submit] {
background-color: White;
}
#badgeManagementHiddenbuttons {
width: 32vh;
height: 20vh;
padding: 4px 4px;
margin: 30px 30px;
}
.backContent {
display: flex;
......
......@@ -45,6 +45,13 @@
<span title="Opens an application page for changing the PIN on the inserted Yubikey.">
<div id="buttons" onclick="yubiBadgeCheckpoint(1)"><font color="white">Yubikey PIN Changer</font></div>
</span>
<span title="Opens an application page for verifying that a smart card is in the digest mapping file.">
<div id="buttons" onclick="addWinMain('./badgeManagement/MFAVerification/MFAVerification.html', 'Smart Card Verification', 225, 180)"><font color="white">Smart Card Verification</font></div>
</span>
<span title="Opens an application page for temporarily registering a smart card in the digest mapping file.">
<div id="buttons" onclick=""><font color="white">Temporary Smart Card Registration</font></div>
</span>
<div id="badgeManagementHiddenbuttons"></div>
</div>
<span title="Opens an application page for submitting feedback regarding ORNL Toolbox.">
<div class="feedbackContainer" onclick="addWinMain('./feedback/feedback.html', 'Feedback', 500, 300)">
......@@ -62,5 +69,6 @@
<div class="helpText"><font color="white">Help</font></div>
</div>
</span>
</body>
</html>
......@@ -15,6 +15,7 @@ function yubiChecker() {
ipcRenderer.send('log', `ORNL Toolbox: Inserted Yubikey is not locked`, 'info')
} else {
alert('No Yubikey inserted') //If Yubikey is unplugged, will get this
ipcRenderer.send('log', `ORNL Toolbox: No Yubikey inserted - request aborted`, 'err')
ipcRenderer.send('log', `ORNL Toolbox: No Yubikey inserted`, 'info')
}
ipcRenderer.send('log', 'ORNL Toolbox: Completed Yubikey check request', 'info')
}
......@@ -6,7 +6,7 @@ if [[ ${CI_COMMIT_REF_NAME} == 'master' ]]; then
else
BRANCH="-${CI_COMMIT_REF_NAME}"
fi
VERSION_NUMBER='1.2.4'
VERSION_NUMBER='1.3.0'
wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo rpm -ivh epel-release-latest-7.noarch.rpm
sudo yum -y install nodejs npm ruby-devel gcc make rpm-build rubygems
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment