refactor set_chuid() to use ykpiv_save_object()

This commit is contained in:
Klas Lindfors
2014-06-26 08:08:59 +02:00
parent a1c2e4e8d1
commit 75a5cf74d2
+12 -20
View File
@@ -50,14 +50,13 @@
* bytes. */
/* this CHUID has an expiry of 2030-01-01, maybe that should be variable.. */
unsigned const char chuid_tmpl[] = {
0x5c, 0x03, 0x5f, 0xc1, 0x02, 0x53, 0x3b, 0x30, 0x19, 0xd4, 0xe7, 0x39, 0xda,
0x73, 0x9c, 0xed, 0x39, 0xce, 0x73, 0x9d, 0x83, 0x68, 0x58, 0x21, 0x08, 0x42,
0x10, 0x84, 0x21, 0x38, 0x42, 0x10, 0xc3, 0xf5, 0x34, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x35, 0x08, 0x32, 0x30, 0x33, 0x30, 0x30, 0x31, 0x30, 0x31, 0x3e, 0x00, 0xfe,
0x00,
0x30, 0x19, 0xd4, 0xe7, 0x39, 0xda, 0x73, 0x9c, 0xed, 0x39, 0xce, 0x73, 0x9d,
0x83, 0x68, 0x58, 0x21, 0x08, 0x42, 0x10, 0x84, 0x21, 0x38, 0x42, 0x10, 0xc3,
0xf5, 0x34, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35, 0x08, 0x32, 0x30, 0x33, 0x30, 0x30,
0x31, 0x30, 0x31, 0x3e, 0x00, 0xfe, 0x00,
};
#define CHUID_GUID_OFFS 36
#define CHUID_GUID_OFFS 28
unsigned const char sha256oid[] = {
0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04,
@@ -451,31 +450,24 @@ import_cert_out:
}
static bool set_chuid(ykpiv_state *state, int verbose) {
unsigned char templ[] = {0, YKPIV_INS_PUT_DATA, 0x3f, 0xff};
unsigned char data[0xff];
unsigned char chuid[sizeof(chuid_tmpl)];
unsigned char *dataptr = chuid;
unsigned long recv_len = sizeof(data);
int sw;
ykpiv_rc res;
memcpy(chuid, chuid_tmpl, sizeof(chuid));
dataptr += CHUID_GUID_OFFS;
if(RAND_pseudo_bytes(dataptr, 0x10) == -1) {
if(RAND_pseudo_bytes(chuid + CHUID_GUID_OFFS, 0x10) == -1) {
fprintf(stderr, "error: no randomness.\n");
return false;
}
if(verbose) {
fprintf(stderr, "Setting the GUID to: ");
dump_hex(dataptr, 0x10);
dump_hex(chuid, sizeof(chuid));
fprintf(stderr, "\n");
}
if(ykpiv_transfer_data(state, templ, chuid, sizeof(chuid), data, &recv_len, &sw) != YKPIV_OK) {
fprintf(stderr, "Failed communicating with device.\n");
return false;
} else if(sw != 0x9000) {
fprintf(stderr, "Failed setting CHUID.\n");
if((res = ykpiv_save_object(state, YKPIV_OBJ_CHUID, chuid, sizeof(chuid))) != YKPIV_OK) {
fprintf(stderr, "Failed communicating with device: %s\n", ykpiv_strerror(res));
return false;
}
return true;
}