From 7bcd8664a4eb085c91f701041751977e4565ef8f Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Sun, 1 Dec 2019 21:37:06 +0000 Subject: [PATCH] AlgorithmId::write helper to match policy helpers --- src/consts.rs | 1 - src/key.rs | 27 ++++++++++++++------------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/consts.rs b/src/consts.rs index 65242c0..95576e6 100644 --- a/src/consts.rs +++ b/src/consts.rs @@ -122,7 +122,6 @@ pub const TAG_RSA_MODULUS: u8 = 0x81; pub const TAG_RSA_EXP: u8 = 0x82; pub const TAG_ECC_POINT: u8 = 0x86; -pub const YKPIV_ALGO_TAG: u8 = 0x80; pub const YKPIV_ALGO_3DES: u8 = 0x03; pub const YKPIV_ATR_NEO_R3: &[u8] = b";\xFC\x13\0\0\x811\xFE\x15YubikeyNEOr3\xE1\0"; diff --git a/src/key.rs b/src/key.rs index f14aa81..50152ea 100644 --- a/src/key.rs +++ b/src/key.rs @@ -312,6 +312,16 @@ impl From for u8 { } } +impl AlgorithmId { + /// Writes the `AlgorithmId` in the format the YubiKey expects during key generation. + pub(crate) fn write(self, buf: &mut [u8]) -> usize { + buf[0] = 0x80; + buf[1] = 0x01; + buf[2] = self.into(); + 3 + } +} + /// PIV cryptographic keys stored in a YubiKey #[derive(Clone, Debug)] pub struct Key { @@ -412,7 +422,6 @@ pub fn generate( pin_policy: PinPolicy, touch_policy: TouchPolicy, ) -> Result { - let mut in_data = [0u8; 11]; let mut templ = [0, Ins::GenerateAsymmetric.code(), 0, 0]; let setting_roca: settings::BoolValue; @@ -463,19 +472,11 @@ pub fn generate( templ[3] = slot.into(); + let mut in_data = [0u8; 11]; + in_data[0] = 0xac; + in_data[1] = 3; // length sans this 2-byte header + assert_eq!(algorithm.write(&mut in_data[2..]), 3); let mut offset = 5; - in_data[..offset].copy_from_slice(&[ - 0xac, - 3, // length sans this 2-byte header - YKPIV_ALGO_TAG, - 1, - algorithm.into(), - ]); - - if in_data[4] == 0 { - error!("unexpected algorithm"); - return Err(Error::AlgorithmError); - } let pin_len = pin_policy.write(&mut in_data[offset..]); in_data[1] += pin_len as u8;