Apply suggestions from code review

More of @str4d's suggested changes

Co-Authored-By: str4d <thestr4d@gmail.com>
This commit is contained in:
Tony Arcieri
2019-11-25 07:38:33 -08:00
committed by GitHub
parent e18828d048
commit 9367218c7d
2 changed files with 18 additions and 14 deletions
+8 -8
View File
@@ -187,7 +187,7 @@ impl<'tx> Transaction<'tx> {
let mut templ = [0, YKPIV_INS_CHANGE_REFERENCE, 0, 0x80];
let mut indata = Zeroizing::new([0u8; 16]);
if current_pin.len() > 8 || new_pin.len() > 8 {
if current_pin.len() > CB_PIN_MAX || new_pin.len() > CB_PIN_MAX {
return Err(Error::SizeError);
}
@@ -200,11 +200,11 @@ impl<'tx> Transaction<'tx> {
unsafe {
ptr::copy(current_pin.as_ptr(), indata.as_mut_ptr(), current_pin.len());
if current_pin.len() < 8 {
if current_pin.len() < CB_PIN_MAX {
ptr::write_bytes(
indata.as_mut_ptr().add(current_pin.len()),
0xff,
8 - current_pin.len(),
CB_PIN_MAX - current_pin.len(),
);
}
@@ -214,17 +214,17 @@ impl<'tx> Transaction<'tx> {
new_pin.len(),
);
if new_pin.len() < 8 {
if new_pin.len() < CB_PIN_MAX {
ptr::write_bytes(
indata.as_mut_ptr().offset(8).add(new_pin.len()),
0xff,
8 - new_pin.len(),
CB_PIN_MAX - new_pin.len(),
);
}
}
let status_words = self
.transfer_data(&templ, indata.as_ref(), 255)?
.transfer_data(&templ, indata.as_ref(), 0xFF)?
.status_words();
match status_words {
@@ -428,7 +428,7 @@ impl<'tx> Transaction<'tx> {
if out_data.len() - response.buffer().len() - 2 > max_out {
error!(
"output buffer to small: wanted to write {}, max was {}",
"output buffer too small: wanted to write {}, max was {}",
out_data.len() - response.buffer().len() - 2,
max_out
);
@@ -444,7 +444,7 @@ impl<'tx> Transaction<'tx> {
}
}
while sw >> 8 != 0x61 {
while sw >> 8 == 0x61 {
trace!(
"The card indicates there is {} bytes more data for us",
sw & 0xff
+10 -6
View File
@@ -379,7 +379,7 @@ impl YubiKey {
pub unsafe fn change_pin(&mut self, current_pin: &[u8], new_pin: &[u8]) -> Result<(), Error> {
{
let txn = self.begin_transaction()?;
txn.change_pin(0, current_pin, new_pin)?;
txn.change_pin(CHREF_ACT_CHANGE_PIN, current_pin, new_pin)?;
}
if !new_pin.is_empty() {
@@ -391,7 +391,7 @@ impl YubiKey {
/// Set PIN last changed
pub unsafe fn set_pin_last_changed(yubikey: &mut YubiKey) -> Result<(), Error> {
let mut data = [0u8; YKPIV_OBJ_MAX_SIZE];
let mut data = [0u8; CB_BUF_MAX];
let max_size = yubikey.obj_size_max();
let txn = yubikey.begin_transaction()?;
@@ -435,7 +435,7 @@ impl YubiKey {
/// The default PUK code is 12345678.
pub unsafe fn change_puk(&mut self, current_puk: &[u8], new_puk: &[u8]) -> Result<(), Error> {
let txn = self.begin_transaction()?;
txn.change_pin(2, current_puk, new_puk)
txn.change_pin(CHREF_ACT_CHANGE_PUK, current_puk, new_puk)
}
/// Block PUK: permanently prevent the PIN from becoming unblocked
@@ -449,7 +449,7 @@ impl YubiKey {
while tries_remaining != 0 {
// 2 -> change puk
let res = txn.change_pin(2, &puk, &puk);
let res = txn.change_pin(CHREF_ACT_CHANGE_PUK, &puk, &puk);
match res {
Ok(()) => puk[0] += 1,
@@ -458,6 +458,8 @@ impl YubiKey {
continue;
}
Err(e) => {
// depending on the firmware, tries may not be set to zero when the PUK is blocked,
// instead, the return code will be PIN_LOCKED and tries will be unset
if e != Error::PinLocked {
continue;
}
@@ -481,7 +483,7 @@ impl YubiKey {
}
flags[0] |= ADMIN_FLAGS_1_PUK_BLOCKED;
let mut data = [0u8; YKPIV_OBJ_MAX_SIZE];
let mut data = [0u8; CB_BUF_MAX];
let mut cb_data: usize = data.len();
if metadata::set_item(
@@ -507,7 +509,7 @@ impl YubiKey {
/// configured PIN Unblocking Key (PUK).
pub unsafe fn unblock_pin(&mut self, puk: &[u8], new_pin: &[u8]) -> Result<(), Error> {
let txn = self.begin_transaction()?;
txn.change_pin(1, puk, new_pin)
txn.change_pin(CHREF_ACT_UNBLOCK_PIN, puk, new_pin)
}
/// Fetch an object from the YubiKey
@@ -815,6 +817,8 @@ impl YubiKey {
/// Reset YubiKey.
///
/// WARNING: this is a destructive operation which will destroy all keys!
///
/// The reset function is only available when both pins are blocked.
pub fn reset_device(&mut self) -> Result<(), Error> {
let templ = [0, YKPIV_INS_RESET, 0, 0];
let txn = self.begin_transaction()?;