diff --git a/lib/tests/parse_key.c b/lib/tests/parse_key.c index 564352d..dbb6cf3 100644 --- a/lib/tests/parse_key.c +++ b/lib/tests/parse_key.c @@ -48,9 +48,10 @@ struct key keys[] = { 1} }; -static int parse_key(ykpiv_state *state, const char *text, const unsigned char *expected, int valid) { +static int parse_key(const char *text, const unsigned char *expected, int valid) { unsigned char key[24]; - ykpiv_rc res = ykpiv_parse_key(state, text, key); + size_t len = sizeof(key); + ykpiv_rc res = ykpiv_hex_decode(text, strlen(text), key, &len); if(res != YKPIV_OK && valid == 1) { printf("key check failed for %s!\n", text); return EXIT_FAILURE; @@ -67,25 +68,14 @@ static int parse_key(ykpiv_state *state, const char *text, const unsigned char * } int main(void) { - ykpiv_state *state; size_t i; - if(ykpiv_init(&state, 0) != YKPIV_OK) { - printf("Failed initializing library!\n"); - return EXIT_FAILURE; - } - for(i = 0; i < sizeof(keys) / sizeof(struct key); i++) { - int res = parse_key(state, keys[i].text, keys[i].formatted, keys[i].valid); + int res = parse_key(keys[i].text, keys[i].formatted, keys[i].valid); if(res != EXIT_SUCCESS) { return res; } } - if(ykpiv_done(state) != YKPIV_OK) { - printf("Failed de-initializing library!\n"); - return EXIT_FAILURE; - } - return EXIT_SUCCESS; } diff --git a/lib/ykpiv.c b/lib/ykpiv.c index 39e096d..afb9662 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -448,37 +448,31 @@ ykpiv_rc ykpiv_set_mgmkey(ykpiv_state *state, const unsigned char *new_key) { return YKPIV_GENERIC_ERROR; } -/* FIXME: this function should be removed and replaced by - * a real hex encoder.. */ -ykpiv_rc ykpiv_parse_key(ykpiv_state *state, - const char *key_in, unsigned char *key_out) { - unsigned int i; - char key_part[4] = {0}; - int key_len = strlen(key_in); - unsigned char tmp_key[DES_KEY_SZ * 3]; /* since sscanf sometimes write 32 bits */ +static char hex_translate[] = "0123456789abcdef"; - if(key_len != DES_KEY_SZ * 3 * 2) { - if(state->verbose) { - fprintf(stderr, "Wrong key size, should be %lu characters (was %d).\n", DES_KEY_SZ * 3 * 2, key_len); - } +ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len, + unsigned char *hex_out, size_t *out_len) { + + size_t i; + bool first = true; + if(*out_len < in_len / 2) { + return YKPIV_SIZE_ERROR; + } else if(in_len % 2 != 0) { return YKPIV_SIZE_ERROR; } - for(i = 0; i < DES_KEY_SZ * 3; i++) { - key_part[0] = *key_in++; - key_part[1] = *key_in++; - if(sscanf(key_part, "%hhx", &tmp_key[i]) != 1) { - if(state->verbose) { - fprintf(stderr, "Failed parsing key at position %d.\n", i); - } - return YKPIV_KEY_ERROR; + *out_len = in_len / 2; + for(i = 0; i < in_len; i++) { + char *ind_ptr = strchr(hex_translate, *hex_in++); + int index = 0; + if(ind_ptr) { + index = ind_ptr - hex_translate; } - } - memcpy(key_out, tmp_key, DES_KEY_SZ * 3); - - if(state->verbose > 1) { - fprintf(stderr, "parsed key: "); - dump_hex(key_out, DES_KEY_SZ * 3); - fprintf(stderr, "\n"); + if(first) { + *hex_out = index << 4; + } else { + *hex_out++ |= index; + } + first = !first; } return YKPIV_OK; } diff --git a/lib/ykpiv.h b/lib/ykpiv.h index afb64a2..b4051b5 100644 --- a/lib/ykpiv.h +++ b/lib/ykpiv.h @@ -70,8 +70,8 @@ extern "C" unsigned char *out_data, unsigned long *out_len, int *sw); ykpiv_rc ykpiv_authenticate(ykpiv_state *state, const unsigned char *key); ykpiv_rc ykpiv_set_mgmkey(ykpiv_state *state, const unsigned char *new_key); - ykpiv_rc ykpiv_parse_key(ykpiv_state *state, - const char *key_in, unsigned char *key_out); + ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len, + unsigned char *hex_out, size_t *out_len); ykpiv_rc ykpiv_sign_data(ykpiv_state *state, const unsigned char *sign_in, size_t in_len,unsigned char *sign_out, size_t *out_len, unsigned char algorithm, unsigned char key); diff --git a/lib/ykpiv.map b/lib/ykpiv.map index fc97ac0..2b7a333 100644 --- a/lib/ykpiv.map +++ b/lib/ykpiv.map @@ -37,12 +37,12 @@ global: ykpiv_transfer_data; ykpiv_authenticate; ykpiv_set_mgmkey; - ykpiv_parse_key; ykpiv_sign_data; ykpiv_get_version; ykpiv_verify; ykpiv_fetch_object; ykpiv_save_object; + ykpiv_hex_decode; local: *; diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c index 12c4ac5..7a50f48 100644 --- a/tool/yubico-piv-tool.c +++ b/tool/yubico-piv-tool.c @@ -822,6 +822,7 @@ int main(int argc, char *argv[]) { struct gengetopt_args_info args_info; ykpiv_state *state; unsigned char key[KEY_LEN]; + size_t key_len = sizeof(key); int verbosity; enum enum_action action; unsigned int i; @@ -843,7 +844,7 @@ int main(int argc, char *argv[]) { return EXIT_FAILURE; } - if(ykpiv_parse_key(state, args_info.key_arg, key) != YKPIV_OK) { + if(ykpiv_hex_decode(args_info.key_arg, strlen(args_info.key_arg), key, &key_len) != YKPIV_OK) { return EXIT_FAILURE; } @@ -880,7 +881,8 @@ int main(int argc, char *argv[]) { case action_arg_setMINUS_mgmMINUS_key: if(args_info.new_key_arg) { unsigned char new_key[KEY_LEN]; - if(ykpiv_parse_key(state, args_info.new_key_arg, new_key) != YKPIV_OK) { + size_t new_key_len = sizeof(new_key); + if(ykpiv_hex_decode(args_info.new_key_arg, strlen(args_info.new_key_arg), new_key, &new_key_len) != YKPIV_OK) { ret = EXIT_FAILURE; } else if(ykpiv_set_mgmkey(state, new_key) != YKPIV_OK) { ret = EXIT_FAILURE;