transaction: Always require padded PIN for verify_pin

Callers of this function always pad up to `CB_PIN_MAX` with `0xFF`.

The logic being changed here was previously identical to the `_verify`
function in `ykpiv.c`:

https://github.com/Yubico/yubico-piv-tool/blob/8ba243f/lib/ykpiv.c#L1299

...but @str4d noticed this potentially allows a caller to send an
unpadded PIN, which may (or may not) be an issue.
This commit is contained in:
Tony Arcieri
2019-11-25 08:27:54 -08:00
parent 6e4819bad1
commit c54f66acb4
+2 -1
View File
@@ -165,7 +165,8 @@ impl<'tx> Transaction<'tx> {
/// Verify device PIN. /// Verify device PIN.
pub fn verify_pin(&self, pin: &[u8]) -> Result<(), Error> { pub fn verify_pin(&self, pin: &[u8]) -> Result<(), Error> {
if pin.len() > CB_PIN_MAX { // TODO(tarcieri): allow unpadded (with `0xFF`) PIN shorter than CB_PIN_MAX?
if pin.len() != CB_PIN_MAX {
return Err(Error::SizeError); return Err(Error::SizeError);
} }