Merge pull request #34 from tarcieri/have-encrypt-sign-return-buffer

Have `sign_data` and `decrypt_data` return a `Buffer`
This commit is contained in:
Tony Arcieri
2019-11-26 11:21:38 -08:00
committed by GitHub
2 changed files with 6 additions and 20 deletions
+2 -12
View File
@@ -283,12 +283,10 @@ impl<'tx> Transaction<'tx> {
pub(crate) fn authenticated_command( pub(crate) fn authenticated_command(
&self, &self,
sign_in: &[u8], sign_in: &[u8],
out: &mut [u8],
out_len: &mut usize,
algorithm: u8, algorithm: u8,
key: u8, key: u8,
decipher: bool, decipher: bool,
) -> Result<(), Error> { ) -> Result<Buffer, Error> {
let in_len = sign_in.len(); let in_len = sign_in.len();
let mut indata = [0u8; 1024]; let mut indata = [0u8; 1024];
let templ = [0, Ins::Authenticate.code(), algorithm, key]; let templ = [0, Ins::Authenticate.code(), algorithm, key];
@@ -380,15 +378,7 @@ impl<'tx> Transaction<'tx> {
offset += 1; offset += 1;
offset += get_length(&data[offset..], &mut len); offset += get_length(&data[offset..], &mut len);
Ok(Buffer::new(data[offset..(offset + len)].into()))
if len > *out_len {
error!("wrong size on output buffer");
return Err(Error::SizeError);
}
*out_len = len;
out[..len].copy_from_slice(&data[offset..(offset + len)]);
Ok(())
} }
/// Send/receive large amounts of data to/from the YubiKey, splitting long /// Send/receive large amounts of data to/from the YubiKey, splitting long
+4 -8
View File
@@ -357,15 +357,13 @@ impl YubiKey {
pub fn sign_data( pub fn sign_data(
&mut self, &mut self,
raw_in: &[u8], raw_in: &[u8],
sign_out: &mut [u8],
out_len: &mut usize,
algorithm: u8, algorithm: u8,
key: SlotId, key: SlotId,
) -> Result<(), Error> { ) -> Result<Buffer, Error> {
let txn = self.begin_transaction()?; let txn = self.begin_transaction()?;
// don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS // don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS
txn.authenticated_command(raw_in, sign_out, out_len, algorithm, key, false) txn.authenticated_command(raw_in, algorithm, key, false)
} }
/// Decrypt data using a PIV key /// Decrypt data using a PIV key
@@ -373,15 +371,13 @@ impl YubiKey {
pub fn decrypt_data( pub fn decrypt_data(
&mut self, &mut self,
input: &[u8], input: &[u8],
out: &mut [u8],
out_len: &mut usize,
algorithm: u8, algorithm: u8,
key: SlotId, key: SlotId,
) -> Result<(), Error> { ) -> Result<Buffer, Error> {
let txn = self.begin_transaction()?; let txn = self.begin_transaction()?;
// don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS // don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS
txn.authenticated_command(input, out, out_len, algorithm, key, true) txn.authenticated_command(input, algorithm, key, true)
} }
/// Verify device PIN. /// Verify device PIN.