Merge pull request #34 from tarcieri/have-encrypt-sign-return-buffer
Have `sign_data` and `decrypt_data` return a `Buffer`
This commit is contained in:
+2
-12
@@ -283,12 +283,10 @@ impl<'tx> Transaction<'tx> {
|
||||
pub(crate) fn authenticated_command(
|
||||
&self,
|
||||
sign_in: &[u8],
|
||||
out: &mut [u8],
|
||||
out_len: &mut usize,
|
||||
algorithm: u8,
|
||||
key: u8,
|
||||
decipher: bool,
|
||||
) -> Result<(), Error> {
|
||||
) -> Result<Buffer, Error> {
|
||||
let in_len = sign_in.len();
|
||||
let mut indata = [0u8; 1024];
|
||||
let templ = [0, Ins::Authenticate.code(), algorithm, key];
|
||||
@@ -380,15 +378,7 @@ impl<'tx> Transaction<'tx> {
|
||||
|
||||
offset += 1;
|
||||
offset += get_length(&data[offset..], &mut len);
|
||||
|
||||
if len > *out_len {
|
||||
error!("wrong size on output buffer");
|
||||
return Err(Error::SizeError);
|
||||
}
|
||||
|
||||
*out_len = len;
|
||||
out[..len].copy_from_slice(&data[offset..(offset + len)]);
|
||||
Ok(())
|
||||
Ok(Buffer::new(data[offset..(offset + len)].into()))
|
||||
}
|
||||
|
||||
/// Send/receive large amounts of data to/from the YubiKey, splitting long
|
||||
|
||||
+4
-8
@@ -357,15 +357,13 @@ impl YubiKey {
|
||||
pub fn sign_data(
|
||||
&mut self,
|
||||
raw_in: &[u8],
|
||||
sign_out: &mut [u8],
|
||||
out_len: &mut usize,
|
||||
algorithm: u8,
|
||||
key: SlotId,
|
||||
) -> Result<(), Error> {
|
||||
) -> Result<Buffer, Error> {
|
||||
let txn = self.begin_transaction()?;
|
||||
|
||||
// don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS
|
||||
txn.authenticated_command(raw_in, sign_out, out_len, algorithm, key, false)
|
||||
txn.authenticated_command(raw_in, algorithm, key, false)
|
||||
}
|
||||
|
||||
/// Decrypt data using a PIV key
|
||||
@@ -373,15 +371,13 @@ impl YubiKey {
|
||||
pub fn decrypt_data(
|
||||
&mut self,
|
||||
input: &[u8],
|
||||
out: &mut [u8],
|
||||
out_len: &mut usize,
|
||||
algorithm: u8,
|
||||
key: SlotId,
|
||||
) -> Result<(), Error> {
|
||||
) -> Result<Buffer, Error> {
|
||||
let txn = self.begin_transaction()?;
|
||||
|
||||
// don't attempt to reselect in crypt operations to avoid problems with PIN_ALWAYS
|
||||
txn.authenticated_command(input, out, out_len, algorithm, key, true)
|
||||
txn.authenticated_command(input, algorithm, key, true)
|
||||
}
|
||||
|
||||
/// Verify device PIN.
|
||||
|
||||
Reference in New Issue
Block a user