Apply suggestions from code review
@str4d's suggested fixes Co-Authored-By: str4d <thestr4d@gmail.com>
This commit is contained in:
+1
-1
@@ -70,7 +70,7 @@ impl CCCID {
|
||||
}
|
||||
|
||||
let mut cccid = [0u8; YKPIV_CCCID_SIZE];
|
||||
cccid.copy_from_slice(&response[CHUID_GUID_OFFS..(CHUID_GUID_OFFS + YKPIV_CCCID_SIZE)]);
|
||||
cccid.copy_from_slice(&response[CCC_ID_OFFS..(CCC_ID_OFFS + YKPIV_CCCID_SIZE)]);
|
||||
Ok(CCCID(cccid))
|
||||
}
|
||||
|
||||
|
||||
@@ -117,6 +117,7 @@ impl Config {
|
||||
);
|
||||
}
|
||||
|
||||
// Always favor protected MGM
|
||||
config.mgm_type = MgmType::Protected;
|
||||
}
|
||||
}
|
||||
|
||||
+4
-1
@@ -45,11 +45,14 @@ pub const CB_ADMIN_SALT: usize = 16;
|
||||
pub const CB_ATR_MAX: usize = 33;
|
||||
|
||||
pub const CB_BUF_MAX_NEO: usize = 2048;
|
||||
pub const CB_BUF_MAX_YK4: usize = 3072;
|
||||
pub const CB_BUF_MAX: usize = CB_BUF_MAX_YK4;
|
||||
|
||||
pub const CB_ECC_POINTP256: usize = 65;
|
||||
pub const CB_ECC_POINTP384: usize = 97;
|
||||
|
||||
pub const CB_OBJ_MAX: usize = 3063;
|
||||
pub const CB_OBJ_MAX_YK4: usize = CB_BUF_MAX_YK4 - 9;
|
||||
pub const CB_OBJ_MAX: usize = CB_OBJ_MAX_YK4;
|
||||
pub const CB_OBJ_MAX_NEO: usize = CB_BUF_MAX_NEO - 9;
|
||||
|
||||
pub const CB_OBJ_TAG_MIN: usize = 2; // 1 byte tag + 1 byte len
|
||||
|
||||
+1
-1
@@ -146,7 +146,7 @@ impl Container {
|
||||
return Err(Error::ParseError);
|
||||
}
|
||||
|
||||
let mut name = [0u16; 40];
|
||||
let mut name = [0u16; CONTAINER_NAME_LEN];
|
||||
let name_bytes_len = CONTAINER_NAME_LEN * 2;
|
||||
|
||||
for (i, chunk) in bytes[..name_bytes_len].chunks_exact(2).enumerate() {
|
||||
|
||||
+4
-2
@@ -288,9 +288,9 @@ pub fn generate(
|
||||
return Err(Error::KeyError);
|
||||
}
|
||||
StatusWords::IncorrectParamError => {
|
||||
if pin_policy != 0 {
|
||||
if pin_policy != YKPIV_PINPOLICY_DEFAULT {
|
||||
error!("{} (pin policy not supported?)", err_msg);
|
||||
} else if touch_policy != 0 {
|
||||
} else if touch_policy != YKPIV_TOUCHPOLICY_DEFAULT {
|
||||
error!("{} (touch policy not supported?)", err_msg);
|
||||
} else {
|
||||
error!("{} (algorithm not supported?)", err_msg);
|
||||
@@ -324,6 +324,7 @@ pub fn generate(
|
||||
offset += 1;
|
||||
offset += get_length(&data[offset..], &mut len);
|
||||
let modulus = data[offset..(offset + len)].to_vec();
|
||||
offset += len;
|
||||
|
||||
if data[offset] != TAG_RSA_EXP {
|
||||
error!("failed to parse public key structure (public exponent)");
|
||||
@@ -352,6 +353,7 @@ pub fn generate(
|
||||
error!("failed to parse public key structure");
|
||||
return Err(Error::ParseError);
|
||||
}
|
||||
offset += 1;
|
||||
|
||||
// the curve point should always be determined by the curve
|
||||
let len_byte = data[offset];
|
||||
|
||||
@@ -81,6 +81,7 @@ pub(crate) fn set_item(
|
||||
let mut tag_temp: u8 = 0;
|
||||
let mut cb_len: usize = 0;
|
||||
let cb_item = p_item.len();
|
||||
// Must be signed to have negative offsets
|
||||
let cb_moved: isize;
|
||||
let p_next: *mut u8;
|
||||
|
||||
@@ -108,6 +109,7 @@ pub(crate) fn set_item(
|
||||
|
||||
if tag_temp != tag {
|
||||
if cb_item == 0 {
|
||||
// We've been asked to delete an existing item that isn't in the blob
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
@@ -238,6 +240,7 @@ pub(crate) fn write(
|
||||
};
|
||||
|
||||
if data.is_empty() {
|
||||
// Deleting metadata
|
||||
return txn.save_object(obj_id, &[]);
|
||||
}
|
||||
|
||||
|
||||
+4
-3
@@ -134,7 +134,8 @@ impl MsRoots {
|
||||
return txn.save_object(YKPIV_OBJ_MSROOTS1, &[]);
|
||||
}
|
||||
|
||||
n_objs = (data_len / (cb_obj_max - 4)) + 1;
|
||||
// Calculate number of objects required to store blob
|
||||
n_objs = (data_len / (cb_obj_max - CB_OBJ_TAG_MAX)) + 1;
|
||||
|
||||
if n_objs > 5 {
|
||||
return Err(Error::SizeError);
|
||||
@@ -143,8 +144,8 @@ impl MsRoots {
|
||||
for i in 0..n_objs {
|
||||
offset = 0;
|
||||
|
||||
data_chunk = if cb_obj_max - 4 < data_len - data_offset {
|
||||
cb_obj_max - 4
|
||||
data_chunk = if cb_obj_max - CB_OBJ_TAG_MAX < data_len - data_offset {
|
||||
cb_obj_max - CB_OBJ_TAG_MAX
|
||||
} else {
|
||||
data_len - data_offset
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user