From ed38b96fe4e5e55098337e027541220bde389fb3 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Fri, 20 Nov 2015 08:53:39 +0100 Subject: [PATCH] raise buffer sizes and remove a miss-leading error --- lib/ykpiv.c | 2 +- tool/yubico-piv-tool.c | 8 ++------ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/ykpiv.c b/lib/ykpiv.c index abf2b7e..427ce89 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -751,7 +751,7 @@ ykpiv_rc ykpiv_fetch_object(ykpiv_state *state, int object_id, ykpiv_rc ykpiv_save_object(ykpiv_state *state, int object_id, unsigned char *indata, size_t len) { - unsigned char data[2048]; + unsigned char data[3072]; unsigned char *dataptr = data; unsigned char templ[] = {0, YKPIV_INS_PUT_DATA, 0x3f, 0xff}; int sw; diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c index d19eb3b..f0052f6 100644 --- a/tool/yubico-piv-tool.c +++ b/tool/yubico-piv-tool.c @@ -541,15 +541,11 @@ static bool import_cert(ykpiv_state *state, enum enum_key_format cert_format, } { - unsigned char certdata[2100]; + unsigned char certdata[3072]; unsigned char *certptr = certdata; int object = get_object_id(slot); ykpiv_rc res; - if(cert_len > 2048) { - fprintf(stderr, "Certificate to large, maximum 2048 bytes (was %d bytes).\n", cert_len); - goto import_cert_out; - } *certptr++ = 0x70; certptr += set_length(certptr, cert_len); if (compress) { @@ -1024,7 +1020,7 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot, enum enum_key_format key_format, const char *output_file_name) { FILE *output_file; int object = get_object_id(slot); - unsigned char data[2048]; + unsigned char data[3072]; const unsigned char *ptr = data; unsigned long len = sizeof(data); int cert_len;