Fix fixed/uid parameters.

Use modhex for "fixed", add "hexfixed" for hex fixed values.
Use hex for "uid".

diff --git a/ykpers.c b/ykpers.c
index 0db2dc5e83e4773fa838f3c169c149e72bb2e4e0..5764b379f2fd181aa54b23f1f4a17b3318754923 100644 (file)
--- a/ykpers.c
+++ b/ykpers.c
@@ -163,10 +163,10 @@ int ykp_AES_key_from_passphrase(CONFIG *cfg, const char *passphrase,
 }
 
 #define def_set_charfield(fnname,fieldname,size,extra)         \
-int ykp_set_ ## fnname(CONFIG *cfg, unsigned char *input)      \
+int ykp_set_ ## fnname(CONFIG *cfg, unsigned char *input, size_t len)  \
 {                                                              \
        if (cfg) {                                              \
-               size_t max_chars = strlen(input);               \
+               size_t max_chars = len;         \
                                                                \
                if (max_chars > (size))                         \
                        max_chars = (size);                     \

diff --git a/ykpers.h b/ykpers.h
index 058c65573ff63f6fd0317108d33a2aede75d5544..5b95c95758aaee64d39fa41810a0235d1d32d576 100644 (file)
--- a/ykpers.h
+++ b/ykpers.h
@@ -39,9 +39,10 @@ int ykp_free_config(CONFIG *cfg);
 int ykp_AES_key_from_hex(CONFIG *cfg, const char *hexkey);
 int ykp_AES_key_from_passphrase(CONFIG *cfg, const char *passphrase,
                                const char *salt);
-int ykp_set_access_code(CONFIG *cfg, unsigned char *access_code);
-int ykp_set_fixed(CONFIG *cfg, unsigned char *fixed);
-int ykp_set_uid(CONFIG *cfg, unsigned char *uid);
+
+int ykp_set_access_code(CONFIG *cfg, unsigned char *access_code, size_t len);
+int ykp_set_fixed(CONFIG *cfg, unsigned char *fixed, size_t len);
+int ykp_set_uid(CONFIG *cfg, unsigned char *uid, size_t len);
 
 int ykp_set_tktflag_TAB_FIRST(CONFIG *cfg, bool state);
 int ykp_set_tktflag_APPEND_TAB1(CONFIG *cfg, bool state);

diff --git a/ykpersonalize.c b/ykpersonalize.c
index 1aa4b1a138e24d6b830ae5885e458842c70e037e..9965c5693b489f7a662d5d1f57385f72ab140d8b 100644 (file)
--- a/ykpersonalize.c
+++ b/ykpersonalize.c
@@ -49,8 +49,10 @@ const char *usage =
 "          salt=ssssssss       Salt to be used for key generation.  If\n"
 "                              none is given, a unique random one will be\n"
 "                              generated.\n"
-"          fixed=fffffffffff   The fixed part to be included in the generated\n"
-"                              ticket.  Can be up to 16 characters long.\n"
+"          fixed=fffffffffff   The public modhex identity of key.\n"
+"                              This is 0-16 characters long.\n"
+"          hexfixed=fffffff    Fixed part, but encoded in hex.\n"
+"                              This is 0-16 characters long.\n"
 "          uid=uuuuuu          The uid part of the generated ticket.  Can\n"
 "                              be up to 6 characters long.\n"
 "          [-]tab-first        set/clear the TAB_FIRST ticket flag.\n"
@@ -133,10 +135,49 @@ main(int argc, char **argv)
                case 'o':
                        if (strncmp(optarg, "salt=", 5) == 0)
                                salt = strdup(optarg+5);
-                       else if (strncmp(optarg, "fixed=", 6) == 0)
-                               ykp_set_fixed(cfg, optarg+6);
-                       else if (strncmp(optarg, "uid=", 4) == 0)
-                               ykp_set_uid(cfg, optarg+4);
+                       else if (strncmp(optarg, "fixed=", 6) == 0) {
+                               const char *fixed = optarg+6;
+                               size_t fixedlen = strlen (fixed);
+                               char fixedbin[256];
+                               if (fixedlen % 2 || fixedlen > 16)
+                               {
+                                       fprintf(stderr,
+                                               "Invalid modhex fixed string: %s\n",
+                                               fixed);
+                                       exit(1);
+                               }
+                               yubikey_modhex_decode (fixedbin, fixed,
+                                                      fixedlen);
+                               ykp_set_fixed(cfg, fixedbin, fixedlen / 2);
+                       }
+                       else if (strncmp(optarg, "hexfixed=", 9) == 0) {
+                               const char *fixed = optarg+9;
+                               size_t fixedlen = strlen (fixed);
+                               char fixedbin[256];
+                               if (fixedlen % 2 || fixedlen > 16)
+                               {
+                                       fprintf(stderr,
+                                               "Invalid hex fixed string: %s\n",
+                                               fixed);
+                                       exit(1);
+                               }
+                               yubikey_hex_decode (fixedbin, fixed, fixedlen);
+                               ykp_set_fixed(cfg, fixedbin, fixedlen / 2);
+                       }
+                       else if (strncmp(optarg, "uid=", 4) == 0) {
+                               const char *uid = optarg+4;
+                               size_t uidlen = strlen (uid);
+                               char uidbin[256];
+                               if (uidlen % 2 || uidlen != 8)
+                               {
+                                       fprintf(stderr,
+                                               "Invalid hex uid string: %s\n",
+                                               uid);
+                                       exit(1);
+                               }
+                               yubikey_hex_decode (uidbin, uid, uidlen);
+                               ykp_set_uid(cfg, uidbin, uidlen / 2);
+                       }
                        else if (strcmp(optarg, "tab-first") == 0)
                                ykp_set_tktflag_TAB_FIRST(cfg, true);
                        else if (strcmp(optarg, "-tab-first") == 0)