From: Klas Lindfors Date: Thu, 5 Apr 2012 09:16:03 +0000 (+0200) Subject: rework default flags: X-Git-Tag: v1.7.0~1^2~44 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=71e7b4f501633cd48a00562149bd8a16d925ae8a;p=yubikey-personalization rework default flags: the library does not give defaults for any of the configuration flags this is done in the ykpersonalize tool instead. ykp_alloc() and ykp_configure_version() introduced, removed status parameter from ykp_configure_command(). Remove defaulting to slot 1, instead force the user to select a slot. --- diff --git a/libykpers-1.map b/libykpers-1.map index fa3b7be..6071c61 100644 --- a/libykpers-1.map +++ b/libykpers-1.map @@ -130,6 +130,8 @@ LIBYKPERS_1.6 { LIBYKPERS_1.7 { global: # Functions: + ykp_alloc; + ykp_configure_version; ykp_command; ykp_configure_command; yk_write_command; diff --git a/ykpers-args.c b/ykpers-args.c index 5211f1f..f2053d0 100644 --- a/ykpers-args.c +++ b/ykpers-args.c @@ -29,6 +29,8 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include "ykcore_lcl.h" + #include #include #include @@ -43,7 +45,8 @@ const char *usage = "Usage: ykpersonalize [options]\n" "-u update configuration without overwriting. This is only available\n" -" in YubiKey 2.3 and later.\n" +" in YubiKey 2.3 and later. EXTFLAG_ALLOW_UPDATE will be set by\n" +" default\n" "-1 change the first configuration. This is the default and\n" " is normally used for true OTP generation.\n" " In this configuration, TKTFLAG_APPEND_CR is set by default.\n" @@ -137,6 +140,46 @@ const char *usage = ; const char *optstring = "u12xa:c:hi:o:s:vy"; +static const YK_CONFIG default_config1 = { + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */ + { 0, 0, 0, 0, 0, 0 }, /* uid */ + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */ + { 0, 0, 0, 0, 0, 0 }, /* accCode */ + 0, /* fixedSize */ + 0, /* extFlags */ + TKTFLAG_APPEND_CR, /* tktFlags */ + 0, /* cfgFlags */ + 0, /* ctrOffs */ + 0 /* crc */ +}; + +static const YK_CONFIG default_config2 = { + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */ + { 0, 0, 0, 0, 0, 0 }, /* uid */ + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */ + { 0, 0, 0, 0, 0, 0 }, /* accCode */ + 0, /* fixedSize */ + 0, /* extFlags */ + TKTFLAG_APPEND_CR, /* tktFlags */ + /* cfgFlags */ + CFGFLAG_STATIC_TICKET | CFGFLAG_STRONG_PW1 | CFGFLAG_STRONG_PW2 | CFGFLAG_MAN_UPDATE, + 0, /* ctrOffs */ + 0 /* crc */ +}; + +static const YK_CONFIG default_update = { + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* fixed */ + { 0, 0, 0, 0, 0, 0 }, /* uid */ + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* key */ + { 0, 0, 0, 0, 0, 0 }, /* accCode */ + 0, /* fixedSize */ + EXTFLAG_ALLOW_UPDATE, /* extFlags */ + TKTFLAG_APPEND_CR, /* tktFlags */ + 0, /* cfgFlags */ + 0, /* ctrOffs */ + 0 /* crc */ +}; + static int hex_modhex_decode(unsigned char *result, size_t *resultlen, const char *str, size_t strl, size_t minsize, size_t maxsize, @@ -216,6 +259,8 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, bool swap_seen = false; bool update_seen = false; + ykp_configure_version(cfg, st); + struct config_st *ycfg = (struct config_st *) ykp_core_config(cfg); while((c = getopt(argc, argv, optstring)) != -1) { @@ -267,14 +312,6 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, break; case '1': case '2': { - int command = SLOT_CONFIG; - if (update_seen && c == '1') { - command = SLOT_UPDATE1; - } else if (update_seen && c == '2') { - command = SLOT_UPDATE2; - } else if (c == '2') { - command = SLOT_CONFIG2; - } if (slot_chosen) { fprintf(stderr, "You may only choose slot (-1 / -2) once.\n"); *exit_code = 1; @@ -290,7 +327,22 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, *exit_code = 1; return 0; } - if (!ykp_configure_command(cfg, command, st)) + int command; + if (update_seen) { + memcpy(ycfg, &default_update, sizeof(default_update)); + if(c == '1') { + command = SLOT_UPDATE1; + } else if(c == '2') { + command = SLOT_UPDATE2; + } + } else if (c == '1') { + command = SLOT_CONFIG; + memcpy(ycfg, &default_config1, sizeof(default_config1)); + } else if (c == '2') { + command = SLOT_CONFIG2; + memcpy(ycfg, &default_config2, sizeof(default_config2)); + } + if (!ykp_configure_command(cfg, command)) return 0; slot_chosen = true; break; @@ -311,7 +363,7 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, *exit_code = 1; return 0; } - if (!ykp_configure_command(cfg, SLOT_SWAP, st)) { + if (!ykp_configure_command(cfg, SLOT_SWAP)) { return 0; } swap_seen = true; @@ -531,6 +583,12 @@ int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, } } + if (!slot_chosen) { + fprintf(stderr, "A slot must be chosen with -1 or -2.\n"); + *exit_code = 1; + return 0; + } + if (update_seen) { struct config_st *core_config = (struct config_st *) ykp_core_config(cfg); if ((core_config->tktFlags & TKTFLAG_UPDATE_MASK) != core_config->tktFlags) { diff --git a/ykpers.c b/ykpers.c index 98291f5..3ec58c9 100644 --- a/ykpers.c +++ b/ykpers.c @@ -91,6 +91,16 @@ YKP_CONFIG *ykp_create_config(void) return 0; } +YKP_CONFIG *ykp_alloc(void) +{ + YKP_CONFIG *cfg = malloc(sizeof(YKP_CONFIG)); + if(cfg) { + memset(cfg, 0, sizeof(YKP_CONFIG)); + return cfg; + } + return 0; +} + int ykp_free_config(YKP_CONFIG *cfg) { if (cfg) { @@ -100,31 +110,25 @@ int ykp_free_config(YKP_CONFIG *cfg) return 0; } -int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st) +void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st) { cfg->yk_major_version = st->versionMajor; cfg->yk_minor_version = st->versionMinor; +} +int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command) +{ switch(command) { case SLOT_CONFIG: - memcpy(&cfg->ykcore_config, &default_config1, - sizeof(default_config1)); break; case SLOT_CONFIG2: - if (cfg->yk_major_version >= 2) { - memcpy(&cfg->ykcore_config, &default_config2, - sizeof(default_config2)); - } else { + if (!cfg->yk_major_version >= 2) { ykp_errno = YKP_EOLDYUBIKEY; return 0; } break; case SLOT_UPDATE1: case SLOT_UPDATE2: - { - struct config_st *core_config = (struct config_st *) ykp_core_config(cfg); - core_config->extFlags |= EXTFLAG_ALLOW_UPDATE; - } case SLOT_SWAP: if (!((cfg->yk_major_version == 2 && cfg->yk_minor_version >= 3) || cfg->yk_major_version > 2)) { @@ -142,11 +146,16 @@ int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st) int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st) { + ykp_configure_version(cfg, st); switch(confnum) { case 1: - return ykp_configure_command(cfg, SLOT_CONFIG, st); + memcpy(&cfg->ykcore_config, &default_config1, + sizeof(default_config1)); + return ykp_configure_command(cfg, SLOT_CONFIG); case 2: - return ykp_configure_command(cfg, SLOT_CONFIG2, st); + memcpy(&cfg->ykcore_config, &default_config2, + sizeof(default_config2)); + return ykp_configure_command(cfg, SLOT_CONFIG2); default: ykp_errno = YKP_EINVCONFNUM; return 0; diff --git a/ykpers.h b/ykpers.h index fd84e59..56aa428 100644 --- a/ykpers.h +++ b/ykpers.h @@ -46,10 +46,17 @@ typedef struct ykp_config_t YKP_CONFIG; YKP_CONFIG *ykp_create_config(void); int ykp_free_config(YKP_CONFIG *cfg); +/* allocate an empty YKP_CONFIG, use ykp_configure_version() to set + version information. */ +YKP_CONFIG *ykp_alloc(void); + +/* Set the version information in st in cfg. */ +void ykp_configure_version(YKP_CONFIG *cfg, YK_STATUS *st); + /* This is used to tell what YubiKey version we're working with and what command we want to send to it. If this isn't used YubiKey 1 only will be assumed. */ -int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command, YK_STATUS *st); +int ykp_configure_command(YKP_CONFIG *cfg, uint8_t command); /* wrapper function for ykp_configure_command */ int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st); diff --git a/ykpersonalize.c b/ykpersonalize.c index de0ff78..2ba0a19 100644 --- a/ykpersonalize.c +++ b/ykpersonalize.c @@ -59,7 +59,7 @@ int main(int argc, char **argv) bool use_access_code = false; unsigned char access_code[256]; YK_KEY *yk = 0; - YKP_CONFIG *cfg = ykp_create_config(); + YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = ykds_alloc(); bool autocommit = false; @@ -118,9 +118,6 @@ int main(int argc, char **argv) } } - if (!ykp_configure_for(cfg, 1, st)) - goto err; - /* Parse all arguments in a testable way */ if (! args_to_config(argc, argv, cfg, &infname, &outfname,