From: Fredrik Thulin Date: Mon, 17 Jan 2011 14:49:39 +0000 (+0100) Subject: Reject -a key with upper case hex. X-Git-Tag: v1.4.0~7 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8dfdff1f640377080f48b3e2356d90a1fa80ad9a;p=yubikey-personalization.old Reject -a key with upper case hex. yubikey_hex_decode only handles lowercase hex, so use yubikey_hex_p to check that input string is valid instead of local version which also allowed upper case. --- diff --git a/tests/test_args_to_config.c b/tests/test_args_to_config.c index aa7231d..1d5ba43 100644 --- a/tests/test_args_to_config.c +++ b/tests/test_args_to_config.c @@ -464,6 +464,28 @@ int _test_mode_after_other_option() free(st); } +int _test_key_mixed_case1() +{ + YKP_CONFIG *cfg = ykp_create_config(); + YK_STATUS *st = _test_init_st(2, 2, 0); + int rc = 0; + + /* Make sure key with mixed case is rejected (parsing function yubikey_hex_decode + * only handles lower case hex) + */ + char *argv[] = { + "unittest", "-1", "-a0000000000000000000000000000000E", + NULL + }; + int argc = sizeof argv/sizeof argv[0] - 1; + + rc = _test_config(cfg, st, argc, argv); + assert(rc == 0); + + ykp_free_config(cfg); + free(st); +} + int main (int argc, char **argv) { _test_config_slot1(); @@ -478,6 +500,7 @@ int main (int argc, char **argv) _test_two_modes_at_once1(); _test_two_modes_at_once2(); _test_mode_after_other_option(); + _test_key_mixed_case1(); return 0; } diff --git a/ykpers.c b/ykpers.c index a3e5dfa..c59d41c 100644 --- a/ykpers.c +++ b/ykpers.c @@ -126,21 +126,6 @@ int ykp_configure_for(YKP_CONFIG *cfg, int confnum, YK_STATUS *st) return 0; } -/* local helper function to check that a string contains only 0-9a-f */ -static bool is_valid_hexstr(const char *buf) -{ - int i; - for (i=0; i < strlen(buf); i++) { - char c = tolower(*(buf + i)); - /* In ASCII, 0-9 == 48-57 and a-f == 97-102 */ - if ( c<48 || (c>57 && c<97) || c>102 ) { - return false; - } - } - - return true; -} - /* Decode 128 bit AES key into cfg->ykcore_config.key */ int ykp_AES_key_from_hex(YKP_CONFIG *cfg, const char *hexkey) { char aesbin[256]; @@ -151,7 +136,7 @@ int ykp_AES_key_from_hex(YKP_CONFIG *cfg, const char *hexkey) { } /* Make sure that the hexkey is made up of only [0-9a-f] */ - if (! is_valid_hexstr(hexkey)) + if (! yubikey_hex_p(hexkey)) return 1; yubikey_hex_decode(aesbin, hexkey, sizeof(aesbin)); @@ -175,7 +160,7 @@ int ykp_HMAC_key_from_hex(YKP_CONFIG *cfg, const char *hexkey) { } /* Make sure that the hexkey is made up of only [0-9a-f] */ - if (! is_valid_hexstr(hexkey)) + if (! yubikey_hex_p(hexkey)) return 1; yubikey_hex_decode(aesbin, hexkey, sizeof(aesbin));