Create typed structs for PIN-protected and admin metadata (#223)

MgmKey::set_protected and YubiKey::set_pin_last_changed both contained bugs resulting from the conversion of C pointer logic (incorrect buffer management). The new Metadata struct holds its own buffer, avoiding the problem. Also adds a protected management key integration test.
iqlusioninc · Jan 31, 2021 · 9d1da84 · 9d1da84
1 parent 37088bb
commit 9d1da84
Show file tree

Hide file tree

Showing 6 changed files with 252 additions and 200 deletions.
diff --git a/src/config.rs b/src/config.rs
@@ -32,11 +32,11 @@
 
 use crate::{
     error::Error,
-    metadata,
+    metadata::{AdminData, ProtectedData},
     mgm::{MgmType, ADMIN_FLAGS_1_PROTECTED_MGM},
     yubikey::{YubiKey, ADMIN_FLAGS_1_PUK_BLOCKED},
-    TAG_ADMIN, TAG_ADMIN_FLAGS_1, TAG_ADMIN_SALT, TAG_ADMIN_TIMESTAMP, TAG_PROTECTED,
-    TAG_PROTECTED_FLAGS_1, TAG_PROTECTED_MGM,
+    TAG_ADMIN_FLAGS_1, TAG_ADMIN_SALT, TAG_ADMIN_TIMESTAMP, TAG_PROTECTED_FLAGS_1,
+    TAG_PROTECTED_MGM,
 };
 use log::error;
 use std::{
@@ -79,8 +79,8 @@ impl Config {
 
         let txn = yubikey.begin_transaction()?;
 
-        if let Ok(data) = metadata::read(&txn, TAG_ADMIN) {
-            if let Ok(item) = metadata::get_item(&data, TAG_ADMIN_FLAGS_1) {
+        if let Ok(admin_data) = AdminData::read(&txn) {
+            if let Ok(item) = admin_data.get_item(TAG_ADMIN_FLAGS_1) {
                 if item.is_empty() {
                     error!("empty response for admin flags metadata item! ignoring");
                 } else {
@@ -94,15 +94,15 @@ impl Config {
                 }
             }
 
-            if metadata::get_item(&data, TAG_ADMIN_SALT).is_ok() {
+            if admin_data.get_item(TAG_ADMIN_SALT).is_ok() {
                 if config.mgm_type != MgmType::Manual {
                     error!("conflicting types of MGM key administration configured");
                 } else {
                     config.mgm_type = MgmType::Derived;
                 }
             }
 
-            if let Ok(item) = metadata::get_item(&data, TAG_ADMIN_TIMESTAMP) {
+            if let Ok(item) = admin_data.get_item(TAG_ADMIN_TIMESTAMP) {
                 if item.len() != CB_ADMIN_TIMESTAMP {
                     error!("pin timestamp in admin metadata is an invalid size");
                 } else {
@@ -117,18 +117,18 @@ impl Config {
             }
         }
 
-        if let Ok(data) = metadata::read(&txn, TAG_PROTECTED) {
+        if let Ok(protected_data) = ProtectedData::read(&txn) {
             config.protected_data_available = true;
 
-            if let Ok(item) = metadata::get_item(&data, TAG_PROTECTED_FLAGS_1) {
+            if let Ok(item) = protected_data.get_item(TAG_PROTECTED_FLAGS_1) {
                 if item.is_empty() {
                     error!("empty response for protected flags metadata item! ignoring");
                 } else if item[0] & PROTECTED_FLAGS_1_PUK_NOBLOCK != 0 {
                     config.puk_noblock_on_upgrade = true;
                 }
             }
 
-            if metadata::get_item(&data, TAG_PROTECTED_MGM).is_ok() {
+            if protected_data.get_item(TAG_PROTECTED_MGM).is_ok() {
                 if config.mgm_type != MgmType::Protected {
                     error!(
                         "conflicting types of mgm key administration configured: protected MGM exists"

diff --git a/src/lib.rs b/src/lib.rs
@@ -178,11 +178,9 @@ pub(crate) const CB_OBJ_TAG_MIN: usize = 2; // 1 byte tag + 1 byte len
 #[cfg(feature = "untested")]
 pub(crate) const CB_OBJ_TAG_MAX: usize = CB_OBJ_TAG_MIN + 2; // 1 byte tag + 3 bytes len
 
-pub(crate) const TAG_ADMIN: u8 = 0x80;
 pub(crate) const TAG_ADMIN_FLAGS_1: u8 = 0x81;
 pub(crate) const TAG_ADMIN_SALT: u8 = 0x82;
 pub(crate) const TAG_ADMIN_TIMESTAMP: u8 = 0x83;
-pub(crate) const TAG_PROTECTED: u8 = 0x88;
 pub(crate) const TAG_PROTECTED_FLAGS_1: u8 = 0x81;
 pub(crate) const TAG_PROTECTED_MGM: u8 = 0x89;