diff options
author | Szczepan Zalega <szczepan@nitrokey.com> | 2016-08-05 21:51:56 +0200 |
---|---|---|
committer | Szczepan Zalega <szczepan@nitrokey.com> | 2016-08-05 21:56:07 +0200 |
commit | a8c8d96fedb52f6232f7f5ecbf185bf920c1d53c (patch) | |
tree | fafd7b7669c39443a1bc8183f96da8babea2f64c | |
parent | caf500394b7ba674e2fff834f2d170a0f0a909a4 (diff) | |
download | libnitrokey-a8c8d96fedb52f6232f7f5ecbf185bf920c1d53c.tar.gz libnitrokey-a8c8d96fedb52f6232f7f5ecbf185bf920c1d53c.tar.bz2 |
Clear incoming packets as soon they meet their lifetime endv0.9
Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
-rw-r--r-- | NitrokeyManager.cc | 26 | ||||
-rw-r--r-- | include/device_proto.h | 24 |
2 files changed, 34 insertions, 16 deletions
diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index 79efc49..e062b79 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -8,7 +8,7 @@ namespace nitrokey{ template <typename T> void strcpyT(T& dest, const char* src){ assert(src != nullptr); - const int s = sizeof dest; + const size_t s = sizeof dest; assert(strlen(src) <= s); strncpy((char*) &dest, src, s); } @@ -90,7 +90,7 @@ namespace nitrokey{ string NitrokeyManager::get_status() { auto response = GetStatus::CommandTransaction::run(*device); - return response.dissect(); + return response.data().dissect(); } uint32_t NitrokeyManager::get_HOTP_code(uint8_t slot_number, const char *user_temporary_password) { @@ -104,7 +104,7 @@ namespace nitrokey{ } auto resp = GetHOTP::CommandTransaction::run(*device, gh); - return resp.code; + return resp.data().code; } @@ -128,7 +128,7 @@ namespace nitrokey{ auth_package<GetTOTP, UserAuthorize>(gt, user_temporary_password, device); } auto resp = GetTOTP::CommandTransaction::run(*device, gt); - return resp.code; + return resp.data().code; } bool NitrokeyManager::erase_slot(uint8_t slot_number, const char *temporary_password) { @@ -226,7 +226,7 @@ namespace nitrokey{ auto payload = get_payload<GetSlotName>(); payload.slot_number = slot_number; auto resp = GetSlotName::CommandTransaction::run(*device, payload); - return (uint8_t *) strdup((const char *) resp.slot_name); + return (uint8_t *) strdup((const char *) resp.data().slot_name); } bool NitrokeyManager::first_authenticate(const char *pin, const char *temporary_password) { @@ -307,18 +307,18 @@ namespace nitrokey{ uint8_t * NitrokeyManager::get_password_safe_slot_status() { auto responsePayload = GetPasswordSafeSlotStatus::CommandTransaction::run(*device); //TODO FIXME auto res = new uint8_t[16]; - memcpy(res, responsePayload.password_safe_status, 16*sizeof (uint8_t)); + memcpy(res, responsePayload.data().password_safe_status, 16*sizeof (uint8_t)); //FIXME return vector<uint8_t> and do copy on C_API side return res; } uint8_t NitrokeyManager::get_user_retry_count() { auto response = GetUserPasswordRetryCount::CommandTransaction::run(*device); - return response.password_retry_count; + return response.data().password_retry_count; } uint8_t NitrokeyManager::get_admin_retry_count() { auto response = GetPasswordRetryCount::CommandTransaction::run(*device); - return response.password_retry_count; + return response.data().password_retry_count; } void NitrokeyManager::lock_device() { @@ -330,7 +330,7 @@ namespace nitrokey{ auto p = get_payload<GetPasswordSafeSlotName>(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotName::CommandTransaction::run(*device, p); - return strdup((const char *) response.slot_name); + return strdup((const char *) response.data().slot_name); } bool NitrokeyManager::is_valid_password_safe_slot_number(uint8_t slot_number) const { return slot_number < 16; } @@ -340,7 +340,7 @@ namespace nitrokey{ auto p = get_payload<GetPasswordSafeSlotLogin>(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(*device, p); - return strdup((const char *) response.slot_login); + return strdup((const char *) response.data().slot_login); } const char *NitrokeyManager::get_password_safe_slot_password(uint8_t slot_number) { @@ -348,7 +348,7 @@ namespace nitrokey{ auto p = get_payload<GetPasswordSafeSlotPassword>(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(*device, p); - return strdup((const char *) response.slot_password); + return strdup((const char *) response.data().slot_password); } void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login, @@ -416,8 +416,8 @@ namespace nitrokey{ vector<uint8_t> NitrokeyManager::read_config() { auto responsePayload = GetStatus::CommandTransaction::run(*device); - vector<uint8_t> v = vector<uint8_t>(responsePayload.general_config, - responsePayload.general_config+sizeof(responsePayload.general_config)); + vector<uint8_t> v = vector<uint8_t>(responsePayload.data().general_config, + responsePayload.data().general_config+sizeof(responsePayload.data().general_config)); return v; } diff --git a/include/device_proto.h b/include/device_proto.h index f28b5b9..f0d26c0 100644 --- a/include/device_proto.h +++ b/include/device_proto.h @@ -133,6 +133,24 @@ struct EmptyPayload { std::string dissect() const { return std::string("Empty Payload."); } } __packed; +template <typename command_payload> +class ClearingProxy{ +public: + ClearingProxy(command_payload &p){ + payload = p; + bzero(&p, sizeof(p)); + } + ~ClearingProxy(){ + bzero(&payload, sizeof(payload)); + } + + command_payload & data(){ + return payload; + } + + command_payload payload; +}; + template <CommandID cmd_id, typename command_payload, typename response_payload> class Transaction : semantics::non_constructible { public: @@ -167,11 +185,11 @@ class Transaction : semantics::non_constructible { } - static response_payload run(device::Device &dev, + static ClearingProxy<response_payload> run(device::Device &dev, const command_payload &payload) { using namespace ::nitrokey::device; using namespace ::nitrokey::log; - using namespace std::chrono_literals; + using namespace std::chrono_literals; Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2); @@ -234,7 +252,7 @@ class Transaction : semantics::non_constructible { return resp.payload; } - static response_payload run(device::Device &dev) { + static ClearingProxy<response_payload> run(device::Device &dev) { command_payload empty_payload; return run(dev, empty_payload); } |