aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzczepan Zalega <szczepan@nitrokey.com>2016-08-05 21:51:56 +0200
committerSzczepan Zalega <szczepan@nitrokey.com>2016-08-05 21:56:07 +0200
commita8c8d96fedb52f6232f7f5ecbf185bf920c1d53c (patch)
treefafd7b7669c39443a1bc8183f96da8babea2f64c
parentcaf500394b7ba674e2fff834f2d170a0f0a909a4 (diff)
downloadlibnitrokey-a8c8d96fedb52f6232f7f5ecbf185bf920c1d53c.tar.gz
libnitrokey-a8c8d96fedb52f6232f7f5ecbf185bf920c1d53c.tar.bz2
Clear incoming packets as soon they meet their lifetime endv0.9
Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
-rw-r--r--NitrokeyManager.cc26
-rw-r--r--include/device_proto.h24
2 files changed, 34 insertions, 16 deletions
diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index 79efc49..e062b79 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -8,7 +8,7 @@ namespace nitrokey{
template <typename T>
void strcpyT(T& dest, const char* src){
assert(src != nullptr);
- const int s = sizeof dest;
+ const size_t s = sizeof dest;
assert(strlen(src) <= s);
strncpy((char*) &dest, src, s);
}
@@ -90,7 +90,7 @@ namespace nitrokey{
string NitrokeyManager::get_status() {
auto response = GetStatus::CommandTransaction::run(*device);
- return response.dissect();
+ return response.data().dissect();
}
uint32_t NitrokeyManager::get_HOTP_code(uint8_t slot_number, const char *user_temporary_password) {
@@ -104,7 +104,7 @@ namespace nitrokey{
}
auto resp = GetHOTP::CommandTransaction::run(*device, gh);
- return resp.code;
+ return resp.data().code;
}
@@ -128,7 +128,7 @@ namespace nitrokey{
auth_package<GetTOTP, UserAuthorize>(gt, user_temporary_password, device);
}
auto resp = GetTOTP::CommandTransaction::run(*device, gt);
- return resp.code;
+ return resp.data().code;
}
bool NitrokeyManager::erase_slot(uint8_t slot_number, const char *temporary_password) {
@@ -226,7 +226,7 @@ namespace nitrokey{
auto payload = get_payload<GetSlotName>();
payload.slot_number = slot_number;
auto resp = GetSlotName::CommandTransaction::run(*device, payload);
- return (uint8_t *) strdup((const char *) resp.slot_name);
+ return (uint8_t *) strdup((const char *) resp.data().slot_name);
}
bool NitrokeyManager::first_authenticate(const char *pin, const char *temporary_password) {
@@ -307,18 +307,18 @@ namespace nitrokey{
uint8_t * NitrokeyManager::get_password_safe_slot_status() {
auto responsePayload = GetPasswordSafeSlotStatus::CommandTransaction::run(*device); //TODO FIXME
auto res = new uint8_t[16];
- memcpy(res, responsePayload.password_safe_status, 16*sizeof (uint8_t));
+ memcpy(res, responsePayload.data().password_safe_status, 16*sizeof (uint8_t));
//FIXME return vector<uint8_t> and do copy on C_API side
return res;
}
uint8_t NitrokeyManager::get_user_retry_count() {
auto response = GetUserPasswordRetryCount::CommandTransaction::run(*device);
- return response.password_retry_count;
+ return response.data().password_retry_count;
}
uint8_t NitrokeyManager::get_admin_retry_count() {
auto response = GetPasswordRetryCount::CommandTransaction::run(*device);
- return response.password_retry_count;
+ return response.data().password_retry_count;
}
void NitrokeyManager::lock_device() {
@@ -330,7 +330,7 @@ namespace nitrokey{
auto p = get_payload<GetPasswordSafeSlotName>();
p.slot_number = slot_number;
auto response = GetPasswordSafeSlotName::CommandTransaction::run(*device, p);
- return strdup((const char *) response.slot_name);
+ return strdup((const char *) response.data().slot_name);
}
bool NitrokeyManager::is_valid_password_safe_slot_number(uint8_t slot_number) const { return slot_number < 16; }
@@ -340,7 +340,7 @@ namespace nitrokey{
auto p = get_payload<GetPasswordSafeSlotLogin>();
p.slot_number = slot_number;
auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(*device, p);
- return strdup((const char *) response.slot_login);
+ return strdup((const char *) response.data().slot_login);
}
const char *NitrokeyManager::get_password_safe_slot_password(uint8_t slot_number) {
@@ -348,7 +348,7 @@ namespace nitrokey{
auto p = get_payload<GetPasswordSafeSlotPassword>();
p.slot_number = slot_number;
auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(*device, p);
- return strdup((const char *) response.slot_password);
+ return strdup((const char *) response.data().slot_password);
}
void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login,
@@ -416,8 +416,8 @@ namespace nitrokey{
vector<uint8_t> NitrokeyManager::read_config() {
auto responsePayload = GetStatus::CommandTransaction::run(*device);
- vector<uint8_t> v = vector<uint8_t>(responsePayload.general_config,
- responsePayload.general_config+sizeof(responsePayload.general_config));
+ vector<uint8_t> v = vector<uint8_t>(responsePayload.data().general_config,
+ responsePayload.data().general_config+sizeof(responsePayload.data().general_config));
return v;
}
diff --git a/include/device_proto.h b/include/device_proto.h
index f28b5b9..f0d26c0 100644
--- a/include/device_proto.h
+++ b/include/device_proto.h
@@ -133,6 +133,24 @@ struct EmptyPayload {
std::string dissect() const { return std::string("Empty Payload."); }
} __packed;
+template <typename command_payload>
+class ClearingProxy{
+public:
+ ClearingProxy(command_payload &p){
+ payload = p;
+ bzero(&p, sizeof(p));
+ }
+ ~ClearingProxy(){
+ bzero(&payload, sizeof(payload));
+ }
+
+ command_payload & data(){
+ return payload;
+ }
+
+ command_payload payload;
+};
+
template <CommandID cmd_id, typename command_payload, typename response_payload>
class Transaction : semantics::non_constructible {
public:
@@ -167,11 +185,11 @@ class Transaction : semantics::non_constructible {
}
- static response_payload run(device::Device &dev,
+ static ClearingProxy<response_payload> run(device::Device &dev,
const command_payload &payload) {
using namespace ::nitrokey::device;
using namespace ::nitrokey::log;
- using namespace std::chrono_literals;
+ using namespace std::chrono_literals;
Log::instance()(__PRETTY_FUNCTION__, Loglevel::DEBUG_L2);
@@ -234,7 +252,7 @@ class Transaction : semantics::non_constructible {
return resp.payload;
}
- static response_payload run(device::Device &dev) {
+ static ClearingProxy<response_payload> run(device::Device &dev) {
command_payload empty_payload;
return run(dev, empty_payload);
}