From 3632e8a32d47950102bc077fd32f9c88316370e9 Mon Sep 17 00:00:00 2001
From: Szczepan Zalega <szczepan@nitrokey.com>
Date: Sat, 10 Sep 2016 10:50:59 +0200
Subject: Assume secret is coded in hex for OTP slot write #31

Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
---
 NitrokeyManager.cc        | 12 ++++++++++--
 unittest/test_bindings.py | 11 +++++++++--
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index 5b648b5..c88f717 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -157,6 +157,12 @@ namespace nitrokey{
         return erase_slot(slot_number, temporary_password);
     }
 
+    #include <cassert>
+    template <typename T, typename U>
+    void vector_copy(T& dest, std::vector<U> vec){
+        assert(sizeof(dest)>=vec.size());
+        std::copy(vec.begin(), vec.end(), dest);
+    }
 
     bool NitrokeyManager::write_HOTP_slot(uint8_t slot_number, const char *slot_name, const char *secret, uint8_t hotp_counter,
                                               bool use_8_digits, bool use_enter, bool use_tokenID, const char *token_ID,
@@ -166,7 +172,8 @@ namespace nitrokey{
         slot_number = get_internal_slot_number_for_hotp(slot_number);
         auto payload = get_payload<WriteToHOTPSlot>();
         payload.slot_number = slot_number;
-        strcpyT(payload.slot_secret, secret);
+        auto secret_bin = misc::hex_string_to_byte(secret);
+        vector_copy(payload.slot_secret, secret_bin);
         strcpyT(payload.slot_name, slot_name);
         strcpyT(payload.slot_token_id, token_ID);
         payload.slot_counter = hotp_counter;
@@ -188,7 +195,8 @@ namespace nitrokey{
 
         slot_number = get_internal_slot_number_for_totp(slot_number);
         payload.slot_number = slot_number;
-        strcpyT(payload.slot_secret, secret);
+        auto secret_bin = misc::hex_string_to_byte(secret);
+        vector_copy(payload.slot_secret, secret_bin);
         strcpyT(payload.slot_name, slot_name);
         strcpyT(payload.slot_token_id, token_ID);
         payload.slot_interval = time_window; //FIXME naming
diff --git a/unittest/test_bindings.py b/unittest/test_bindings.py
index eeda247..377203e 100644
--- a/unittest/test_bindings.py
+++ b/unittest/test_bindings.py
@@ -5,8 +5,15 @@ from enum import Enum
 ffi = cffi.FFI()
 gs = ffi.string
 
-RFC_SECRET = '12345678901234567890'
 
+def to_hex(s):
+    return "".join("{:02x}".format(ord(c)) for c in s)
+
+
+RFC_SECRET_HR = '12345678901234567890'
+RFC_SECRET = to_hex(RFC_SECRET_HR) #'12345678901234567890'
+
+# print( repr((RFC_SECRET, RFC_SECRET_, len(RFC_SECRET))) )
 
 class DefaultPasswords(Enum):
     ADMIN = '12345678'
@@ -214,7 +221,7 @@ def test_invalid_slot(C):
     invalid_slot = 255
     assert C.NK_erase_totp_slot(invalid_slot, 'some password') == LibraryErrors.INVALID_SLOT
     assert C.NK_write_hotp_slot(invalid_slot, 'long_test', RFC_SECRET, 0, False, False, False, "",
-                            'aaa') == LibraryErrors.INVALID_SLOT
+                                'aaa') == LibraryErrors.INVALID_SLOT
     assert C.NK_get_hotp_code_PIN(invalid_slot, 'some password') == 0
     assert C.NK_get_last_command_status() == LibraryErrors.INVALID_SLOT
     assert C.NK_erase_password_safe_slot(invalid_slot) == LibraryErrors.INVALID_SLOT
-- 
cgit v1.2.1