From 3632e8a32d47950102bc077fd32f9c88316370e9 Mon Sep 17 00:00:00 2001
From: Szczepan Zalega <szczepan@nitrokey.com>
Date: Sat, 10 Sep 2016 10:50:59 +0200
Subject: Assume secret is coded in hex for OTP slot write #31

Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
---
 NitrokeyManager.cc | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'NitrokeyManager.cc')

diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index 5b648b5..c88f717 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -157,6 +157,12 @@ namespace nitrokey{
         return erase_slot(slot_number, temporary_password);
     }
 
+    #include <cassert>
+    template <typename T, typename U>
+    void vector_copy(T& dest, std::vector<U> vec){
+        assert(sizeof(dest)>=vec.size());
+        std::copy(vec.begin(), vec.end(), dest);
+    }
 
     bool NitrokeyManager::write_HOTP_slot(uint8_t slot_number, const char *slot_name, const char *secret, uint8_t hotp_counter,
                                               bool use_8_digits, bool use_enter, bool use_tokenID, const char *token_ID,
@@ -166,7 +172,8 @@ namespace nitrokey{
         slot_number = get_internal_slot_number_for_hotp(slot_number);
         auto payload = get_payload<WriteToHOTPSlot>();
         payload.slot_number = slot_number;
-        strcpyT(payload.slot_secret, secret);
+        auto secret_bin = misc::hex_string_to_byte(secret);
+        vector_copy(payload.slot_secret, secret_bin);
         strcpyT(payload.slot_name, slot_name);
         strcpyT(payload.slot_token_id, token_ID);
         payload.slot_counter = hotp_counter;
@@ -188,7 +195,8 @@ namespace nitrokey{
 
         slot_number = get_internal_slot_number_for_totp(slot_number);
         payload.slot_number = slot_number;
-        strcpyT(payload.slot_secret, secret);
+        auto secret_bin = misc::hex_string_to_byte(secret);
+        vector_copy(payload.slot_secret, secret_bin);
         strcpyT(payload.slot_name, slot_name);
         strcpyT(payload.slot_token_id, token_ID);
         payload.slot_interval = time_window; //FIXME naming
-- 
cgit v1.2.1


From a46491a97da08e495c92bba8046426678b5564f7 Mon Sep 17 00:00:00 2001
From: Szczepan Zalega <szczepan@nitrokey.com>
Date: Fri, 9 Sep 2016 16:42:31 +0200
Subject: Remove asserts in favor of exceptions or warnings. Test changes in
 Python. On possible data truncation return LibraryError(exception) instead of
 silently truncating and logging warning

Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>
---
 NitrokeyManager.cc | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'NitrokeyManager.cc')

diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc
index c88f717..d827292 100644
--- a/NitrokeyManager.cc
+++ b/NitrokeyManager.cc
@@ -2,6 +2,7 @@
 #include <iostream>
 #include "include/NitrokeyManager.h"
 #include "include/LibraryException.h"
+#include <algorithm>
 
 namespace nitrokey{
 
@@ -157,10 +158,13 @@ namespace nitrokey{
         return erase_slot(slot_number, temporary_password);
     }
 
-    #include <cassert>
     template <typename T, typename U>
-    void vector_copy(T& dest, std::vector<U> vec){
-        assert(sizeof(dest)>=vec.size());
+    void vector_copy(T& dest, std::vector<U> &vec){
+        const size_t d_size = sizeof(dest);
+        if(d_size < vec.size()){
+            throw TargetBufferSmallerThanSource(vec.size(), d_size);
+        }
+        std::fill(dest, dest+d_size, 0);
         std::copy(vec.begin(), vec.end(), dest);
     }
 
-- 
cgit v1.2.1