diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2020-01-28 19:42:41 +0100 |
---|---|---|
committer | Robin Krahl <robin.krahl@ireas.org> | 2020-01-28 21:05:03 +0100 |
commit | 669fbb40d894460e9603dcf6e953373e53a19347 (patch) | |
tree | 0969d9f734fda35a9cb9b21cb063e63b615d1a81 /src | |
parent | 817409140a8778215d2d65d614d3672166fff576 (diff) | |
download | nitrokey-rs-669fbb40d894460e9603dcf6e953373e53a19347.tar.gz nitrokey-rs-669fbb40d894460e9603dcf6e953373e53a19347.tar.bz2 |
Use CString to store temporary passwords
This patch changes the generate_password function and the User and Admin
structs to use a CString instead of a Vec<u8> when storing temporary
passwords. This makes sure that the strings that are passed to the C
API are properly null-terminated.
Diffstat (limited to 'src')
-rw-r--r-- | src/auth.rs | 17 | ||||
-rw-r--r-- | src/util.rs | 4 |
2 files changed, 11 insertions, 10 deletions
diff --git a/src/auth.rs b/src/auth.rs index cab1021..571e198 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT use std::convert::TryFrom as _; +use std::ffi::CString; use std::marker; use std::ops; use std::os::raw::c_char; @@ -117,7 +118,7 @@ pub trait Authenticate<'a> { } trait AuthenticatedDevice<T> { - fn new(device: T, temp_password: Vec<u8>) -> Self; + fn new(device: T, temp_password: CString) -> Self; fn temp_password_ptr(&self) -> *const c_char; } @@ -134,7 +135,7 @@ trait AuthenticatedDevice<T> { #[derive(Debug)] pub struct User<'a, T: Device<'a>> { device: T, - temp_password: Vec<u8>, + temp_password: CString, marker: marker::PhantomData<&'a T>, } @@ -150,7 +151,7 @@ pub struct User<'a, T: Device<'a>> { #[derive(Debug)] pub struct Admin<'a, T: Device<'a>> { device: T, - temp_password: Vec<u8>, + temp_password: CString, marker: marker::PhantomData<&'a T>, } @@ -169,7 +170,7 @@ where Err(err) => return Err((device, err)), }; let password_ptr = password.as_ptr(); - let temp_password_ptr = temp_password.as_ptr() as *const c_char; + let temp_password_ptr = temp_password.as_ptr(); match callback(password_ptr, temp_password_ptr) { 0 => Ok(A::new(device, temp_password)), rv => Err((device, Error::from(rv))), @@ -246,7 +247,7 @@ impl<'a, T: Device<'a>> GenerateOtp for User<'a, T> { } impl<'a, T: Device<'a>> AuthenticatedDevice<T> for User<'a, T> { - fn new(device: T, temp_password: Vec<u8>) -> Self { + fn new(device: T, temp_password: CString) -> Self { User { device, temp_password, @@ -255,7 +256,7 @@ impl<'a, T: Device<'a>> AuthenticatedDevice<T> for User<'a, T> { } fn temp_password_ptr(&self) -> *const c_char { - self.temp_password.as_ptr() as *const c_char + self.temp_password.as_ptr() } } @@ -373,7 +374,7 @@ impl<'a, T: Device<'a>> ConfigureOtp for Admin<'a, T> { } impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> { - fn new(device: T, temp_password: Vec<u8>) -> Self { + fn new(device: T, temp_password: CString) -> Self { Admin { device, temp_password, @@ -382,7 +383,7 @@ impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> { } fn temp_password_ptr(&self) -> *const c_char { - self.temp_password.as_ptr() as *const c_char + self.temp_password.as_ptr() } } diff --git a/src/util.rs b/src/util.rs index 5a56c55..b9b1a68 100644 --- a/src/util.rs +++ b/src/util.rs @@ -75,10 +75,10 @@ pub fn get_last_error() -> Error { } } -pub fn generate_password(length: usize) -> Result<Vec<u8>, Error> { +pub fn generate_password(length: usize) -> Result<CString, Error> { let mut data = vec![0u8; length]; OsRng.fill_bytes(&mut data[..]); - Ok(data) + get_cstring(data) } pub fn get_cstring<T: Into<Vec<u8>>>(s: T) -> Result<CString, Error> { |