aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorRobin Krahl <robin.krahl@ireas.org>2020-01-28 19:42:41 +0100
committerRobin Krahl <robin.krahl@ireas.org>2020-01-28 21:05:03 +0100
commit669fbb40d894460e9603dcf6e953373e53a19347 (patch)
tree0969d9f734fda35a9cb9b21cb063e63b615d1a81 /src
parent817409140a8778215d2d65d614d3672166fff576 (diff)
downloadnitrokey-rs-669fbb40d894460e9603dcf6e953373e53a19347.tar.gz
nitrokey-rs-669fbb40d894460e9603dcf6e953373e53a19347.tar.bz2
Use CString to store temporary passwords
This patch changes the generate_password function and the User and Admin structs to use a CString instead of a Vec<u8> when storing temporary passwords. This makes sure that the strings that are passed to the C API are properly null-terminated.
Diffstat (limited to 'src')
-rw-r--r--src/auth.rs17
-rw-r--r--src/util.rs4
2 files changed, 11 insertions, 10 deletions
diff --git a/src/auth.rs b/src/auth.rs
index cab1021..571e198 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -2,6 +2,7 @@
// SPDX-License-Identifier: MIT
use std::convert::TryFrom as _;
+use std::ffi::CString;
use std::marker;
use std::ops;
use std::os::raw::c_char;
@@ -117,7 +118,7 @@ pub trait Authenticate<'a> {
}
trait AuthenticatedDevice<T> {
- fn new(device: T, temp_password: Vec<u8>) -> Self;
+ fn new(device: T, temp_password: CString) -> Self;
fn temp_password_ptr(&self) -> *const c_char;
}
@@ -134,7 +135,7 @@ trait AuthenticatedDevice<T> {
#[derive(Debug)]
pub struct User<'a, T: Device<'a>> {
device: T,
- temp_password: Vec<u8>,
+ temp_password: CString,
marker: marker::PhantomData<&'a T>,
}
@@ -150,7 +151,7 @@ pub struct User<'a, T: Device<'a>> {
#[derive(Debug)]
pub struct Admin<'a, T: Device<'a>> {
device: T,
- temp_password: Vec<u8>,
+ temp_password: CString,
marker: marker::PhantomData<&'a T>,
}
@@ -169,7 +170,7 @@ where
Err(err) => return Err((device, err)),
};
let password_ptr = password.as_ptr();
- let temp_password_ptr = temp_password.as_ptr() as *const c_char;
+ let temp_password_ptr = temp_password.as_ptr();
match callback(password_ptr, temp_password_ptr) {
0 => Ok(A::new(device, temp_password)),
rv => Err((device, Error::from(rv))),
@@ -246,7 +247,7 @@ impl<'a, T: Device<'a>> GenerateOtp for User<'a, T> {
}
impl<'a, T: Device<'a>> AuthenticatedDevice<T> for User<'a, T> {
- fn new(device: T, temp_password: Vec<u8>) -> Self {
+ fn new(device: T, temp_password: CString) -> Self {
User {
device,
temp_password,
@@ -255,7 +256,7 @@ impl<'a, T: Device<'a>> AuthenticatedDevice<T> for User<'a, T> {
}
fn temp_password_ptr(&self) -> *const c_char {
- self.temp_password.as_ptr() as *const c_char
+ self.temp_password.as_ptr()
}
}
@@ -373,7 +374,7 @@ impl<'a, T: Device<'a>> ConfigureOtp for Admin<'a, T> {
}
impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> {
- fn new(device: T, temp_password: Vec<u8>) -> Self {
+ fn new(device: T, temp_password: CString) -> Self {
Admin {
device,
temp_password,
@@ -382,7 +383,7 @@ impl<'a, T: Device<'a>> AuthenticatedDevice<T> for Admin<'a, T> {
}
fn temp_password_ptr(&self) -> *const c_char {
- self.temp_password.as_ptr() as *const c_char
+ self.temp_password.as_ptr()
}
}
diff --git a/src/util.rs b/src/util.rs
index 5a56c55..b9b1a68 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -75,10 +75,10 @@ pub fn get_last_error() -> Error {
}
}
-pub fn generate_password(length: usize) -> Result<Vec<u8>, Error> {
+pub fn generate_password(length: usize) -> Result<CString, Error> {
let mut data = vec![0u8; length];
OsRng.fill_bytes(&mut data[..]);
- Ok(data)
+ get_cstring(data)
}
pub fn get_cstring<T: Into<Vec<u8>>>(s: T) -> Result<CString, Error> {