Summary: a bug and patch in muscleTools-0.9.2.
Problem:
When formatting a token of a musclecard using the default
transport key, the system reports
Formatting token [**] : Failed (Invalid parameter)
Details:
When someone selects the 2nd transport option:
2. Use the MUSCLE default key : 4D7573636C653030
This uses the muscleCFlexKey which is defined to be
static MSCUChar8 muscleCFlexKey[8] = {'M', 'u', 's', 'c', 'l', 'e', '0', '0'};
The length of this is determines by strlen(muscleCFlexKey).
The problem is, this string is never explicitly null-terminated. The length
depends upon the next character in storage.
On my system, the value of strlen(muscleCFlexKey) is 9.
There exists other similar problems whenever the transport key,
PIN or Unblock strings are exactly 8 characters.
This patch fixes the problem and two minor documentation issues:
1) It also changes muscleCFlexKey to be muscleDefaultKey, as this
parameter has nothing to do with the CryptoFLex cards.
2) Changes the documentation on choice #1 to indicate that it is the default key for
the
Axalto CyberFlex card, and not the generic "faactory."
--- muscleTool.c.old 2004-09-01 12:37:20.000000000 -0400
+++ muscleTool.c 2004-09-01 12:43:07.000000000 -0400
@@ -65,6 +65,7 @@
quitStat = 0;
}
+#define STRLEN(a) ((strlen(a)>8) ? 8 : strlen(a))
MSCULong32 tokenCallback(MSCLPTokenInfo tokInfo, MSCULong32 tokSize,
MSCPVoid32 data) {
@@ -78,7 +79,7 @@
}
static MSCUChar8 defaultCFlexKey[8] = {0x2C, 0x15, 0xE5, 0x26, 0xE9, 0x3E, 0x8A,
0x19};
-static MSCUChar8 muscleCFlexKey[8] = {'M', 'u', 's', 'c', 'l', 'e', '0', '0'};
+static MSCUChar8 muscleDefaultKey[8] = {'M', 'u', 's', 'c', 'l', 'e', '0', '0'};
int textToBytes(MSCString inStr, MSCPUChar8 Buffer, MSCPULong32 Length)
{
@@ -1632,7 +1633,7 @@
}
printf("Would you like to: \n");
- printf(" 1. Use the default factory key: 2C15E526E93E8A19\n");
+ printf(" 1. Use the Axalto CryptoFlex factory key: 2C15E526E93E8A19\n");
printf(" 2. Use the MUSCLE default key : 4D7573636C653030\n");
printf(" 3. Enter your own transport key\n");
printf("\n");
@@ -1694,8 +1695,8 @@
adminKey = defaultCFlexKey;
adminKeyLength = 8;
} else if (transportKeyChoice == 2) {
- adminKey = muscleCFlexKey;
- adminKeyLength = strlen(adminKey);
+ adminKey = muscleDefaultKey;
+ adminKeyLength = STRLEN(adminKey);
} else if (transportKeyChoice == 3) {
adminKey = userTransportKey;
adminKeyLength = userKeyLength;
@@ -1739,14 +1740,14 @@
memcpy(initParams.transportKey, adminKey, adminKeyLength);
initParams.transportKeyLen = adminKeyLength;
- memcpy(initParams.newTransportKey, newAdmin, strlen(newAdmin));
- initParams.newTransportKeyLen = strlen(newAdmin);
+ memcpy(initParams.newTransportKey, newAdmin, STRLEN(newAdmin));
+ initParams.newTransportKeyLen = STRLEN(newAdmin);
- memcpy(initParams.defaultCHV, userPIN, strlen(userPIN));
- initParams.defaultCHVLen = strlen(userPIN);
+ memcpy(initParams.defaultCHV, userPIN, STRLEN(userPIN));
+ initParams.defaultCHVLen = STRLEN(userPIN);
- memcpy(initParams.defaultCHVUnblock, userUnblock, strlen(userUnblock));
- initParams.defaultCHVUnblockSize = strlen(userUnblock);
+ memcpy(initParams.defaultCHVUnblock, userUnblock, STRLEN(userUnblock));
+ initParams.defaultCHVUnblockSize = STRLEN(userUnblock);
initParams.defaultCHVTries = (MSCUChar8)getTries;
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle
