Hello community, here is the log from the commit of package ykpers for openSUSE:Factory checked in at 2018-04-11 14:00:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ykpers (Old) and /work/SRC/openSUSE:Factory/.ykpers.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ykpers" Wed Apr 11 14:00:13 2018 rev:5 rq:594943 version:1.18.1 Changes: -------- --- /work/SRC/openSUSE:Factory/ykpers/ykpers.changes 2017-04-20 20:59:00.931530769 +0200 +++ /work/SRC/openSUSE:Factory/.ykpers.new/ykpers.changes 2018-04-11 14:02:39.857343844 +0200 @@ -1,0 +2,10 @@ +Sun Apr 8 21:15:59 UTC 2018 - [email protected] + +- updated to 1.18.1 (released 2018-01-16) + - Support reading accesscode and private ID from stdin. + - Parse optional arguments correctly. + - Documentation fixes. + - Fix for ykinfo modhex serial output when it ends with c. + - Treat all firmware versions as supported. + +------------------------------------------------------------------- Old: ---- ykpers-1.18.0.tar.gz ykpers-1.18.0.tar.gz.sig New: ---- ykpers-1.18.1.tar.gz ykpers-1.18.1.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ykpers.spec ++++++ --- /var/tmp/diff_new_pack.pCFx9D/_old 2018-04-11 14:02:43.157224577 +0200 +++ /var/tmp/diff_new_pack.pCFx9D/_new 2018-04-11 14:02:43.161224433 +0200 @@ -1,7 +1,7 @@ # # spec file for package ykpers # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: ykpers -Version: 1.18.0 +Version: 1.18.1 Release: 0 Summary: Provides a reference implementation for configuration of YubiKeys License: BSD-2-Clause @@ -35,7 +35,7 @@ BuildRequires: pkgconfig(udev) %description -Yubico's YubiKey can be re-programmed. This project's purpose is to provide a reference implementation for configuration of YubiKey's. +Yubico's YubiKey can be re-programmed. This project's purpose is to provide a reference implementation for configuration of YubiKeys. %package -n libykpers-1-1 Summary: Provides a reference implementation for configuration of YubiKeys ++++++ ykpers-1.18.0.tar.gz -> ykpers-1.18.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ChangeLog new/ykpers-1.18.1/ChangeLog --- old/ykpers-1.18.0/ChangeLog 2017-01-27 11:57:22.000000000 +0100 +++ new/ykpers-1.18.1/ChangeLog 2018-01-16 12:14:40.000000000 +0100 @@ -1,3 +1,97 @@ +2018-01-16 Klas Lindfors <[email protected]> + + * NEWS: NEWS for 1.18.1 + +2018-01-16 Klas Lindfors <[email protected]> + + * tests/test_yk_utilities.c, ykcore/ykcore.c: treat all firmware + versions as supported due to backwards compatibility etc it doesn't really make sense to + continually update a list of known firmware versions + +2018-01-16 Klas Lindfors <[email protected]> + + * : commit 152aec812c73349647f2225d9723649bb498e4f0 Author: Robert + Giles <[email protected]> Date: Fri Jan 12 16:31:53 + 2018 -0600 + +2017-12-11 Klas Lindfors <[email protected]> + + * README: typo: it's -> its reported at + https://github.com/Yubico/developers.yubico.com/issues/91 + +2017-10-24 Klas Lindfors <[email protected]> + + * : commit 69b2a1da08054590b64c9891a88b38babdd9ccc9 Author: Klas + Lindfors <[email protected]> Date: Tue Oct 24 08:47:58 2017 +0200 + +2017-10-22 Patrick C. F. Ernzer <[email protected]> + + * README: DNF is the default package manager since Fedora 22. + +2017-05-17 Dag Heyman <[email protected]> + + * : commit 55d3dee55b29eb7af6fd20731f2c60cc3d150301 Author: Dag + Heyman <[email protected]> Date: Wed May 17 10:53:45 2017 +0200 + +2017-05-17 Klas Lindfors <[email protected]> + + * : commit 3fc99635ea567d729da84b9dab5c09b54046497d Author: + Alexandre <[email protected]> Date: Tue May 16 19:33:09 2017 +0200 + +2017-04-24 Klas Lindfors <[email protected]> + + * ykpers-args.c: warnings fixup + +2017-04-20 Klas Lindfors <[email protected]> + + * ykpersonalize.1.adoc: more updates to manual to mark values as + optional + +2017-04-20 Klas Lindfors <[email protected]> + + * ykpers-args.c: update help output for optional arguments + +2017-04-20 Klas Lindfors <[email protected]> + + * ykpersonalize.1.adoc: Add a few words to manpage about stdin + prompting + +2017-04-20 Klas Lindfors <[email protected]> + + * tests/test_args_to_config.c, ykpers-args.c, ykpers-args.h, + ykpersonalize.c: move all key handling to ykpers-args and support h: + and m: syntax + +2017-04-20 Klas Lindfors <[email protected]> + + * ykpers-args.c, ykpersonalize.c: move reading of key from stdin to + ykpers-args to align + +2017-04-19 Klas Lindfors <[email protected]> + + * ykpers-args.c: fix so we parse optional arguments correctly this is a bit crazy, but when we get an argument that might be + optional, check if the first character of it is -, in that case step + back optind and ask for it on stdin, otherwise we take the next + option as this ones argument. + +2017-04-19 Klas Lindfors <[email protected]> + + * ykpers-args.c: try to fixup whitespace damage this occured in 61411d7dcfd357f710dd679ee5620fa60df82416 + +2017-04-19 Klas Lindfors <[email protected]> + + * ykpers-args.c: support reading private id from stdin + +2017-04-19 Klas Lindfors <[email protected]> + + * tests/test_args_to_config.c, ykpers-args.c, ykpers-args.h, + ykpersonalize.c: support reading accesscode from stdin, not only + command line requires some minor refactoring + +2017-01-27 Klas Lindfors <[email protected]> + + * NEWS, configure.ac: bump versions after release + 2017-01-27 Klas Lindfors <[email protected]> * NEWS: add NEWS for 1.18.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/NEWS new/ykpers-1.18.1/NEWS --- old/ykpers-1.18.0/NEWS 2017-01-27 11:57:17.000000000 +0100 +++ new/ykpers-1.18.1/NEWS 2018-01-16 12:13:53.000000000 +0100 @@ -1,5 +1,17 @@ Yubikey-personalize NEWS -- History of user-visible changes. -*- outline -*- +* Version 1.18.1 (released 2018-01-16) + +** Support reading accesscode and private ID from stdin. + +** Parse optional arguments correctly. + +** Documentation fixes. + +** Fix for ykinfo modhex serial output when it ends with c. + +** Treat all firmware versions as supported. + * Version 1.18.0 (released 2017-01-27) ** Let ykchalresp read challenge from a file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/README new/ykpers-1.18.1/README --- old/ykpers-1.18.0/README 2014-05-28 13:07:15.000000000 +0200 +++ new/ykpers-1.18.1/README 2017-12-11 08:47:07.000000000 +0100 @@ -25,6 +25,7 @@ Yubico-c is needed, see: https://developers.yubico.com/yubico-c/ Debian: apt-get install libyubikey-dev + Fedora: dnf install libyubikey-devel Pkg-config simplify finding other dependencies, see: http://www.freedesktop.org/wiki/Software/pkg-config @@ -36,7 +37,7 @@ Debian libusb-1: apt-get install libusb-1.0-0-dev Debian libusb: apt-get install libusb-dev - Fedora: yum install libusb-devel + Fedora: dnf install libusb-devel The JSON library is an optional dependency, see: https://github.com/json-c/json-c/wiki @@ -74,7 +75,7 @@ ----------- -When building from source Yubikey-personaliztion depends on link:http://asciidoc.org/INSTALL.html[asciidoc] to build it's manpage. +When building from source Yubikey-personaliztion depends on link:http://asciidoc.org/INSTALL.html[asciidoc] to build its manpage. Autoconf, automake and libtool must be installed. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/build-and-test.sh new/ykpers-1.18.1/build-and-test.sh --- old/ykpers-1.18.0/build-and-test.sh 2017-01-27 11:57:16.000000000 +0100 +++ new/ykpers-1.18.1/build-and-test.sh 2017-10-24 08:47:53.000000000 +0200 @@ -1,11 +1,14 @@ #!/bin/sh +set -x + if [ "x$TRAVIS_OS_NAME" != "xosx" ]; then sudo apt-get update -qq || true sudo apt-get remove -qq -y $REMOVE sudo apt-get autoremove -qq sudo apt-get install -qq -y --no-install-recommends libyubikey-dev asciidoc docbook-xsl xsltproc libxml2-utils $EXTRA else + brew update brew uninstall libtool brew install libtool brew install libyubikey diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/configure new/ykpers-1.18.1/configure --- old/ykpers-1.18.0/configure 2016-02-17 08:56:56.000000000 +0100 +++ new/ykpers-1.18.1/configure 2017-04-19 14:40:36.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for yubikey-personalization 1.18.0. +# Generated by GNU Autoconf 2.69 for yubikey-personalization 1.18.1. # # Report bugs to <[email protected]>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='yubikey-personalization' PACKAGE_TARNAME='ykpers' -PACKAGE_VERSION='1.18.0' -PACKAGE_STRING='yubikey-personalization 1.18.0' +PACKAGE_VERSION='1.18.1' +PACKAGE_STRING='yubikey-personalization 1.18.1' PACKAGE_BUGREPORT='[email protected]' PACKAGE_URL='https://developers.yubico.com/yubikey-personalization/' @@ -776,6 +776,7 @@ docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -873,6 +874,7 @@ sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1125,6 +1127,15 @@ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1262,7 +1273,7 @@ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1375,7 +1386,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures yubikey-personalization 1.18.0 to adapt to many kinds of systems. +\`configure' configures yubikey-personalization 1.18.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1415,6 +1426,7 @@ --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -1445,7 +1457,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of yubikey-personalization 1.18.0:";; + short | recursive ) echo "Configuration of yubikey-personalization 1.18.1:";; esac cat <<\_ACEOF @@ -1578,7 +1590,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -yubikey-personalization configure 1.18.0 +yubikey-personalization configure 1.18.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1856,7 +1868,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by yubikey-personalization $as_me 1.18.0, which was +It was created by yubikey-personalization $as_me 1.18.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2241,7 +2253,7 @@ # Interfaces removed: AGE=0 LT_CURRENT=19 -LT_REVISION=0 +LT_REVISION=1 LT_AGE=18 @@ -2732,7 +2744,7 @@ # Define the identity of the package. PACKAGE='ykpers' - VERSION='1.18.0' + VERSION='1.18.1' cat >>confdefs.h <<_ACEOF @@ -15970,7 +15982,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by yubikey-personalization $as_me 1.18.0, which was +This file was extended by yubikey-personalization $as_me 1.18.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -16028,7 +16040,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -yubikey-personalization config.status 1.18.0 +yubikey-personalization config.status 1.18.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/configure.ac new/ykpers-1.18.1/configure.ac --- old/ykpers-1.18.0/configure.ac 2016-02-17 08:55:54.000000000 +0100 +++ new/ykpers-1.18.1/configure.ac 2017-01-27 12:03:40.000000000 +0100 @@ -26,7 +26,7 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([yubikey-personalization], [1.18.0], +AC_INIT([yubikey-personalization], [1.18.1], [[email protected]], [ykpers], [https://developers.yubico.com/yubikey-personalization/]) AC_CONFIG_AUX_DIR([build-aux]) @@ -37,7 +37,7 @@ # Interfaces added: AGE++ # Interfaces removed: AGE=0 AC_SUBST(LT_CURRENT, 19) -AC_SUBST(LT_REVISION, 0) +AC_SUBST(LT_REVISION, 1) AC_SUBST(LT_AGE, 18) AM_INIT_AUTOMAKE([1.11.3 -Wall -Werror]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/tests/Makefile.in new/ykpers-1.18.1/tests/Makefile.in --- old/ykpers-1.18.0/tests/Makefile.in 2016-02-17 08:56:56.000000000 +0100 +++ new/ykpers-1.18.1/tests/Makefile.in 2017-04-19 14:40:35.000000000 +0200 @@ -590,6 +590,7 @@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/tests/test_args_to_config.c new/ykpers-1.18.1/tests/test_args_to_config.c --- old/ykpers-1.18.0/tests/test_args_to_config.c 2017-01-10 09:18:13.000000000 +0100 +++ new/ykpers-1.18.1/tests/test_args_to_config.c 2017-04-20 09:14:43.000000000 +0200 @@ -106,9 +106,9 @@ const char *outfname = NULL; bool verbose = false; bool dry_run = false; - char keylocation = 0; bool use_access_code = false; - unsigned char access_code[256]; + char *access_code = NULL; + char *new_access_code = NULL; bool autocommit = false; int exit_code = 0; int data_format = YKP_FORMAT_LEGACY; @@ -144,11 +144,13 @@ &infname, &outfname, &data_format, &autocommit, st, &verbose, &dry_run, - access_code, &use_access_code, - &keylocation, &ndef_type, ndef, &usb_mode, &zap, + &access_code, &new_access_code, + &ndef_type, ndef, &usb_mode, &zap, scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen, &exit_code); + free(access_code); + free(new_access_code); return rc; } @@ -203,10 +205,10 @@ }; char *argv[] = { - "unittest", "-1", + "unittest", "-1", "-a", "h:00000000000000000000000000000000", NULL }; - int argc = 2; + int argc = 4; rc = _test_config(cfg, st, argc, argv); _check_success(rc, cfg, expected, __LINE__); @@ -295,9 +297,8 @@ const char *outfname = NULL; bool verbose = false; bool dry_run = false; - char keylocation = 0; - bool use_access_code = false; - unsigned char access_code[256]; + char *access_code = NULL; + char *new_access_code = NULL; bool autocommit = false; int exit_code = 0; int i; @@ -339,19 +340,21 @@ &infname, &outfname, &data_format, &autocommit, st, &verbose, &dry_run, - access_code, &use_access_code, - &keylocation, &ndef_type, ndef, &usb_mode, &zap, + &access_code, &new_access_code, + &ndef_type, ndef, &usb_mode, &zap, scan_map, &cr_timeout, &autoeject_timeout, &num_modes_seen, &exit_code); assert(rc == 1); i = strcmp(infname, "in"); assert(i == 0); i = strcmp(outfname, "out"); assert(i == 0); - i = memcmp(access_code, "123456", 6); assert(i == 0); + i = memcmp(access_code, "313233343536", 12); assert(i == 0); assert(autocommit == true); assert(verbose == true); ykp_free_config(cfg); free(st); + free(access_code); + free(new_access_code); } static void _test_oath_hotp_nist_160_bits(void) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/tests/test_yk_utilities.c new/ykpers-1.18.1/tests/test_yk_utilities.c --- old/ykpers-1.18.0/tests/test_yk_utilities.c 2015-11-05 13:14:20.000000000 +0100 +++ new/ykpers-1.18.1/tests/test_yk_utilities.c 2018-01-16 12:10:40.000000000 +0100 @@ -44,30 +44,30 @@ int build; bool support; } supported[] = { - {0,8,0,false}, + {0,8,0,true}, {0,9,9,true}, {1,2,9,true}, {1,3,1,true}, - {1,4,5,false}, + {1,4,5,true}, {2,0,2,true}, {2,1,1,true}, {2,2,3,true}, {2,3,0,true}, {2,4,5,true}, {2,5,2,true}, - {2,6,0,false}, + {2,6,0,true}, {3,0,1,true}, {3,2,8,true}, {3,3,0,true}, {3,4,3,true}, - {3,5,1,false}, + {3,5,1,true}, {4,0,1,true}, {4,1,2,true}, {4,1,10,true}, {4,2,1,true}, {4,3,7,true}, - {4,4,5,false}, - {5,0,0,false}, + {4,4,5,true}, + {5,0,0,true}, }; static YK_STATUS * _test_init_st(int major, int minor, int build) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykcore/Makefile.in new/ykpers-1.18.1/ykcore/Makefile.in --- old/ykpers-1.18.0/ykcore/Makefile.in 2016-02-17 08:56:56.000000000 +0100 +++ new/ykpers-1.18.1/ykcore/Makefile.in 2017-04-19 14:40:35.000000000 +0200 @@ -357,6 +357,7 @@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykcore/ykcore.c new/ykpers-1.18.1/ykcore/ykcore.c --- old/ykpers-1.18.0/ykcore/ykcore.c 2016-05-18 08:39:36.000000000 +0200 +++ new/ykpers-1.18.1/ykcore/ykcore.c 2018-01-16 12:09:57.000000000 +0100 @@ -120,30 +120,7 @@ int yk_check_firmware_version2(YK_STATUS *st) { - switch(st->versionMajor) { - case 0: - if(st->versionMinor == 9) - return 1; - break; - case 1: - if(st->versionMinor <= 3) - return 1; - break; - case 2: - if(st->versionMinor <= 5) - return 1; - break; - case 3: - if(st->versionMinor <= 4) - return 1; - break; - case 4: - if(st->versionMinor <= 3) - return 1; - break; - } - yk_errno = YK_EFIRMWARE; - return 0; + return 1; } int yk_get_status(YK_KEY *k, YK_STATUS *status) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykinfo.c new/ykpers-1.18.1/ykinfo.c --- old/ykpers-1.18.0/ykinfo.c 2016-02-05 10:36:07.000000000 +0100 +++ new/ykpers-1.18.1/ykinfo.c 2018-01-16 11:00:45.000000000 +0100 @@ -239,7 +239,7 @@ } if(serial_modhex) { yubikey_hex_decode(hex_serial, ptr, strlen(ptr)); - yubikey_modhex_encode(modhex_serial, hex_serial, strlen(hex_serial)); + yubikey_modhex_encode(modhex_serial, hex_serial, strlen(ptr)/2); if(!quiet) printf("serial_modhex: "); printf("%s\n", modhex_serial); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpers-args.c new/ykpers-1.18.1/ykpers-args.c --- old/ykpers-1.18.0/ykpers-args.c 2017-01-11 12:32:37.000000000 +0100 +++ new/ykpers-1.18.1/ykpers-args.c 2017-12-11 08:46:55.000000000 +0100 @@ -70,8 +70,9 @@ "-a[XXX..] The AES secret key as a 32 (or 40 for OATH-HOTP/HMAC CHAL-RESP)\n" " char hex value (not modhex) (none to prompt for key on stdin)\n" " If -a is not used a random key will be generated.\n" -"-cXXX.. A 12 char hex value (not modhex) to use as access code for programming\n" +"-c[XXX..] A 12 char hex value (not modhex) to use as access code for programming\n" " (this does NOT SET the access code, that's done with -oaccess=)\n" +" If -c is provided without argument a code is prompted for\n" "-nXXX.. Write NDEF URI to YubiKey NEO, must be used with -1 or -2\n" "-tXXX.. Write NDEF text to YubiKey NEO, must be used with -1 or -2\n" "-mMODE Set the USB device configuration of the YubiKey.\n" @@ -82,10 +83,12 @@ "-oOPTION change configuration option. Possible OPTION arguments are:\n" " fixed=xxxxxxxxxxx The public identity of key, in MODHEX.\n" " This is 0-32 characters long.\n" -" uid=xxxxxx The uid part of the generated ticket, in HEX.\n" +" uid[=xxxxxx] The uid part of the generated ticket, in HEX.\n" " MUST be 12 characters long.\n" -" access=xxxxxxxxxxx New access code to set, in HEX.\n" +" If argument is omitted uid is prompted for on stdin.\n" +" access[=xxxxxx] New access code to set, in HEX.\n" " MUST be 12 characters long.\n" +" If argument is omitted code is prompted for on stdin.\n" " oath-imf=IMF OATH Initial Moving Factor to use.\n" " oath-id[=h:OOTT...] OATH Token Identifier (none for serial-based)\n" "\n" @@ -162,7 +165,7 @@ static int _format_decimal_as_hex(uint8_t *dst, size_t dst_len, uint8_t *src); static int _format_oath_id(uint8_t *dst, size_t dst_len, uint8_t vendor, uint8_t type, uint32_t mui); -static int hex_modhex_decode(unsigned char *result, size_t *resultlen, +int hex_modhex_decode(unsigned char *result, size_t *resultlen, const char *str, size_t strl, size_t minsize, size_t maxsize, bool primarily_modhex) @@ -217,6 +220,21 @@ } } +static int prompt_for_data(const char *prompt, char **data) { + fprintf(stderr, "%s", prompt); + fflush(stderr); + *data = calloc(257, sizeof(char)); + if(!fgets(*data, 256, stdin)) { + fprintf(stderr, "Error reading from stdin\n"); + perror ("fgets"); + return 1; + } + if((*data)[strlen(*data) - 1] == '\n') { + (*data)[strlen(*data) - 1] = '\0'; + } + return 0; +} + extern char *optarg; extern int optind; @@ -231,16 +249,16 @@ const char **infname, const char **outfname, int *data_format, bool *autocommit, YK_STATUS *st, bool *verbose, bool *dry_run, - unsigned char *access_code, bool *use_access_code, - char *keylocation, char *ndef_type, char *ndef, + char **access_code, char **new_access_code, + char *ndef_type, char *ndef, unsigned char *usb_mode, bool *zap, unsigned char *scan_bin, unsigned char *cr_timeout, unsigned short *autoeject_timeout, int *num_modes_seen, int *exit_code) { int c; + char keylocation = 0; const char *aeshash = NULL; - bool new_access_code = false; bool slot_chosen = false; bool mode_chosen = false; bool option_seen = false; @@ -381,28 +399,25 @@ } break; case 'a': - aeshash = optarg; - *keylocation = 1; + if(optarg[0] == '-') { + keylocation = 2; + optind--; + } else { + aeshash = optarg; + keylocation = 1; + } break; - case 'c': { - size_t access_code_len = 0; - int rc = hex_modhex_decode(access_code, &access_code_len, - optarg, strlen(optarg), - 12, 12, false); - if (rc <= 0) { - fprintf(stderr, - "Invalid access code string: %s\n", - optarg); - *exit_code = 1; - return 0; + case 'c': + if(optarg[0] == '-') { + optind--; + if(prompt_for_data(" Access code, 6 bytes (12 characters hex) : ", access_code) != 0) { + *exit_code = 1; + return 0; + } + } else { + *access_code = strdup(optarg); } - if (!new_access_code) - ykp_set_access_code(cfg, - access_code, - access_code_len); - *use_access_code = true; break; - } case 't': *ndef_type = 'T'; case 'n': { @@ -501,48 +516,53 @@ return 0; } } - else if (strncmp(optarg, "uid=", 4) == 0) { - const char *uid = optarg+4; - size_t uidlen = strlen (uid); + else if (strncmp(optarg, "uid", 3) == 0) { + char *uid = optarg+4; + size_t uidlen; unsigned char uidbin[256]; size_t uidbinlen = 0; - int rc = hex_modhex_decode(uidbin, &uidbinlen, - uid, uidlen, - 12, 12, false); + int rc; + char *uidtmp = NULL; + + if(strncmp(optarg, "uid=", 4) != 0) { + if(prompt_for_data(" Private ID, 6 bytes (12 characters hex) : ", &uidtmp) != 0) { + *exit_code = 1; + return 0; + } + uid = uidtmp; + } + + uidlen = strlen(uid); + rc = hex_modhex_decode(uidbin, &uidbinlen, + uid, uidlen, + 12, 12, false); if (rc <= 0) { fprintf(stderr, - "Invalid uid string: %s\n", - uid); + "Invalid uid string: %s\n", + uid); *exit_code = 1; return 0; } + + free(uidtmp); /* for OATH-HOTP and CHAL-RESP, uid is not applicable */ if (ykp_get_tktflag_OATH_HOTP(cfg) || ykp_get_tktflag_CHAL_RESP(cfg)) { fprintf(stderr, - "Option uid= not valid with -ooath-hotp or -ochal-resp.\n" - ); + "Option uid= not valid with -ooath-hotp or -ochal-resp.\n" + ); *exit_code = 1; return 0; } ykp_set_uid(cfg, uidbin, uidbinlen); } else if (strncmp(optarg, "access=", 7) == 0) { - const char *acc = optarg+7; - size_t acclen = strlen (acc); - unsigned char accbin[256]; - size_t accbinlen = 0; - int rc = hex_modhex_decode (accbin, &accbinlen, - acc, acclen, - 12, 12, false); - if (rc <= 0) { - fprintf(stderr, - "Invalid access code string: %s\n", - acc); + *new_access_code = strdup(optarg + 7); + } + else if (strncmp(optarg, "access", 6) == 0) { + if(prompt_for_data(" New access code, 6 bytes (12 characters hex) : ", new_access_code) != 0) { *exit_code = 1; return 0; } - ykp_set_access_code(cfg, accbin, accbinlen); - new_access_code = true; } #define TKTFLAG(o, f) \ else if (strcmp(optarg, o) == 0) { \ @@ -685,7 +705,13 @@ continue; } case 'a': - *keylocation = 2; + keylocation = 2; + continue; + case 'c': + if(prompt_for_data(" Access code, 6 bytes (12 characters hex) : ", access_code) != 0) { + *exit_code = 1; + return 0; + } continue; } case 'h': @@ -725,19 +751,78 @@ } } - if (*keylocation == 1) { - bool long_key_valid = ykp_get_supported_key_length(cfg) == 20 ? true : false; + if (! *zap && (ykp_command(cfg) == SLOT_CONFIG || ykp_command(cfg) == SLOT_CONFIG2)) { + size_t key_bytes = (size_t)ykp_get_supported_key_length(cfg); int res = 0; + char *key_tmp = NULL; + char keybuf[20]; + + if(keylocation == 2) { + const char *prompt = " AES key, 16 bytes (32 characters hex) : "; + if (key_bytes == 20) { + prompt = " HMAC key, 20 bytes (40 characters hex) : "; + } + if (prompt_for_data(prompt, &key_tmp) != 0) { + *exit_code = 1; + return 0; + } + aeshash = key_tmp; + keylocation = 1; + } + + if(keylocation == 0) { + const char *random_places[] = { + "/dev/srandom", + "/dev/urandom", + "/dev/random", + 0 + }; + const char **random_place; + size_t read_bytes = 0; + + for (random_place = random_places; *random_place; random_place++) { + FILE *random_file = fopen(*random_place, "r"); + if (random_file) { + read_bytes = 0; - if (long_key_valid && strlen(aeshash) == 40) { - res = ykp_HMAC_key_from_hex(cfg, aeshash); + while (read_bytes < key_bytes) { + size_t n = fread(&keybuf[read_bytes], 1, + key_bytes - read_bytes, random_file); + read_bytes += n; + } + + fclose(random_file); + break; + } + } + if(read_bytes < key_bytes) { + ykp_errno = YKP_ENORANDOM; + *exit_code = 1; + return 0; + } } else { - res = ykp_AES_key_from_hex(cfg, aeshash); + size_t key_len = 0; + int rc = hex_modhex_decode((unsigned char *)keybuf, &key_len, aeshash, strlen(aeshash), key_bytes * 2, key_bytes * 2, false); + + free(key_tmp); + + if(rc <= 0) { + fprintf(stderr, "Invalid key string\n"); + *exit_code = 1; + return 0; + } + } + + if (key_bytes == 20) { + res = ykp_HMAC_key_from_raw(cfg, keybuf); + } else { + res = ykp_AES_key_from_raw(cfg, keybuf); } if (res) { - fprintf(stderr, "Bad %s key: %s\n", long_key_valid ? "HMAC":"AES", aeshash); + fprintf(stderr, "Bad %s key: %s\n", key_bytes == 20 ? "HMAC":"AES", aeshash); fflush(stderr); + *exit_code = 1; return 0; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpers-args.h new/ykpers-1.18.1/ykpers-args.h --- old/ykpers-1.18.0/ykpers-args.h 2016-02-05 16:29:40.000000000 +0100 +++ new/ykpers-1.18.1/ykpers-args.h 2017-04-20 09:12:30.000000000 +0200 @@ -40,8 +40,8 @@ const char **infname, const char **outfname, int *data_format, bool *autocommit, YK_STATUS *st, bool *verbose, bool *dry_run, - unsigned char *access_code, bool *use_access_code, - char *keylocation, char *ndef_type, char *ndef, unsigned char *usb_mode, + char **access_code, char **new_access_code, + char *ndef_type, char *ndef, unsigned char *usb_mode, bool *zap, unsigned char *scan_bin, unsigned char *cr_timeout, unsigned short *autoeject_timeout, int *num_modes_seen, int *exit_code); @@ -49,4 +49,10 @@ void report_yk_error(void); +int hex_modhex_decode(unsigned char *result, size_t *resultlen, + const char *str, size_t strl, + size_t minsize, size_t maxsize, + bool primarily_modhex); + + #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpers-version.h new/ykpers-1.18.1/ykpers-version.h --- old/ykpers-1.18.0/ykpers-version.h 2016-03-16 13:54:57.000000000 +0100 +++ new/ykpers-1.18.1/ykpers-version.h 2017-11-27 09:48:37.000000000 +0100 @@ -42,7 +42,7 @@ * version number. Used together with ykpers_check_version() to verify * header file and run-time library consistency. */ -#define YKPERS_VERSION_STRING "1.18.0" +#define YKPERS_VERSION_STRING "1.18.1" /** * YKPERS_VERSION_NUMBER @@ -52,7 +52,7 @@ * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ -#define YKPERS_VERSION_NUMBER 0x011200 +#define YKPERS_VERSION_NUMBER 0x011201 /** * YKPERS_VERSION_MAJOR @@ -79,7 +79,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 3. */ -#define YKPERS_VERSION_PATCH 0 +#define YKPERS_VERSION_PATCH 1 const char *ykpers_check_version (const char *req_version); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpers_lcl.c new/ykpers-1.18.1/ykpers_lcl.c --- old/ykpers-1.18.0/ykpers_lcl.c 2013-12-20 10:07:00.000000000 +0100 +++ new/ykpers-1.18.1/ykpers_lcl.c 2017-10-23 15:01:18.000000000 +0200 @@ -54,7 +54,7 @@ { CFGFLAG_OATH_FIXED_MODHEX, "OATH_FIXED_MODHEX", 0, capability_has_oath, MODE_OATH_HOTP, ykp_set_cfgflag_OATH_FIXED_MODHEX }, { CFGFLAG_SEND_REF, "SEND_REF", "sendRef", capability_has_ticket_mods, MODE_OUTPUT, ykp_set_cfgflag_SEND_REF }, { CFGFLAG_TICKET_FIRST, "TICKET_FIRST", 0, capability_has_ticket_first, MODE_OUTPUT, ykp_set_cfgflag_TICKET_FIRST }, - { CFGFLAG_PACING_10MS, "PACKING_10MS", "pacing10ms", capability_has_ticket_mods, MODE_OUTPUT, ykp_set_cfgflag_PACING_10MS }, + { CFGFLAG_PACING_10MS, "PACING_10MS", "pacing10ms", capability_has_ticket_mods, MODE_OUTPUT, ykp_set_cfgflag_PACING_10MS }, { CFGFLAG_PACING_20MS, "PACING_20MS", "pacing20ms", capability_has_ticket_mods, MODE_OUTPUT, ykp_set_cfgflag_PACING_20MS }, { CFGFLAG_ALLOW_HIDTRIG, "ALLOW_HIDTRIG", 0, capability_has_hidtrig, MODE_OUTPUT, ykp_set_cfgflag_ALLOW_HIDTRIG }, { CFGFLAG_STATIC_TICKET, "STATIC_TICKET", "staticTicket", capability_has_static, MODE_STATIC_TICKET, ykp_set_cfgflag_STATIC_TICKET }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpersonalize.1 new/ykpers-1.18.1/ykpersonalize.1 --- old/ykpers-1.18.0/ykpersonalize.1 2016-11-09 11:53:20.000000000 +0100 +++ new/ykpers-1.18.1/ykpersonalize.1 2017-05-17 08:21:07.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: ykpersonalize .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: Version 1.18.0 +.\" Date: Version 1.18.1 .\" Manual: YubiKey Personalization Tool Manual .\" Source: ykpersonalize .\" Language: English .\" -.TH "YKPERSONALIZE" "1" "Version 1\&.18\&.0" "ykpersonalize" "YubiKey Personalization Tool M" +.TH "YKPERSONALIZE" "1" "Version 1\&.18\&.1" "ykpersonalize" "YubiKey Personalization Tool M" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -94,10 +94,10 @@ is not used a random key will be generated\&. .RE .PP -\fB\-c\fR\fIxxx\fR +\fB\-c\fR[\fIxxx\fR] .RS 4 A 12 char hex value (not modhex) to use as access code for programming\&. NOTE: this does NOT SET the access code, that\(cqs done with -\fB\-oaccess\fR\fI=\fR\&. +\fB\-oaccess\fR\fI=\fR\&. If no argument is provided code is prompted for on stdin\&. .RE .PP \fB\-o\fR\fIoption\fR @@ -111,15 +111,15 @@ of the YubiKey, 0\-32 characters long (encoding up to 16 bytes)\&. It\(cqs possible to give the identity in hex as well, just prepend the value with \(cqh:\(cq\&. The fixed part is emitted before the OTP when the button on the YubiKey is pressed\&. It can be used as an identifier for the user, for example\&. .RE .PP -\fBuid\fR=\fIuuuuuu\fR +\fBuid\fR[=\fIuuuuuu\fR] .RS 4 The uid part of the generated OTP, also called -\fIprivate identity\fR, in hex\&. Must be 12 characters long\&. The uid is 6 bytes of static data that is included (encrypted) in every OTP, and is used to validate that an OTP was in fact encrypted with the AES key shared between the YubiKey and the validation service\&. It cannot be used to identify the YubiKey as it is only readable to those that know the AES key\&. +\fIprivate identity\fR, in hex\&. Must be 12 characters long\&. The uid is 6 bytes of static data that is included (encrypted) in every OTP, and is used to validate that an OTP was in fact encrypted with the AES key shared between the YubiKey and the validation service\&. It cannot be used to identify the YubiKey as it is only readable to those that know the AES key\&. If no argument is provided the uid is prompted for on stdin\&. .RE .PP -\fBaccess\fR=\fIfffffffffff\fR +\fBaccess\fR[=\fIfffffffffff\fR] .RS 4 -New hex access code to set\&. Must be 12 characters long\&. If an access code is set, it will be required for subsequent reprogramming of the YubiKey\&. +New hex access code to set\&. Must be 12 characters long\&. If an access code is set, it will be required for subsequent reprogramming of the YubiKey\&. If no argument is provided code is prompted for on stdin\&. .RE .PP \fBoath\-imf\fR=\fIxxx\fR @@ -273,6 +273,18 @@ .fi .if n \{\ .RE +.\} +.sp +Or for a French BÉPO keyboard (French DVORAK): +.sp +.if n \{\ +.RS 4 +.\} +.nf +0b140c0938363707130512330f0d16188b948c89b8b6b787938592b38f8d9698a79e9fa0a1a2a3a4a5a69c2b28 +.fi +.if n \{\ +.RE .\} .sp And a Turkish example (has a dotless i instead of usual i): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpersonalize.1.adoc new/ykpers-1.18.1/ykpersonalize.1.adoc --- old/ykpers-1.18.0/ykpersonalize.1.adoc 2016-11-09 10:20:41.000000000 +0100 +++ new/ykpers-1.18.1/ykpersonalize.1.adoc 2017-05-17 08:20:51.000000000 +0200 @@ -44,9 +44,9 @@ *-a*['xxx']:: the AES secret key as a 32 (or 40 for OATH-HOTP/HMAC CHAL-RESP) char hex value (not modhex) (none to prompt for key on stdin) If *-a* is not used a random key will be generated. -*-c*'xxx':: A 12 char hex value (not modhex) to use as access +*-c*['xxx']:: A 12 char hex value (not modhex) to use as access code for programming. NOTE: this does NOT SET the access code, that’s -done with **-oaccess**__=__. +done with **-oaccess**__=__. If no argument is provided code is prompted for on stdin. *-o*'option':: change configuration option. Possible option arguments are: @@ -56,9 +56,9 @@ the OTP when the button on the YubiKey is pressed. It can be used as an identifier for the user, for example. -*uid*='uuuuuu'::: The uid part of the generated OTP, also called __private identity__, in hex. Must be 12 characters long. The uid is 6 bytes of static data that is included (encrypted) in every OTP, and is used to validate that an OTP was in fact encrypted with the AES key shared between the YubiKey and the validation service. It cannot be used to identify the YubiKey as it is only readable to those that know the AES key. +*uid*[='uuuuuu']::: The uid part of the generated OTP, also called __private identity__, in hex. Must be 12 characters long. The uid is 6 bytes of static data that is included (encrypted) in every OTP, and is used to validate that an OTP was in fact encrypted with the AES key shared between the YubiKey and the validation service. It cannot be used to identify the YubiKey as it is only readable to those that know the AES key. If no argument is provided the uid is prompted for on stdin. -*access*='fffffffffff'::: New hex access code to set. Must be 12 characters long. If an access code is set, it will be required for subsequent reprogramming of the YubiKey. +*access*[='fffffffffff']::: New hex access code to set. Must be 12 characters long. If an access code is set, it will be required for subsequent reprogramming of the YubiKey. If no argument is provided code is prompted for on stdin. *oath-imf*='xxx'::: Set OATH Initial Moving Factor. This is the initial counter value for the YubiKey. This should be a value between 0 and 1048560, evenly dividable by 16. @@ -123,6 +123,10 @@ 06050708090a0b0c0d0e0f111517181986858788898a8b8c8d8e8f9195979899a79e9fa0a1a2a3a4a5a6382b28 + +Or for a French BÉPO keyboard (French DVORAK): + + 0b140c0938363707130512330f0d16188b948c89b8b6b787938592b38f8d9698a79e9fa0a1a2a3a4a5a69c2b28 ++ And a Turkish example (has a dotless i instead of usual i): 06050708090a0b340d0e0f111517181986858788898a8b8c8d8e8f9195979899271e1f202122232425269e2b28 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ykpers-1.18.0/ykpersonalize.c new/ykpers-1.18.1/ykpersonalize.c --- old/ykpers-1.18.0/ykpersonalize.c 2017-01-11 12:32:17.000000000 +0100 +++ new/ykpers-1.18.1/ykpersonalize.c 2017-12-11 08:46:55.000000000 +0100 @@ -48,9 +48,9 @@ FILE *outf = NULL; const char *outfname = NULL; int data_format = YKP_FORMAT_LEGACY; bool verbose = false; - char keylocation = 0; - bool use_access_code = false; unsigned char access_code[256]; + char *acc_code = NULL; + char *new_acc_code = NULL; unsigned char scan_codes[sizeof(SCAN_MAP)]; YK_KEY *yk = 0; YKP_CONFIG *cfg = ykp_alloc(); @@ -96,6 +96,8 @@ continue; case 'a': continue; + case 'c': + continue; } fprintf(stderr, "Option %c requires an argument.\n", optopt); exit(1); @@ -149,8 +151,8 @@ &infname, &outfname, &data_format, &autocommit, st, &verbose, &dry_run, - access_code, &use_access_code, - &keylocation, &ndef_type, ndef_string, + &acc_code, &new_acc_code, + &ndef_type, ndef_string, &usb_mode, &zap, scan_codes, &cr_timeout, &autoeject_timeout, &num_modes_seen, &exit_code)) { goto err; @@ -160,6 +162,40 @@ set_oath_id(oathid, cfg, yk, st); } + if (acc_code) { + size_t access_code_len = 0; + int rc = hex_modhex_decode(access_code, &access_code_len, + acc_code, strlen(acc_code), + 12, 12, false); + if (rc <= 0) { + fprintf(stderr, + "Invalid access code string: %s\n", + optarg); + exit_code = 1; + goto err; + } + if (!new_acc_code) { + ykp_set_access_code(cfg, + access_code, + access_code_len); + } + } + if(new_acc_code) { + unsigned char accbin[256]; + size_t accbinlen = 0; + int rc = hex_modhex_decode (accbin, &accbinlen, + new_acc_code, strlen(new_acc_code), + 12, 12, false); + if (rc <= 0) { + fprintf(stderr, + "Invalid access code string: %s\n", + new_acc_code); + exit_code = 1; + goto err; + } + ykp_set_access_code(cfg, accbin, accbinlen); + } + if (verbose && (ykds_version_major(st) > 2 || (ykds_version_major(st) == 2 && ykds_version_minor(st) >= 2) || @@ -214,77 +250,6 @@ if (!ykp_import_config(cfg, data, strlen(data), data_format)) goto err; } - if (! zap && (ykp_command(cfg) == SLOT_CONFIG || ykp_command(cfg) == SLOT_CONFIG2)) { - int key_bytes = ykp_get_supported_key_length(cfg); - char keybuf[42]; - size_t keylen; - if(keylocation == 2) { - if(key_bytes == 20) { - fprintf(stderr, " HMAC key, 20 bytes (40 characters hex) : "); - } else { - fprintf(stderr, " AES key, 16 bytes (32 characters hex) : "); - } - fflush(stderr); - if(!fgets(keybuf, sizeof(keybuf), stdin)) { - printf("error?\n"); - perror ("fgets"); - exit_code = 1; - goto err; - } - keylen = strnlen(keybuf, sizeof(keybuf)); - if(keybuf[keylen - 1] == '\n') { - keybuf[keylen - 1] = '\0'; - } - if(key_bytes == 20) { - if(ykp_HMAC_key_from_hex(cfg, keybuf)) { - goto err; - } - } else { - if(ykp_AES_key_from_hex(cfg, keybuf)) { - goto err; - } - } - } else if(keylocation == 0) { - const char *random_places[] = { - "/dev/srandom", - "/dev/urandom", - "/dev/random", - 0 - }; - const char **random_place; - size_t read_bytes = 0; - - for (random_place = random_places; *random_place; random_place++) { - FILE *random_file = fopen(*random_place, "r"); - if (random_file) { - read_bytes = 0; - - while (read_bytes < key_bytes) { - size_t n = fread(&keybuf[read_bytes], 1, - key_bytes - read_bytes, random_file); - read_bytes += n; - } - - fclose(random_file); - break; - } - } - if(read_bytes < key_bytes) { - ykp_errno = YKP_ENORANDOM; - goto err; - } - if(key_bytes == 20) { - if(ykp_HMAC_key_from_raw(cfg, keybuf)) { - goto err; - } - } else { - if(ykp_AES_key_from_raw(cfg, keybuf)) { - goto err; - } - } - } - } - if (outf) { if(!(ykp_export_config(cfg, data, 1024, data_format))) { goto err; @@ -358,7 +323,7 @@ } goto err; } - if(use_access_code) { + if(acc_code) { if(!ykp_set_ndef_access_code(ndef, access_code)) { if(verbose) { printf(" failure to set ndef accesscode\n"); @@ -431,7 +396,7 @@ } if (!yk_write_command(yk, ycfg, ykp_command(cfg), - use_access_code ? access_code : NULL)) { + acc_code ? access_code : NULL)) { if (verbose) printf(" failure\n"); goto err; @@ -471,5 +436,8 @@ if (cfg) ykp_free_config(cfg); + free(acc_code); + free(new_acc_code); + exit(exit_code); }
