diff --git a/applets/pass/pass.c b/applets/pass/pass.c index f9ac9ea7..b66376c7 100644 --- a/applets/pass/pass.c +++ b/applets/pass/pass.c @@ -177,6 +177,7 @@ int pass_handle_touch(uint8_t touch_type, char *output) { return 0; case PASS_SLOT_OATH: length = oath_process_offset(slot->oath_offset, output); + if (length < 0) return -1; break; case PASS_SLOT_STATIC: memcpy(output, slot->password, slot->password_len); diff --git a/test/test_oath.c b/test/test_oath.c index 53fbe5ac..19fb4ee2 100644 --- a/test/test_oath.c +++ b/test/test_oath.c @@ -7,9 +7,11 @@ #include #include #include +#include #include #include #include +#include static void test_helper_resp(uint8_t *data, size_t data_len, uint8_t ins, uint16_t expected_error, uint8_t *expected_resp, size_t resp_len) { uint8_t c_buf[1024], r_buf[1024]; @@ -20,6 +22,7 @@ static void test_helper_resp(uint8_t *data, size_t data_len, uint8_t ins, uint16 capdu->ins = ins; if (ins == OATH_INS_CALCULATE || ins == OATH_INS_SELECT) capdu->p2 = 1; + if (ins == OATH_INS_SET_DEFAULT) capdu->p1 = 1; capdu->lc = data_len; if (data_len > 0) { // re alloc to help asan find overflow error @@ -120,42 +123,43 @@ static void test_hotp_touch(void **state) { }; int ret; char buf[9]; + uint32_t touch_type = TOUCH_SHORT; // add an record w/o initial counter value test_helper(data, sizeof(data), OATH_INS_PUT, SW_NO_ERROR); - // default item isn't set yet - ret = oath_process_one_touch(buf, sizeof(buf)); - assert_int_equal(ret, -2); - test_helper(data, 4, OATH_INS_SET_DEFAULT, SW_NO_ERROR); for (int i = 0; i < 3; i++) { - ret = oath_process_one_touch(buf, sizeof(buf)); - assert_int_equal(ret, 0); + ret = pass_handle_touch(touch_type, buf); + assert_int_equal(ret, 6); + buf[ret] = '\0'; assert_string_equal(buf, codes[i]); } test_helper(data, 4, OATH_INS_DELETE, SW_NO_ERROR); - ret = oath_process_one_touch(buf, sizeof(buf)); - assert_int_equal(ret, -2); + ret = pass_handle_touch(touch_type, buf); + assert_int_equal(ret, 0); // add an record w/ initial counter value test_helper(data8, sizeof(data8), OATH_INS_PUT, SW_NO_ERROR); test_helper(data8, 5, OATH_INS_SET_DEFAULT, SW_NO_ERROR); for (int i = 2; i < 6; i++) { - ret = oath_process_one_touch(buf, sizeof(buf)); - assert_int_equal(ret, 0); + ret = pass_handle_touch(touch_type, buf); + assert_int_equal(ret, 8); + buf[ret] = '\0'; // printf("code[%d]: %s\n", i+1, buf); assert_string_equal(buf, codes8[i]); } - ret = oath_process_one_touch(buf, 8); - assert_int_equal(ret, -1); - ret = oath_process_one_touch(buf, sizeof(buf)); + + ret = pass_handle_touch(TOUCH_LONG, buf); assert_int_equal(ret, 0); + ret = pass_handle_touch(199, buf); + assert_int_equal(ret, -1); + uint8_t rfc4226example[] = { OATH_TAG_NAME, 0x05, '.', '4', '2', '2', '6', OATH_TAG_KEY, 22, 0x11, 0x06, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30 @@ -176,8 +180,9 @@ static void test_hotp_touch(void **state) { test_helper(rfc4226example, sizeof(rfc4226example), OATH_INS_PUT, SW_NO_ERROR); test_helper(rfc4226example, 7, OATH_INS_SET_DEFAULT, SW_NO_ERROR); for (int i = 1; i <= 10; i++) { - ret = oath_process_one_touch(buf, sizeof(buf)); - assert_int_equal(ret, 0); + ret = pass_handle_touch(touch_type, buf); + assert_int_equal(ret, 6); + buf[ret] = '\0'; // printf("code[%d]: %s\n", i, buf); assert_string_equal(buf, results[i]); } @@ -451,6 +456,7 @@ int main() { fs_format(&cfg); fs_mount(&cfg); oath_install(1); + pass_install(1); const struct CMUnitTest tests[] = { cmocka_unit_test(test_select_ins),