Skip to content

Commit

Permalink
Undo unnecessary/out-of-scope changes to SetMetadata and ykSetProtect…
Browse files Browse the repository at this point in the history
…edMetadata.
  • Loading branch information
Quantu authored and quantu committed Jul 8, 2024
1 parent 7efc4f1 commit 05f0241
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions v2/piv/piv.go
Original file line number Diff line number Diff line change
Expand Up @@ -717,12 +717,7 @@ func (yk *YubiKey) Metadata(pin string) (*Metadata, error) {
// store the management key on the smart card instead of managing the PIN and
// management key seperately.
func (yk *YubiKey) SetMetadata(key []byte, m *Metadata) error {
// NOTE: for some reason this action requires the management key authenticated
// on the same transaction. It doesn't work otherwise.
if err := ykAuthenticate(yk.tx, key, rand.Reader, yk.version); err != nil {
return fmt.Errorf("authenticating with key: %w", err)
}
return ykSetProtectedMetadata(yk.tx, key, m)
return ykSetProtectedMetadata(yk.tx, key, m, yk.rand, yk.version)
}

// Metadata holds protected metadata. This is primarily used by YubiKey manager
Expand Down Expand Up @@ -851,7 +846,7 @@ func ykGetProtectedMetadata(tx *scTx, pin string) (*Metadata, error) {
return &m, nil
}

func ykSetProtectedMetadata(tx *scTx, key []byte, m *Metadata) error {
func ykSetProtectedMetadata(tx *scTx, key []byte, m *Metadata, rand io.Reader, version *version) error {
data, err := m.marshal()
if err != nil {
return fmt.Errorf("encoding metadata: %v", err)
Expand All @@ -863,6 +858,11 @@ func ykSetProtectedMetadata(tx *scTx, key []byte, m *Metadata) error {
0xc1,
0x09,
}, marshalASN1(0x53, data)...)
// NOTE: for some reason this action requires the management key authenticated
// on the same transaction. It doesn't work otherwise.
if err := ykAuthenticate(tx, key, rand, version); err != nil {
return fmt.Errorf("authenticating with key: %w", err)
}
cmd := apdu{
instruction: insPutData,
param1: 0x3f,
Expand Down

0 comments on commit 05f0241

Please sign in to comment.