libpve-u2f-server-perl

proxmox-mirrors/libpve-u2f-server-perl

Fork 0

mirror of https://git.proxmox.com/git/libpve-u2f-server-perl synced 2025-08-10 05:01:03 +00:00

Commit Graph

Author	SHA1	Message	Date
Thomas Lamprecht	257314d5ce	publicKey data can contain NUL, base64 encode at source One mustn't treat the publicKey as common string, it it's effectively binary data, and thus can contain 0 at any position. If we pass it to perl via setpv (PV being string), things may get cutoff and a wrong pubKey may get saved, thus locking an user out as it cannot get verified anymore! Use a simple & fast base64 encoding immediately at the source, using the correct keylength (U2FS_PUBLIC_KEY_LEN) we can use that. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2019-04-09 12:39:15 +02:00

Author

SHA1

Message

Date

Thomas Lamprecht

257314d5ce

publicKey data can contain NUL, base64 encode at source

One *mustn't* treat the publicKey as common string, it it's
effectively binary data, and thus can contain 0 at any position.

If we pass it to perl via setpv (PV being string), things may get
cutoff and a wrong pubKey may get saved, thus locking an user out as
it cannot get verified anymore!

Use a simple & fast base64 encoding immediately at the source, using
the correct keylength (U2FS_PUBLIC_KEY_LEN) we can use that.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

2019-04-09 12:39:15 +02:00

1 Commits