Fix handling of prefix type in login CLI #176
Conversation
There was a problem hiding this comment.
I believe the reasoning was that we only have one key at the command line, so we can't pick one by index and should rather just accept the prefix indicator. I'd also have expected an MSB check further down, but don't see it.
However, when I'm already despreate enough to use the CLI for verification, I probably don't care whether it's index or prefix, and rather want the tool to just produce a tag with the given key.
How about we accept any index without check, but do the MSB check when it's a prefix?
|
Updated as suggested, please check. |
cli/commands.c
Outdated
| goto out; | ||
| } | ||
| uint8_t public_key_msb = public_key[GLOME_MAX_PUBLIC_KEY_LENGTH - 1]; | ||
| if ((handshake[0] & 0x7f) != (public_key_msb & 0x7f)) { |
There was a problem hiding this comment.
Nit: it should be sufficient to test handshake[0] != public_key_msb.
There was a problem hiding this comment.
Tnx, removed 0x7f from handshake, but not sure it is possible for the key? How do we know high bit is not set here?
Accept any index without a check or do a MSB check with the public key.
Key index is the common case we want to support here:
If the MSB is set, the low bits are interpreted as a 7 bit integer, which the server should interpret as the index of the key its supposed to use.