-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix handling of prefix type in login CLI #176
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe the reasoning was that we only have one key at the command line, so we can't pick one by index and should rather just accept the prefix indicator. I'd also have expected an MSB check further down, but don't see it.
However, when I'm already despreate enough to use the CLI for verification, I probably don't care whether it's index or prefix, and rather want the tool to just produce a tag with the given key.
How about we accept any index without check, but do the MSB check when it's a prefix?
Updated as suggested, please check. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
cli/commands.c
Outdated
goto out; | ||
} | ||
uint8_t public_key_msb = public_key[GLOME_MAX_PUBLIC_KEY_LENGTH - 1]; | ||
if ((handshake[0] & 0x7f) != (public_key_msb & 0x7f)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: it should be sufficient to test handshake[0] != public_key_msb
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tnx, removed 0x7f from handshake, but not sure it is possible for the key? How do we know high bit is not set here?
Accept any index without a check or do a MSB check with the public key.
Key index is the common case we want to support here:
If the MSB is set, the low bits are interpreted as a 7 bit integer, which the server should interpret as the index of the key its supposed to use.