diff --git a/src/key.c b/src/key.c index a99aa684..d41ad281 100644 --- a/src/key.c +++ b/src/key.c @@ -71,38 +71,38 @@ int ck_encode_public_key(const ck_key_t *key, uint8_t *buf, bool include_length) int ck_parse_piv_policies(ck_key_t *key, const uint8_t *buf, size_t buf_len) { const uint8_t *end = buf + buf_len; - if (buf < end) { - DBG_MSG("May have pin policy\n"); - if (buf < end && *buf++ != 0xAA) { - DBG_MSG("Wrong tag for pin policy\n"); - return KEY_ERR_DATA; - } - if (buf < end && *buf++ != 0x01) { - DBG_MSG("Wrong length for pin policy\n"); - return KEY_ERR_LENGTH; - } - if (buf < end && (*buf > PIN_POLICY_ALWAYS || *buf < PIN_POLICY_NEVER)) { - DBG_MSG("Wrong data for pin policy\n"); - return KEY_ERR_DATA; - } - key->meta.pin_policy = *buf++; - } - - if (buf < end) { - DBG_MSG("May have touch policy\n"); - if (buf < end && *buf++ != 0xAB) { - DBG_MSG("Wrong tag for touch policy\n"); - return KEY_ERR_DATA; - } - if (buf < end && *buf++ != 0x01) { - DBG_MSG("Wrong length for touch policy\n"); - return KEY_ERR_LENGTH; - } - if (buf < end && (*buf > TOUCH_POLICY_CACHED || *buf < TOUCH_POLICY_NEVER)) { - DBG_MSG("Wrong data for touch policy\n"); - return KEY_ERR_DATA; + while (buf < end) { + switch (*buf++) { + case 0xAA: + DBG_MSG("May have pin policy\n"); + if (buf < end && *buf++ != 0x01) { + DBG_MSG("Wrong length for pin policy\n"); + return KEY_ERR_LENGTH; + } + if (buf < end && (*buf > PIN_POLICY_ALWAYS || *buf < PIN_POLICY_NEVER)) { + DBG_MSG("Wrong data for pin policy\n"); + return KEY_ERR_DATA; + } + key->meta.pin_policy = *buf++; + break; + + case 0xAB: + DBG_MSG("May have touch policy\n"); + if (buf < end && *buf++ != 0x01) { + DBG_MSG("Wrong length for touch policy\n"); + return KEY_ERR_LENGTH; + } + if (buf < end && (*buf > TOUCH_POLICY_CACHED || *buf < TOUCH_POLICY_NEVER)) { + DBG_MSG("Wrong data for touch policy\n"); + return KEY_ERR_DATA; + } + key->meta.touch_policy = *buf++; + break; + + default: + buf = end; + break; } - key->meta.touch_policy = *buf++; } return 0;