From: Jonas Witschel <diabonas@archlinux.org>
Date: Fri, 5 Aug 2022 09:11:54 +0000 (+0200)
Subject: cryptsetup-token-systemd-fido2: use crypt_normalize_pin
X-Git-Tag: v252-rc1~495^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=89db47550d137d2e120f9e7002d831591eaa269f;p=thirdparty%2Fsystemd.git

cryptsetup-token-systemd-fido2: use crypt_normalize_pin

Use the helper function introduced in the previous commit ("cryptsetup:
implement cryptsetup_token_open_pin for systemd-tpm2 LUKS2 token") for
cryptsetup-token-systemd-tpm2.
---

diff --git a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c
index 0db0f562e51..30278040650 100644
--- a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c
+++ b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c
@@ -43,18 +43,11 @@ _public_ int cryptsetup_token_open_pin(
         assert_se(token == r);
         assert(json);
 
-        if (pin && memchr(pin, 0, pin_size - 1))
-                return crypt_log_error_errno(cd, ENOANO, "PIN must be characters string.");
-
-        /* pin was passed as pin = pin, pin_size = strlen(pin). We need to add terminating
-         * NULL byte to addressable memory*/
-        if (pin && pin[pin_size-1] != '\0') {
-                pin_string = strndup(pin, pin_size);
-                if (!pin_string)
-                        return crypt_log_oom(cd);
-        }
+        r = crypt_normalize_pin(pin, pin_size, &pin_string);
+        if (r < 0)
+                return crypt_log_debug_errno(cd, r, "Can not normalize PIN: %m");
 
-        return acquire_luks2_key(cd, json, (const char *)usrptr, pin_string ?: pin, password, password_len);
+        return acquire_luks2_key(cd, json, (const char *)usrptr, pin_string, password, password_len);
 }
 
 /*