libremkey_hotp_initialize: handle spaces in admin pin/pass

Fix HOTP verfication failure if LK admin pin/passphrase contains spaces by quoting the variables when passed to functions. Test: set LK admin pin to passphrase with spaces, generate new TOTP/HOTP, verification passes. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2024-12-18 20:47:55 +00:00 · 2019-05-24 18:29:58 -05:00 · 2019-05-24 18:29:58 -05:00 · 77949c9cff
commit 77949c9cff
parent 286303d95c
2 changed files with 7 additions and 4 deletions
--- a/initrd/bin/seal-libremkey
+++ b/initrd/bin/seal-libremkey
@ -62,10 +62,10 @@ fi
 read -s -p "Enter your Librem Key Admin PIN" admin_pin
 echo

-libremkey_hotp_initialize $admin_pin $HOTP_SECRET $counter_value 
+libremkey_hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value 
 if [ $? -ne 0 ]; then
  read -s -p "Error setting HOTP secret, re-enter Admin PIN and try again:" admin_pin
-  if ! libremkey_hotp_initialize $admin_pin $HOTP_SECRET $counter_value ; then
+  if ! libremkey_hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value ; then
    # don't leak key on failure
    shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null
    die "Setting HOTP secret failed"
--- a/patches/libremkey-hotp-verification.patch
+++ b/patches/libremkey-hotp-verification.patch
@ -32,15 +32,18 @@

 --- libremkey-hotp-verification/libremkey_hotp_initialize
 +++ libremkey-hotp-verification-b/libremkey_hotp_initialize
-@@ -14,7 +14,7 @@ fi
+@@ -14,9 +14,9 @@ fi
 PIN=$1
 SECRET=$2
 COUNTER=$3
 -SECRET_B32=$(echo -n $SECRET | base32)
 +SECRET_B32=$(cat $SECRET | base32)
 
- libremkey_hotp_verification set $SECRET_B32 $PIN 
+-libremkey_hotp_verification set $SECRET_B32 $PIN 
+libremkey_hotp_verification set $SECRET_B32 "$PIN"
 if [ $? -ne 0 ]; then
+   echo "ERROR: Setting HOTP secret on Librem Key failed!"
+   exit 1
@@ -25,7 +25,7 @@ fi
 i=9
 while [ "$i" -lt "$COUNTER" ]; do