diff --git a/src/authenticator.rs b/src/authenticator.rs index 6263b3f5..db4a96a7 100644 --- a/src/authenticator.rs +++ b/src/authenticator.rs @@ -638,14 +638,8 @@ where // info_now!("recv {:?}", ®ister); - // Allow to overwrite existing credentials by default - // 0. ykman does not call delete before register, so we need to speculatively - // delete the credential (the credential file would be replaced, but we need - // to delete the secret key). - self.delete(command::Delete { - label: register.credential.label, - }) - .ok(); + // Explicitly disallow to overwrite existing credentials by default + self.err_if_credential_with_label_exists(register.credential.label)?; // 1. Replace secret in credential with handle let credential = @@ -678,6 +672,18 @@ where Ok(()) } + fn credential_with_label_exists(&mut self, label: &[u8]) -> bool { + let filename = self.filename_for_label(label); + self.state.file_exists(&mut self.trussed, filename) + } + + fn err_if_credential_with_label_exists(&mut self, label: &[u8]) -> Result { + match self.credential_with_label_exists(label) { + false => Ok(()), + true => Err(Status::OperationBlocked), + } + } + fn filename_for_label(&mut self, label: &[u8]) -> trussed::types::PathBuf { let label_hash = syscall!(self.trussed.hash_sha256(label)).hash; diff --git a/src/state.rs b/src/state.rs index defda491..5637faaf 100644 --- a/src/state.rs +++ b/src/state.rs @@ -13,6 +13,7 @@ use serde::Serialize; use crate::command::EncryptionKeyType; use cbor_smol::cbor_deserialize; use encrypted_container::EncryptedDataContainer; +use trussed::client::FilesystemClient; use trussed::types::Message; use trussed::{ syscall, try_syscall, @@ -179,6 +180,10 @@ impl State { (Err(encrypted_container::Error::FailedDecryption), None) } + pub fn file_exists(&mut self, trussed: &mut T, filename: PathBuf) -> bool { + try_syscall!(trussed.read_file(self.location, filename)).is_ok() + } + pub fn try_read_file( &mut self, trussed: &mut T,