From e2293f634f035edc732ab3136c57bb118a37f8d2 Mon Sep 17 00:00:00 2001
From: Adam Velebil <adam.velebil@yubico.com>
Date: Fri, 22 Mar 2024 10:54:12 +0100
Subject: [PATCH 1/2] provide correct payload

---
 .../yubikit/management/ManagementSession.java | 25 +++++++++++--------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java b/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
index 237d1ed6..e4cf0359 100755
--- a/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
+++ b/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
@@ -16,25 +16,25 @@
 
 package com.yubico.yubikit.management;
 
-import com.yubico.yubikit.core.application.BadResponseException;
-import com.yubico.yubikit.core.internal.Logger;
 import com.yubico.yubikit.core.Transport;
 import com.yubico.yubikit.core.UsbInterface;
 import com.yubico.yubikit.core.Version;
 import com.yubico.yubikit.core.YubiKeyConnection;
 import com.yubico.yubikit.core.YubiKeyDevice;
-import com.yubico.yubikit.core.smartcard.AppId;
 import com.yubico.yubikit.core.application.ApplicationNotAvailableException;
 import com.yubico.yubikit.core.application.ApplicationSession;
+import com.yubico.yubikit.core.application.BadResponseException;
 import com.yubico.yubikit.core.application.CommandException;
 import com.yubico.yubikit.core.application.Feature;
 import com.yubico.yubikit.core.fido.FidoConnection;
 import com.yubico.yubikit.core.fido.FidoProtocol;
+import com.yubico.yubikit.core.internal.Logger;
 import com.yubico.yubikit.core.otp.ChecksumUtils;
 import com.yubico.yubikit.core.otp.OtpConnection;
 import com.yubico.yubikit.core.otp.OtpProtocol;
 import com.yubico.yubikit.core.smartcard.Apdu;
 import com.yubico.yubikit.core.smartcard.ApduException;
+import com.yubico.yubikit.core.smartcard.AppId;
 import com.yubico.yubikit.core.smartcard.SmartCardConnection;
 import com.yubico.yubikit.core.smartcard.SmartCardProtocol;
 import com.yubico.yubikit.core.util.Callback;
@@ -149,6 +149,7 @@ void setMode(byte[] data) throws IOException, CommandException {
             backend = new Backend<SmartCardProtocol>(protocol) {
                 @Override
                 byte[] readConfig(int page) throws IOException, CommandException {
+                    Logger.debug(logger, "Reading config page {}...", page);
                     return delegate.sendAndReceive(new Apdu(0, INS_READ_CONFIG, page, 0, null));
                 }
 
@@ -182,7 +183,8 @@ public ManagementSession(OtpConnection connection) throws IOException, Applicati
         backend = new Backend<OtpProtocol>(protocol) {
             @Override
             byte[] readConfig(int page) throws IOException, CommandException {
-                byte[] response = delegate.sendAndReceive(CMD_YK4_CAPABILITIES, int2bytes(page), null);
+                Logger.debug(logger, "Reading config page {}...", page);
+                byte[] response = delegate.sendAndReceive(CMD_YK4_CAPABILITIES, pagePayload(page), null);
                 if (ChecksumUtils.checkCrc(response, response[0] + 1 + 2)) {
                     return Arrays.copyOf(response, response[0] + 1);
                 }
@@ -214,8 +216,8 @@ public ManagementSession(FidoConnection connection) throws IOException {
         backend = new Backend<FidoProtocol>(protocol) {
             @Override
             byte[] readConfig(int page) throws IOException {
-                Logger.debug(logger, "Reading fido config page {}...", page);
-                return delegate.sendAndReceive(CTAP_READ_CONFIG, int2bytes(page), null);
+                Logger.debug(logger, "Reading config page {}...", page);
+                return delegate.sendAndReceive(CTAP_READ_CONFIG, pagePayload(page), null);
             }
 
             @Override
@@ -379,10 +381,6 @@ byte[] readConfig() throws IOException, CommandException {
         public void close() throws IOException {
             delegate.close();
         }
-
-        static byte[] int2bytes(int value) {
-            return ByteBuffer.allocate(4).putInt(value).array();
-        }
     }
 
     private void logCtor(YubiKeyConnection connection) {
@@ -390,4 +388,11 @@ private void logCtor(YubiKeyConnection connection) {
                 connection.getClass().getSimpleName(),
                 getVersion());
     }
+
+    private static byte[] pagePayload(int page) {
+        if (page > 255 || page < Byte.MIN_VALUE) {
+            throw new IllegalArgumentException("Invalid page value " + page);
+        }
+        return new byte[]{(byte) page};
+    }
 }

From fd2d3d1fcc56b7b6c71c17670e6455bd6fb67e3d Mon Sep 17 00:00:00 2001
From: Adam Velebil <adam.velebil@yubico.com>
Date: Fri, 22 Mar 2024 11:30:21 +0100
Subject: [PATCH 2/2] fix lower bound before cast

---
 .../java/com/yubico/yubikit/management/ManagementSession.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java b/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
index e4cf0359..d756c1a6 100755
--- a/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
+++ b/management/src/main/java/com/yubico/yubikit/management/ManagementSession.java
@@ -390,7 +390,7 @@ private void logCtor(YubiKeyConnection connection) {
     }
 
     private static byte[] pagePayload(int page) {
-        if (page > 255 || page < Byte.MIN_VALUE) {
+        if (page > 255 || page < 0) {
             throw new IllegalArgumentException("Invalid page value " + page);
         }
         return new byte[]{(byte) page};