security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

scd:p15: Cache the PIN. 

* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--

Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-04-01 20:31:21 +02:00
parent 2f08a4f25d
commit 133b6ff8cd
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scd/app-p15.c
View File

@ -181,6 +181,10 @@ struct prkdf_object_s
unsigned int key_reference_valid:1;
unsigned int have_off:1;
/* Flag indicating that the corresponding PIN has already been
* verified. */
unsigned int pin_verified:1;
/* The key's usage flags. */
keyusage_flags_t usageflags;
@ -3147,6 +3151,9 @@ verify_pin (app_t app,
const char *s;
int i;
if (prkdf->pin_verified)
return 0; /* Already done. */
if (prkdf->usageflags.non_repudiation
&& app->app_local->card_type == CARD_TYPE_BELPIC)
err = pincb (pincb_arg, "PIN (qualified signature!)", &pinvalue);
@ -3294,6 +3301,7 @@ verify_pin (app_t app,
}
if (opt.verbose)
log_info ("p15: PIN verification succeeded\n");
prkdf->pin_verified = 1;
return 0;
}