* apdu.c (apdu_send_le): Send a get_response with the indicated

length and not the 64 bytes we used for testing. * app-openpgp.c (verify_chv2, verify_chv3, do_sign): Check the minimum length of the passphrase, so that we don't need to decrement the retry counter.
2024-12-22 10:19:57 +01:00 · 2003-12-23 10:25:24 +00:00 · 2003-12-23 10:25:24 +00:00 · 28db0fabb4
commit 28db0fabb4
parent 6103066b17
3 changed files with 31 additions and 1 deletions
--- a/scd/ChangeLog
+++ b/scd/ChangeLog
@ -1,3 +1,12 @@
+2003-12-19  Werner Koch  <wk@gnupg.org>
+
+	* apdu.c (apdu_send_le): Send a get_response with the indicated
+	length and not the 64 bytes we used for testing.
+
+	* app-openpgp.c (verify_chv2, verify_chv3, do_sign): Check the
+	minimum length of the passphrase, so that we don't need to
+	decrement the retry counter.
+
 2003-12-17  Werner Koch  <wk@gnupg.org>

 	* card-p15.c (p15_enum_keypairs): Replaced KRC by RC.
--- a/scd/apdu.c
+++ b/scd/apdu.c
@ -1207,7 +1207,7 @@ apdu_send_le(int slot, int class, int ins, int p0, int p1,
          apdu[apdulen++] = 0xC0;
          apdu[apdulen++] = 0;
          apdu[apdulen++] = 0;
-          apdu[apdulen++] = 64; /* that is 256 bytes for Le */
+          apdu[apdulen++] = len; 
          memset (apdu+apdulen, 0, sizeof (apdu) - apdulen);
          rc = send_apdu (slot, apdu, apdulen, result, &resultlen);
          if (rc || resultlen < 2)
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@ -534,6 +534,13 @@ verify_chv2 (APP app,
          return rc;
        }

+      if (strlen (pinvalue) < 6)
+        {
+          log_error ("prassphrase (CHV2) is too short; minimum length is 6\n");
+          xfree (pinvalue);
+          return gpg_error (GPG_ERR_BAD_PIN);
+        }
+
      rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
      if (rc)
        {
@ -586,6 +593,13 @@ verify_chv3 (APP app,
          return rc;
        }

+      if (strlen (pinvalue) < 6)
+        {
+          log_error ("prassphrase (CHV3) is too short; minimum length is 6\n");
+          xfree (pinvalue);
+          return gpg_error (GPG_ERR_BAD_PIN);
+        }
+
      rc = iso7816_verify (app->slot, 0x83, pinvalue, strlen (pinvalue));
      xfree (pinvalue);
      if (rc)
@ -1041,6 +1055,13 @@ do_sign (APP app, const char *keyidstr, int hashalgo,
          return rc;
        }

+      if (strlen (pinvalue) < 6)
+        {
+          log_error ("prassphrase (CHV1) is too short; minimum length is 6\n");
+          xfree (pinvalue);
+          return gpg_error (GPG_ERR_BAD_PIN);
+        }
+
      rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
      if (rc)
        {