security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-08 23:37:47 +02:00
Code Activity

scd:p15: Cache the PIN.

Browse Source 
* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--

Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-04-01 20:31:21 +02:00
parent 132d82c158
commit 29f8f52bf8
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scd/app-p15.c
View File

@ -180,6 +180,10 @@ struct prkdf_object_s
unsigned int key_reference_valid:1; unsigned int key_reference_valid:1;
unsigned int have_off:1; unsigned int have_off:1;
/* Flag indicating that the corresponding PIN has already been
* verified. */
unsigned int pin_verified:1;
/* The key's usage flags. */ /* The key's usage flags. */
keyusage_flags_t usageflags; keyusage_flags_t usageflags;
@ -3154,6 +3158,9 @@ verify_pin (app_t app,
const char *s; const char *s;
int i; int i;
if (prkdf->pin_verified)
return 0; /* Already done. */
if (prkdf->usageflags.non_repudiation if (prkdf->usageflags.non_repudiation
&& app->app_local->card_type == CARD_TYPE_BELPIC) && app->app_local->card_type == CARD_TYPE_BELPIC)
err = pincb (pincb_arg, "PIN (qualified signature!)", &pinvalue); err = pincb (pincb_arg, "PIN (qualified signature!)", &pinvalue);
@ -3301,6 +3308,7 @@ verify_pin (app_t app,
} }
if (opt.verbose) if (opt.verbose)
log_info ("p15: PIN verification succeeded\n"); log_info ("p15: PIN verification succeeded\n");
prkdf->pin_verified = 1;
return 0; return 0;
} }