From 58e6990eaabb7302cc8cc979378e6fffe36459b7 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 4 Mar 2022 10:11:38 +0900
Subject: [PATCH] scd: Fix PK_AUTH with --challenge-response option.

* scd/app.c (app_auth): It's only APPTYPE_OPENPGP which supports
the challenge response interaction.
* scd/command.c (cmd_pkauth): It only wants if it works or not.

--

GnuPG-bug-id: 5862
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 scd/app.c     | 4 ++++
 scd/command.c | 5 ++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/scd/app.c b/scd/app.c
index 2de4f129c..3961bdf6c 100644
--- a/scd/app.c
+++ b/scd/app.c
@@ -2062,6 +2062,10 @@ app_auth (card_t card, ctrl_t ctrl, const char *keyidstr,
     err = gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
   else
     {
+      if (card->app->apptype != APPTYPE_OPENPGP
+          && (!indata || !indatalen))
+        return gpg_error (GPG_ERR_INV_VALUE);
+
       if (DBG_APP)
         log_debug ("slot %d app %s: calling auth(%s)\n",
                    card->slot, xstrapptype (card->app), keyidstr);
diff --git a/scd/command.c b/scd/command.c
index 392b678c4..28ab0f3c4 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -1133,10 +1133,9 @@ cmd_pkauth (assuan_context_t ctx, char *line)
     }
   else
     {
-      rc = assuan_send_data (ctx, outdata, outdatalen);
+      if (!challenge_response)
+        rc = assuan_send_data (ctx, outdata, outdatalen);
       xfree (outdata);
-      if (rc)
-        return rc; /* that is already an assuan error code */
     }
 
   return rc;