security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

scd:piv: Implement PIN cache.

Browse source 
* scd/command.c (pincache_put): Add arg pinlen and change all callers
to provide it.
* scd/app-piv.c (cache_pin): New.
(pin_from_cache): New.
(ask_and_prepare_chv): Add args no_cache and r_unpaddedpinlen.  Take
PIN from the cache.  Return the unpadded length.
(verify_chv): Add arg ctrl.  Cache the PIN.
(do_change_chv): Clear PIN cache.
--

The PIV pins are padded but we want to store the unpadded PIN.  Thus
the changes to the function.

Code has has been tested by commenting the no_cache parameter because
we the current test certificate was created for PIV.9C which requires
a verification for each use.  More testing is required.

GnuPG-bug-id: 4791
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-01-13 17:53:49 +01:00
parent 2e86cca7f4
commit 60502c3606
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
5 changed files with 100 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

7
scd/command.c
View file

@ -2333,7 +2333,7 @@ set_key_for_pincache (gcry_cipher_hd_t hd)
* gpg-agent cache it because it is better suited for this. */
void
pincache_put (ctrl_t ctrl, int slot, const char *appname, const char *pinref,
const char *pin)
const char *pin, unsigned int pinlen)
{
gpg_error_t err;
assuan_context_t ctx;
@ -2341,7 +2341,7 @@ pincache_put (ctrl_t ctrl, int slot, const char *appname, const char *pinref,
gcry_cipher_hd_t cipherhd = NULL;
char *pinbuf = NULL;
unsigned char *wrappedkey = NULL;
size_t pinlen, pinbuflen, wrappedkeylen;
size_t pinbuflen, wrappedkeylen;
if (!ctrl)
{
@ -2365,7 +2365,7 @@ pincache_put (ctrl_t ctrl, int slot, const char *appname, const char *pinref,
if (!ctrl || !ctrl->server_local || !(ctx=ctrl->server_local->assuan_ctx))
return;
if (pin && !*pin)
if (pin && !pinlen)
return; /* Ignore an empty PIN. */
snprintf (line, sizeof line, "%d/%s/%s ",
@ -2378,7 +2378,6 @@ pincache_put (ctrl_t ctrl, int slot, const char *appname, const char *pinref,
{
/* FIXME: Replace this by OCB mode and use the cache key as
* additional data. */
pinlen = strlen (pin);
/* Pad with zeroes (AESWRAP requires multiples of 64 bit but
* at least 128 bit data). */
pinbuflen = pinlen + 8 - (pinlen % 8);