mirror of git://git.gnupg.org/gnupg.git
scd: Fix the use case of verify_chv2 by CHECKPIN.
* scd/app-openpgp.c (verify_chv2): Call verify_a_chv with chvno=1
when needed.
--
Confusingly, verify_chv2 has two different purposes; One for
verifying with CHV2 (in addition to CHV1), and the call by
CHECKPIN. For the latter, we should check CHV1.
Fixes-commit: af189be481
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
fbc1b199fd
commit
6e51f2044a
|
@ -2650,9 +2650,6 @@ verify_chv2 (app_t app, ctrl_t ctrl,
|
|||
if (rc)
|
||||
return rc;
|
||||
app->did_chv2 = 1;
|
||||
}
|
||||
else
|
||||
rc = 0;
|
||||
|
||||
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
|
||||
{
|
||||
|
@ -2676,6 +2673,13 @@ verify_chv2 (app_t app, ctrl_t ctrl,
|
|||
* has the hashed binary PIN of length PINLEN. */
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = verify_a_chv (app, ctrl, pincb, pincb_arg, 1, 0, &pinvalue, &pinlen);
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
|
||||
wipe_and_free (pinvalue, pinlen);
|
||||
|
||||
|
|
Loading…
Reference in New Issue