security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity

scd: Fix the use case of verify_chv2 by CHECKPIN. 

* scd/app-openpgp.c (verify_chv2): Call verify_a_chv with chvno=1
when needed.

--

Confusingly, verify_chv2 has two different purposes;  One for
verifying with CHV2 (in addition to CHV1), and the call by
CHECKPIN.  For the latter, we should check CHV1.

Fixes-commit: af189be481
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2020-09-15 15:31:23 +09:00
parent fbc1b199fd
commit 6e51f2044a
1 changed files with 25 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
scd/app-openpgp.c
View File

@ -2650,9 +2650,6 @@ verify_chv2 (app_t app, ctrl_t ctrl,
if (rc)
return rc;
app->did_chv2 = 1;
}
else
rc = 0;
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
{
@ -2676,6 +2673,13 @@ verify_chv2 (app_t app, ctrl_t ctrl,
* has the hashed binary PIN of length PINLEN. */
}
}
}
else
{
rc = verify_a_chv (app, ctrl, pincb, pincb_arg, 1, 0, &pinvalue, &pinlen);
if (rc)
return rc;
}
wipe_and_free (pinvalue, pinlen);