security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

scd: Fix signing authentication status. 

* scd/app-openpgp.c (do_sign): Clear DID_CHV1 after signing.

--

Cherry-picked from master commit of:
	78f542e1f4

We have a corner case: In "not forced" situation and authenticated,
and it is changed to "forced", card implementaiton can actually accept
signing, but GnuPG requires authentication, because it is "forced".

GnuPG-bug-id: 4177
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2018-10-15 11:10:15 +09:00
parent 8f844ae1cd
commit 7e2b0488d1
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
scd/app-openpgp.c
View File

@ -4381,7 +4381,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
log_info (_("signatures created so far: %lu\n"), sigcount);
/* Check CHV if needed. */
if (!app->did_chv1 || app->force_chv1 )
if (!app->did_chv1 || app->force_chv1)
{
char *pinvalue;
int pinlen;
@ -4429,6 +4429,9 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
}
rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value,
outdata, outdatalen);
if (!rc && app->force_chv1)
app->did_chv1 = 0;
return rc;
}