From d2f1a0a791db3eb03c003365cbcd010bd8066edb Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 27 Aug 2020 10:41:51 +0900 Subject: [PATCH] scd: Add condition for VERIFY with 0x82. * scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- Backport master commit of: af189be481df02a77e088aa0a60a1fc02dfa12bf With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka --- scd/app-openpgp.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 7fc903b9a..8a1d30d5b 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -2361,10 +2361,15 @@ verify_chv2 (app_t app, if (app->did_chv2) return 0; /* We already verified CHV2. */ - rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen); - if (rc) - return rc; - app->did_chv2 = 1; + if (app->app_local->pk[1].key || app->app_local->pk[2].key) + { + rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen); + if (rc) + return rc; + app->did_chv2 = 1; + } + else + rc = 0; if (!app->did_chv1 && !app->force_chv1 && pinvalue) {