mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
scd:openpgp: Add the length check for new PIN.
* scd/app-openpgp.c (do_change_pin): Make sure new PIN length is longer than MINLEN. -- GnuPG-bug-id: 6843 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> (cherry picked from commit 2376cdff1318688d94c95fd01adc4b2139c4a8c7)
This commit is contained in:
parent
20e85585ed
commit
efe325ffdf
@ -3286,6 +3286,31 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
|
log_error (_("error getting new PIN: %s\n"), gpg_strerror (rc));
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (set_resetcode)
|
||||||
|
{
|
||||||
|
size_t bufferlen = strlen (pinvalue);
|
||||||
|
|
||||||
|
if (bufferlen != 0 && bufferlen < 8)
|
||||||
|
{
|
||||||
|
log_error (_("Reset Code is too short; minimum length is %d\n"), 8);
|
||||||
|
rc = gpg_error (GPG_ERR_BAD_RESET_CODE);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (chvno == 3)
|
||||||
|
minlen = 8;
|
||||||
|
|
||||||
|
if (strlen (pinvalue) < minlen)
|
||||||
|
{
|
||||||
|
log_info (_("PIN for CHV%d is too short;"
|
||||||
|
" minimum length is %d\n"), chvno, minlen);
|
||||||
|
rc = gpg_error (GPG_ERR_BAD_PIN);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -3320,23 +3345,16 @@ do_change_pin (app_t app, ctrl_t ctrl, const char *chvnostr,
|
|||||||
}
|
}
|
||||||
else if (set_resetcode)
|
else if (set_resetcode)
|
||||||
{
|
{
|
||||||
size_t bufferlen = strlen (pinvalue);
|
size_t bufferlen;
|
||||||
char *buffer = NULL;
|
char *buffer = NULL;
|
||||||
|
|
||||||
if (bufferlen && bufferlen < 8)
|
|
||||||
{
|
|
||||||
log_error (_("Reset Code is too short; minimum length is %d\n"), 8);
|
|
||||||
rc = gpg_error (GPG_ERR_BAD_PIN);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
rc = pin2hash_if_kdf (app, 0, pinvalue, &buffer, &bufferlen);
|
rc = pin2hash_if_kdf (app, 0, pinvalue, &buffer, &bufferlen);
|
||||||
if (!rc)
|
if (!rc)
|
||||||
rc = iso7816_put_data (app_get_slot (app),
|
rc = iso7816_put_data (app_get_slot (app),
|
||||||
0, 0xD3, buffer, bufferlen);
|
0, 0xD3, buffer, bufferlen);
|
||||||
|
|
||||||
wipe_and_free (buffer, bufferlen);
|
wipe_and_free (buffer, bufferlen);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
else if (reset_mode)
|
else if (reset_mode)
|
||||||
{
|
{
|
||||||
char *buffer = NULL;
|
char *buffer = NULL;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user