security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

card: Better detect removed cards. Add TCOS PIN menu.

Browse source 
* tools/card-call-scd.c (scd_change_pin): Add arg 'nullpin'.
* tools/gpg-card.h (struct card_info_s): Add field 'card_removed'.
* tools/gpg-card.c (fixup_scd_errors): New.
(maybe_set_card_removed): New.
(list_one_kinfo): Change type of first arg to get access to INFO.  Set
card_removed flag.
(list_all_kinfo): Improve label alignment.
(cmd_list): Check that the current card is still available.
(cmd_passwd): Add option --nullpin and menu to chnage TCOS PINs.
(dispatch_command): Handle card_removed flag.
(interactive_loop): Ditto.
--

Note that that I was not able to change the NullPIN of the standard
PIN using a Signature V2 Brainpool test card.  Changing the NullPIN of
the QES PIN worked, though.  I checked the commands send to scdaemon
and they were correct - I used the very same command with
gpg-connect-agent last week to set a Pin for a production Brainpool
Signature card.  Thus this might be a problem with this specific test
card.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-06-30 14:36:44 +02:00
parent 45398518fb
commit fb10b6cba4
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
3 changed files with 199 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

15
tools/card-call-scd.c
View file

@ -1586,17 +1586,10 @@ scd_applist (strlist_t *result, int all)
/* Change the PIN of an OpenPGP card or reset the retry counter.
* CHVNO 1: Change the PIN
* 2: For v1 cards: Same as 1.
* For v2 cards: Reset the PIN using the Reset Code.
* 3: Change the admin PIN
* 101: Set a new PIN and reset the retry counter
* 102: For v1 cars: Same as 101.
* For v2 cards: Set a new Reset Code.
*/
/* Change the PIN of a card or reset the retry counter. If NULLPIN is
* set the TCOS specific NullPIN is changed. */
gpg_error_t
scd_change_pin (const char *pinref, int reset_mode)
scd_change_pin (const char *pinref, int reset_mode, int nullpin)
{
gpg_error_t err;
char line[ASSUAN_LINELENGTH];
@ -1610,7 +1603,7 @@ scd_change_pin (const char *pinref, int reset_mode)
dfltparm.ctx = agent_ctx;
snprintf (line, sizeof line, "SCD PASSWD%s %s",
reset_mode? " --reset":"", pinref);
nullpin? " --nullpin": reset_mode? " --reset":"", pinref);
err = assuan_transact (agent_ctx, line,
NULL, NULL,
default_inq_cb, &dfltparm,