[Gnuk-users] Error changing the PIN: Conditions of use not satisfied
Jan Suhr | Nitrokey
jan at nitrokey.com
Sat Oct 21 08:32:03 UTC 2017
Dear Niibe-san,
I don't fully remember the reasoning behind this decision. Perhaps it is
implemented as it is for simplicity reason. But I'm wondering if
passphrase and key couldn't be treated independent of each other. In the
following I try to sketch a hypothetical solution for that.
1) Passphrase verification would compare against a salted hash being
stored in the device. The salt would be device-specific (e.g. serial
number or initially generated random value).
2) Keys would be stored encrypted with the passphrase.
This would allow to:
- Change passphrase when a key exists already (-> hash would be changed;
key would be reencrypted with new passphrase)
- Change passphrase without the existence of a key (-> hash would be
changed)
- Importing/replacing a key (-> hash would remain; new key would be
encrypted and replace the old key)
- Importing a key when the passphraseis default (-> key would be
encrypted with "123456")
Did I miss anything?
Best regards,
Jan
Am 21.10.2017 um 00:12 schrieb NIIBE Yutaka:
> Alexander Paetzelt | Nitrokey <alex at nitrokey.com> wrote:
>> does anybody know if this behaviour (user-PIN can only be set, if a key
>> is already on card) is a bug or just a necessity of Gnuk?
>
> It has been there in gnuk/README.
>
> It's because of implementation change of Gnuk 1.2 to allow overriding
> key import. Key is needed for passphrase.
>
--
More information about the gnuk-users
mailing list