[pkg-opensc-commit] [opensc] 66/295: pkcs15init: fix using PINPAD to verify PIN
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit ce82e56411d0204040bc6cf86286c0299a91a819
Author: Viktor Tarasov <viktor.tarasov at gmail.com>
Date: Sun Aug 28 13:35:27 2016 +0200
pkcs15init: fix using PINPAD to verify PIN
on the way to fix problem observed in #856
---
src/libopensc/pkcs15-pin.c | 3 ++-
src/pkcs15init/pkcs15-lib.c | 6 ++++--
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c
index 847d3c0..91b672c 100644
--- a/src/libopensc/pkcs15-pin.c
+++ b/src/libopensc/pkcs15-pin.c
@@ -313,7 +313,8 @@ _sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *p
struct sc_pin_cmd_data data;
LOG_FUNC_CALLED(ctx);
- sc_log(ctx, "PIN(type:%X; method:%X; len:%i)", auth_info->auth_type, auth_info->auth_method, pinlen);
+ sc_log(ctx, "PIN(type:%X; method:%X; value(%p:%i)", auth_info->auth_type, auth_info->auth_method,
+ pincode, pinlen);
if (pinlen > SC_MAX_PIN_SIZE)
LOG_TEST_RET(ctx, SC_ERROR_INVALID_PIN_LENGTH, "Invalid PIN size");
diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c
index 4df0e84..942f9bf 100644
--- a/src/pkcs15init/pkcs15-lib.c
+++ b/src/pkcs15init/pkcs15-lib.c
@@ -3334,7 +3334,7 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
int r, use_pinpad = 0, pin_id = -1;
const char *ident, *label = NULL;
unsigned char pinbuf[0x100];
- size_t pinsize = sizeof(pinbuf);
+ size_t pinsize = 0;
LOG_FUNC_CALLED(ctx);
@@ -3392,7 +3392,7 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
if (pin_obj) {
sc_log(ctx, "PIN object '%.*s'; pin_obj->content.len:%i", (int) sizeof pin_obj->label, pin_obj->label, pin_obj->content.len);
if (pin_obj->content.value && pin_obj->content.len) {
- if (pin_obj->content.len > pinsize)
+ if (pin_obj->content.len > sizeof(pinbuf))
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "PIN buffer is too small");
memcpy(pinbuf, pin_obj->content.value, pin_obj->content.len);
pinsize = pin_obj->content.len;
@@ -3407,6 +3407,7 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
switch (type) {
case SC_AC_CHV:
if (callbacks.get_pin) {
+ pinsize = sizeof(pinbuf);
r = callbacks.get_pin(profile, pin_id, &auth_info, label, pinbuf, &pinsize);
sc_log(ctx, "'get_pin' callback returned %i; pinsize:%i", r, pinsize);
}
@@ -3417,6 +3418,7 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
r = 0;
break;
default:
+ pinsize = sizeof(pinbuf);
r = sc_pkcs15init_get_transport_key(profile, p15card, type, reference, pinbuf, &pinsize);
break;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list