[pkg-opensc-commit] [opensc] 168/295: Validate PIN before verification

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit c6a9201b62457c9a26f6adb2c452318bce25fdf3
Author: Nuno Goncalves <nunojpg at gmail.com>
Date:   Wed Feb 1 11:16:46 2017 +0100

    Validate PIN before verification
    
    _validate_pin was not being called at all during a PIN verification.
    
    After this tools report correctly when the PIN length is invalid, even on pkcs11 layer.
    
    Signed-off-by: Nuno Goncalves <nunojpg at gmail.com>
---
 src/libopensc/pkcs15-pin.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c
index 69fd086..ffbcf39 100644
--- a/src/libopensc/pkcs15-pin.c
+++ b/src/libopensc/pkcs15-pin.c
@@ -295,6 +295,10 @@ sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *pi
 
 	LOG_FUNC_CALLED(ctx);
 
+	r = _validate_pin(p15card, (struct sc_pkcs15_auth_info *)pin_obj->data, pinlen);
+	if (r)
+		LOG_FUNC_RETURN(ctx, r);
+
 	r = _sc_pkcs15_verify_pin(p15card, pin_obj, pincode, pinlen);
 	if (r == SC_SUCCESS)
 		sc_pkcs15_pincache_add(p15card, pin_obj, pincode, pinlen);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git