Page MenuHome GnuPG

after enable kdf-setup impossible change user/admin pin
Testing, NormalPublic


after enabling kdf(kdf-setup)
I have strange behavior:

  1. I change the admin pin from the default 12345678 to 654321 - I get "PIN changed."
  2. I change the name - I get "gpg: error setting Name: Bad PIN", PIN retry counter: 3 0 3 - has not decreased
  3. I try to change the admin pin, enter the current one - then I get - "Error changing the PIN: Bad PIN"
  4. I change the user PIN from 123456 to 123123 - PIN changed.
  5. I change the user’s PIN, enter the current one - then I get Error changing the PIN: Bad PIN
  6. PIN retry counter - still 3 0 3

then just reset the card


gpg (GnuPG) 2.4.0

Event Timeline

Andry created this object in space S1 Public.
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.
This comment was removed by gniibe.

Thank you for the bug report. Although it's a corner case, it is a discrepancy in the implementation which results unrecoverable situation of the device.

Please use longer admin PIN at the step 1. The admin PIN should be more than or equals to 8 characters.

Since the OpenPGP card specification requires longer PIN, GnuPG has the check if admin PIN length is >= 8, when a user tries to verify.
The check is done before actually sending the command to card (thus, no error counter change in the card).

However, with KDF setup enabled, it is possible to change to the shorter PIN using current buggy GnuPG (because the data itself is a hash, which is longer).
After changing the PIN, (because GnuPG checks the PIN length), there is no way to authenticate with device using buggy GnuPG.

I think that we should add the check of PIN length for new PIN.

gniibe changed the task status from Open to Testing.Dec 27 2023, 1:25 AM
gniibe added a project: backport.

It would be good to apply this to 2.2, so adding "backport" tag.

werner added a subscriber: werner.

We need to test the PIN, PUK and reset code stuff in 2.2