scd: Add option --clear to PASSWD.
29929e655212
Actions

Description

scd: Add option --clear to PASSWD.

* scd/command.c (cmd_passwd): Add option --clear.
(send_status_printf): New.
* scd/app-common.h (APP_CHANGE_FLAG_CLEAR): New.
* scd/app-nks.c (do_change_pin): Return an error if that option is
used.
* scd/app-openpgp.c (do_change_pin): Ditto.

Card application may support this option to clear the PIN verification
status of a specific PIN.

Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on Jan 21 2019, 2:06 PM

Parents

rGec56996029d9: scd: Add very basic support for PIV cards.

Branches

Unknown

Tags

Unknown

Event Timeline

• werner committed rG29929e655212: scd: Add option --clear to PASSWD. (authored by • werner).Jan 21 2019, 2:06 PM

OpenPGPcard 3.1 or later supports clearing authentication status or examining the status.
The problem is that implementations don't use version number for available features.
Specifically, Gnuk keeps using version 2.0 in application ID, and only supports specific features of 3.3.

Perhaps, if used, just execute the functionality and returns an error if it doesn't work.

Thanks for the info. Yes, for the OpenPGP card we could use the ignore error approach.

OK, I will add for OpenPGPcard 3.1 or later.

• werner mentioned this in rGd4082ff430af: scd: Add option --clear to PASSWD..Jan 22 2019, 10:18 AM