Home GnuPG
Diffusion GnuPG 60502c3606ee

scd:piv: Implement PIN cache.
60502c3606ee
Actions

Description

scd:piv: Implement PIN cache.

* scd/command.c (pincache_put): Add arg pinlen and change all callers
to provide it.
* scd/app-piv.c (cache_pin): New.
(pin_from_cache): New.
(ask_and_prepare_chv): Add args no_cache and r_unpaddedpinlen.  Take
PIN from the cache.  Return the unpadded length.
(verify_chv): Add arg ctrl.  Cache the PIN.
(do_change_chv): Clear PIN cache.

The PIV pins are padded but we want to store the unpadded PIN. Thus
the changes to the function.

Code has has been tested by commenting the no_cache parameter because
we the current test certificate was created for PIV.9C which requires
a verification for each use. More testing is required.

  • GnuPG-bug-id: T4791
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Jan 13 2020, 5:53 PM
Parents
rG2e86cca7f418: agent: Avoid multiple calls to scd for KEYINFO.
Branches
Unknown
Tags
Unknown
Tasks
T4791: Switch between PIV and OpenPGP app w/o reentering the PIN

Changes (5)

PathSize
scd/

rG60502c3606ee

View Options

scd/app-openpgp.c

Loading...
View Options

scd/app-piv.c

Loading...
View Options

scd/app.c

Loading...
View Options

scd/command.c

Loading...
View Options

scd/scdaemon.h

Loading...