scd:piv: Implement PIN cache.
* scd/command.c (pincache_put): Add arg pinlen and change all callers to provide it. * scd/app-piv.c (cache_pin): New. (pin_from_cache): New. (ask_and_prepare_chv): Add args no_cache and r_unpaddedpinlen. Take PIN from the cache. Return the unpadded length. (verify_chv): Add arg ctrl. Cache the PIN. (do_change_chv): Clear PIN cache.
The PIV pins are padded but we want to store the unpadded PIN. Thus
the changes to the function.
Code has has been tested by commenting the no_cache parameter because
we the current test certificate was created for PIV.9C which requires
a verification for each use. More testing is required.
- GnuPG-bug-id: T4791
- Signed-off-by: Werner Koch <wk@gnupg.org>