Improve PIN/PUK length testing when KDF is enabled
This commit is contained in:
parent
faaa48c042
commit
8b1463c399
@ -236,8 +236,8 @@ public final class Persistent {
|
|||||||
Common.beginTransaction(isRegistering);
|
Common.beginTransaction(isRegistering);
|
||||||
user_pin_length = (byte)Constants.USER_PIN_DEFAULT.length;
|
user_pin_length = (byte)Constants.USER_PIN_DEFAULT.length;
|
||||||
user_pin.update(Constants.USER_PIN_DEFAULT, (short)0, user_pin_length);
|
user_pin.update(Constants.USER_PIN_DEFAULT, (short)0, user_pin_length);
|
||||||
user_pin.resetAndUnblock();
|
|
||||||
Common.commitTransaction(isRegistering);
|
Common.commitTransaction(isRegistering);
|
||||||
|
user_pin.resetAndUnblock();
|
||||||
|
|
||||||
Common.beginTransaction(isRegistering);
|
Common.beginTransaction(isRegistering);
|
||||||
user_puk_length = (short)0;
|
user_puk_length = (short)0;
|
||||||
@ -253,8 +253,8 @@ public final class Persistent {
|
|||||||
Common.beginTransaction(isRegistering);
|
Common.beginTransaction(isRegistering);
|
||||||
admin_pin_length = (byte)Constants.ADMIN_PIN_DEFAULT.length;
|
admin_pin_length = (byte)Constants.ADMIN_PIN_DEFAULT.length;
|
||||||
admin_pin.update(Constants.ADMIN_PIN_DEFAULT, (short)0, admin_pin_length);
|
admin_pin.update(Constants.ADMIN_PIN_DEFAULT, (short)0, admin_pin_length);
|
||||||
admin_pin.resetAndUnblock();
|
|
||||||
Common.commitTransaction(isRegistering);
|
Common.commitTransaction(isRegistering);
|
||||||
|
admin_pin.resetAndUnblock();
|
||||||
|
|
||||||
isTerminated = false;
|
isTerminated = false;
|
||||||
}
|
}
|
||||||
|
@ -767,11 +767,18 @@ public final class SmartPGPApplet extends Applet implements ExtendedLength {
|
|||||||
|
|
||||||
case (byte)0x02:
|
case (byte)0x02:
|
||||||
assertAdmin();
|
assertAdmin();
|
||||||
|
if(data.keyDerivationIsActive()) {
|
||||||
|
if(lc != data.keyDerivationSize()) {
|
||||||
|
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
if((lc < Constants.USER_PIN_MIN_SIZE) ||
|
if((lc < Constants.USER_PIN_MIN_SIZE) ||
|
||||||
(lc > Constants.USER_PIN_MAX_SIZE)) {
|
(lc > Constants.USER_PIN_MAX_SIZE)) {
|
||||||
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
transients.setUserPinMode81(false);
|
transients.setUserPinMode81(false);
|
||||||
transients.setUserPinMode82(false);
|
transients.setUserPinMode82(false);
|
||||||
JCSystem.beginTransaction();
|
JCSystem.beginTransaction();
|
||||||
@ -1142,11 +1149,18 @@ public final class SmartPGPApplet extends Applet implements ExtendedLength {
|
|||||||
|
|
||||||
case Constants.TAG_RESETTING_CODE:
|
case Constants.TAG_RESETTING_CODE:
|
||||||
assertAdmin();
|
assertAdmin();
|
||||||
|
if(data.keyDerivationIsActive()) {
|
||||||
|
if(lc != data.keyDerivationSize()) {
|
||||||
|
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
if((lc < Constants.USER_PUK_MIN_SIZE) ||
|
if((lc < Constants.USER_PUK_MIN_SIZE) ||
|
||||||
(lc > Constants.USER_PUK_MAX_SIZE)) {
|
(lc > Constants.USER_PUK_MAX_SIZE)) {
|
||||||
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
JCSystem.beginTransaction();
|
JCSystem.beginTransaction();
|
||||||
data.user_puk_length = (byte)lc;
|
data.user_puk_length = (byte)lc;
|
||||||
data.user_puk.update(buf, (short)0, data.user_puk_length);
|
data.user_puk.update(buf, (short)0, data.user_puk_length);
|
||||||
|
Loading…
Reference in New Issue
Block a user