From 5d71e69c1d01b61ac2976c64b7d088e7a9b309b0 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Mon, 16 Feb 2026 00:52:25 +0100
Subject: [PATCH] Do not allow slot move from retired to active.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/openpgp/piv.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/openpgp/piv.c b/src/openpgp/piv.c
index c525674..1cfa70c 100644
--- a/src/openpgp/piv.c
+++ b/src/openpgp/piv.c
@@ -1018,6 +1018,9 @@ static int cmd_move_key() {
     if ((!IS_KEY(to) && to != 0xFF) || !IS_KEY(from)) {
         return SW_INCORRECT_P1P2();
     }
+    if (IS_RETIRED(from) && IS_ACTIVE(to)) {
+        return SW_INCORRECT_P1P2();
+    }
     if (from == 0x93) {
         from = EF_PIV_KEY_RETIRED18;
     }