From d45a0bfc20a9cee9e3ddbfc2f98739569152e64f Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Sun, 24 Mar 2024 02:19:55 +0100
Subject: [PATCH] Fix verify on change pin.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/openpgp/piv.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/openpgp/piv.c b/src/openpgp/piv.c
index 5f9cf18..222ec8c 100644
--- a/src/openpgp/piv.c
+++ b/src/openpgp/piv.c
@@ -888,15 +888,14 @@ static int cmd_change_pin() {
         return SW_MEMORY_FAILURE();
     }
     uint8_t *pin_data = file_get_data(ef), pin_len = apdu.nc - pin_data[0];
-    uint8_t dhash[33];
-    double_hash_pin(apdu.data, pin_data[0], dhash + 1);
-    if (memcmp(dhash, file_get_data(ef) + 1, sizeof(dhash) - 1) != 0) {
-        return SW_SECURITY_STATUS_NOT_SATISFIED();
+    uint16_t ret = check_pin(ef, apdu.data, pin_data[0]);
+    if (ret != 0x9000) {
+        return ret;
     }
+    uint8_t dhash[33];
     dhash[0] = pin_len;
     double_hash_pin(apdu.data + pin_data[0], pin_len, dhash + 1);
     flash_write_data_to_file(ef, dhash, sizeof(dhash));
-    pin_reset_retries(ef, true);
     low_flash_available();
     return SW_OK();
 }