dearsky/pico-openpgp
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 15 Wiki Activity

Only mark MGM if challenge is the same. Otherwise, send OK silently.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2024-03-25 12:43:16 +01:00
parent c35beb5b0e
commit e2bbe927af
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/openpgp/piv.c
View File

@@ -564,18 +564,17 @@ static int cmd_authenticate() {
if (!has_challenge) { if (!has_challenge) {
return SW_COMMAND_NOT_ALLOWED(); return SW_COMMAND_NOT_ALLOWED();
} }
if (sizeof(challenge) != a80.len || memcmp(a80.data, challenge, a80.len) != 0) {
return SW_DATA_INVALID();
}
if (!asn1_len(&a81)) { if (!asn1_len(&a81)) {
return SW_INCORRECT_PARAMS(); return SW_INCORRECT_PARAMS();
} }
if (key_ref != EF_PIV_KEY_CARDMGM) { if (key_ref != EF_PIV_KEY_CARDMGM) {
return SW_INCORRECT_P1P2(); return SW_INCORRECT_P1P2();
} }
if (sizeof(challenge) == a80.len && memcmp(a80.data, challenge, a80.len) == 0) {
has_mgm = true; has_mgm = true;
} }
} }
}
if (a81.data) { if (a81.data) {
if (!a81.len) { if (!a81.len) {
memcpy(challenge, random_bytes_get(sizeof(challenge)), sizeof(challenge)); memcpy(challenge, random_bytes_get(sizeof(challenge)), sizeof(challenge));