From 04942bb4f6b8cb6d1bfb29b8d26742c10fcf38f8 Mon Sep 17 00:00:00 2001
From: martin <martin@c6295689-39f2-0310-b995-f0e70906c6a9>
Date: Fri, 29 Feb 2008 10:18:51 +0000
Subject: [PATCH]  * Correctly return CKR_PIN_INCORRECT if PIN is out of range.
  * By Alon Bar-Lev from svn diff -r 3397:3398
 https://www.opensc-project.org/svn/opensc/branches/alonbl/pkcs11-login-rv

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3400 c6295689-39f2-0310-b995-f0e70906c6a9
---
 src/pkcs11/framework-pkcs15.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 3e86f9f3..c4412272 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -905,10 +905,15 @@ static CK_RV pkcs15_login(struct sc_pkcs11_card *p11card,
 		 * a valid pin (which is processed normally). --okir */
 		if (ulPinLen == 0)
 			pPin = NULL;
-	} else
-	if (ulPinLen < pin->min_length ||
-	    ulPinLen > pin->max_length)
-		return CKR_ARGUMENTS_BAD;
+	} else {
+		/*
+		 * If PIN is out of range,
+		 * it cannot be correct.
+		 */
+		if (ulPinLen < pin->min_length ||
+		    ulPinLen > pin->max_length)
+			return CKR_PIN_INCORRECT;
+	}
 
 	/* By default, we make the reader resource manager keep other
 	 * processes from accessing the card while we're logged in.