giomba/opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

From the PKCS#11 specification chapter C_SetPIN:

Browse Source 
C_SetPIN modifies the PIN of the user that is currently logged in, or
the CKU_USER PIN if the session is not logged in. ....

This was not true for "if the session is not logged in" before this fix.
This commit is contained in:
Lars Silvén 2020-03-27 17:11:32 +01:00 committed by Frank Morgner
parent f9b31e50dd
commit a771450ab2
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/pkcs11/framework-pkcs15.c
View File

@ -1858,11 +1858,7 @@ pkcs15_change_pin(struct sc_pkcs11_slot *slot,
return CKR_PIN_LEN_RANGE;
}
if (login_user < 0) {
if (sc_pkcs11_conf.pin_unblock_style != SC_PKCS11_PIN_UNBLOCK_UNLOGGED_SETPIN) {
sc_log(context, "PIN unlock is not allowed in unlogged session");
return CKR_FUNCTION_NOT_SUPPORTED;
}
if (login_user < 0 && sc_pkcs11_conf.pin_unblock_style == SC_PKCS11_PIN_UNBLOCK_UNLOGGED_SETPIN) {
rc = sc_pkcs15_unblock_pin(fw_data->p15_card, pin_obj, pOldPin, ulOldLen, pNewPin, ulNewLen);
}
else if (login_user == CKU_CONTEXT_SPECIFIC) {
@ -1872,7 +1868,7 @@ pkcs15_change_pin(struct sc_pkcs11_slot *slot,
}
rc = sc_pkcs15_unblock_pin(fw_data->p15_card, pin_obj, pOldPin, ulOldLen, pNewPin, ulNewLen);
}
else if ((login_user == CKU_USER) || (login_user == CKU_SO)) {
else if (login_user < 0 || login_user == CKU_USER || login_user == CKU_SO) {
rc = sc_pkcs15_change_pin(fw_data->p15_card, pin_obj, pOldPin, ulOldLen, pNewPin, ulNewLen);
}
else {