giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pkcs15-pin: If the usage counter of a cached PIN is expired, then free that cached PIN instead of freeing the objects content that is protected by the PIN. 

If re-validation of a cached PIN fails, then free that cached PIN to ensure that it isn't used again for re-validation.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4924 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
andre 2010-12-06 18:33:17 +00:00
parent 3b270b8d27
commit ea4ddf8f17
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/libopensc/pkcs15-pin.c
View File

@ -526,7 +526,7 @@ int sc_pkcs15_pincache_revalidate(struct sc_pkcs15_card *p15card, sc_pkcs15_obje
}
if (pin_obj->usage_counter >= p15card->opts.pin_cache_counter) {
sc_pkcs15_free_object_content(obj);
sc_pkcs15_free_object_content(pin_obj);
return SC_ERROR_SECURITY_STATUS_NOT_SATISFIED;
}
@ -536,6 +536,9 @@ int sc_pkcs15_pincache_revalidate(struct sc_pkcs15_card *p15card, sc_pkcs15_obje
pin_obj->usage_counter++;
r = sc_pkcs15_verify_pin(p15card, pin_obj, pin_obj->content.value, pin_obj->content.len);
if (r != SC_SUCCESS) {
/* Ensure that wrong PIN isn't used again */
sc_pkcs15_free_object_content(pin_obj);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Verify PIN error %i", r);
return SC_ERROR_SECURITY_STATUS_NOT_SATISFIED;
}