cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use reset instead of modify for changing pw1

Browse Source
This commit is contained in:
Vincent Breitmoser
2017-10-13 16:40:37 +02:00
parent 9b292a4c70
commit e8103d8376
4 changed files with 3 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCommandApduFactory.java
View File

@@ -97,12 +97,6 @@ class OpenPgpCommandApduFactory {
MAX_APDU_NE_EXT);
}
@NonNull
CommandAPDU createChangePw1Command(byte[] pin, byte[] newPin) {
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
P2_CHANGE_REFERENCE_DATA_PW1, Arrays.concatenate(pin, newPin));
}
@NonNull
CommandAPDU createChangePw3Command(byte[] adminPin, byte[] newAdminPin) {
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,

29
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenConnection.java
View File

@@ -208,13 +208,11 @@ public class SecurityTokenConnection {
}
public void resetPin(Passphrase adminPin, String newPinStr) throws IOException {
public void resetPin(byte[] newPin, Passphrase adminPin) throws IOException {
if (!mPw3Validated) {
verifyAdminPin(adminPin);
}
byte[] newPin = newPinStr.getBytes();
final int MAX_PW1_LENGTH_INDEX = 1;
byte[] pwStatusBytes = getPwStatusBytes();
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
@@ -255,31 +253,6 @@ public class SecurityTokenConnection {
}
}
/**
* Modifies the user's PW1. Before sending, the new PIN will be validated for
* conformance to the token's requirements for key length.
*
* @param newPin The new PW1.
*/
public void modifyPw1Pin(byte[] newPin) throws IOException {
final int MAX_PW1_LENGTH_INDEX = 1;
byte[] pwStatusBytes = getPwStatusBytes();
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
throw new IOException("Invalid PIN length");
}
byte[] pin = mPin.toStringUnsafe().getBytes();
CommandAPDU changePin = commandFactory.createChangePw1Command(pin, newPin);
ResponseAPDU response = communicate(changePin);
if (response.getSW() != APDU_SW_SUCCESS) {
throw new CardException("Failed to change PIN", response.getSW());
}
}
/**
* Call DECIPHER command
*