Fix factory-reset for admin-less mode.

Reported-by: Stanislas Bach <sbach@0g.re> Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-20 02:40:08 +00:00 · 2017-08-03 21:35:20 +09:00 · 2017-08-03 21:35:20 +09:00 · 2b340ee1c5
commit 2b340ee1c5
parent eea011fe70
3 changed files with 11 additions and 1 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+2017-08-03  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (cmd_terminate_df): Fix for admin-less mode.
+
 2017-08-03  Jeremy Drake <jeremydrake+gnuk@eacceleration.com>

 	* regnual/regnual.c (main): Allow compile time
--- a/1
+++ b/1
@ -35,6 +35,7 @@ Paul Fertser
 Paul Bakker		polarssl_maintainer@polarssl.org
 Santiago Ruano Rincón	santiago@debian.org
 Shane Coughlan		scoughlan@openinventionnetwork.com
+Stanislas Bach		sbach@0g.re
 Szczepan Zalega		szczepan@nitrokey.com
 Vasily Evseenko
 Werner Koch		wk@gnupg.org
--- a/src/openpgp.c
+++ b/src/openpgp.c
@ -1335,6 +1335,8 @@ cmd_activate_file (void)
 static void
 cmd_terminate_df (void)
 {
+  const uint8_t *ks_pw3;
+
  uint8_t p1 = P1 (apdu);
  uint8_t p2 = P2 (apdu);

@ -1356,8 +1358,11 @@ cmd_terminate_df (void)
      return;
    }

+  ks_pw3 = gpg_do_read_simple (NR_DO_KEYSTRING_PW3);

-  if (!ac_check_status (AC_ADMIN_AUTHORIZED) && !gpg_pw_locked (PW_ERR_PW3))
+  if (!ac_check_status (AC_ADMIN_AUTHORIZED)
+      && !((ks_pw3 && gpg_pw_locked (PW_ERR_PW3))
+	   || (ks_pw3 == NULL && gpg_pw_locked (PW_ERR_PW1))))
    {
      /* Only allow the case admin authorized, or, admin pass is locked.  */
      GPG_SECURITY_FAILURE();