Fix factory-reset for admin-less mode.
authorNIIBE Yutaka <gniibe@fsij.org>
Thu, 3 Aug 2017 12:35:20 +0000 (21:35 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Thu, 3 Aug 2017 23:32:39 +0000 (08:32 +0900)
Reported-by: Stanislas Bach <sbach@0g.re>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
ChangeLog
THANKS
src/openpgp.c

index 2813c84..299bc32 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2017-08-03  NIIBE Yutaka  <gniibe@fsij.org>
+
+       * src/openpgp.c (cmd_terminate_df): Fix for admin-less mode.
+
 2017-08-03  Jeremy Drake <jeremydrake+gnuk@eacceleration.com>
 
        * regnual/regnual.c (main): Allow compile time
diff --git a/THANKS b/THANKS
index e031b33..d6966e4 100644 (file)
--- a/THANKS
+++ b/THANKS
@@ -35,6 +35,7 @@ Paul Fertser
 Paul Bakker            polarssl_maintainer@polarssl.org
 Santiago Ruano Rinc√≥n santiago@debian.org
 Shane Coughlan         scoughlan@openinventionnetwork.com
+Stanislas Bach         sbach@0g.re
 Szczepan Zalega                szczepan@nitrokey.com
 Vasily Evseenko
 Werner Koch            wk@gnupg.org
index 4e19802..1fdd01a 100644 (file)
@@ -1335,6 +1335,8 @@ cmd_activate_file (void)
 static void
 cmd_terminate_df (void)
 {
+  const uint8_t *ks_pw3;
+
   uint8_t p1 = P1 (apdu);
   uint8_t p2 = P2 (apdu);
 
@@ -1356,8 +1358,11 @@ cmd_terminate_df (void)
       return;
     }
 
+  ks_pw3 = gpg_do_read_simple (NR_DO_KEYSTRING_PW3);
 
-  if (!ac_check_status (AC_ADMIN_AUTHORIZED) && !gpg_pw_locked (PW_ERR_PW3))
+  if (!ac_check_status (AC_ADMIN_AUTHORIZED)
+      && !((ks_pw3 && gpg_pw_locked (PW_ERR_PW3))
+          || (ks_pw3 == NULL && gpg_pw_locked (PW_ERR_PW1))))
     {
       /* Only allow the case admin authorized, or, admin pass is locked.  */
       GPG_SECURITY_FAILURE();