From 0f4fac869c63ed0f354464969a137db2cad61a94 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 12 May 2011 11:22:08 +0900 Subject: [PATCH] added gnuk.h fix --- NEWS | 6 +++--- src/gnuk.h | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 86d9aad..825bc95 100644 --- a/NEWS +++ b/NEWS @@ -17,15 +17,15 @@ setting PW3. Without setting PW3, it becomes "admin-less" mode by setting PW1. ** Important two bug fixes. +Gnuk (<= 0.11) had a bug which makes possible for attacker to change +user password without knowing original password. + Gnuk (<= 0.11) had a bug which makes possible for attacker to guess admin password easily. When admin password is not set (the default value of factory setting), failure of VERIFY doesn't increment error counter in older versions. Observing no increment of error counter, attacker could know that admin password is the one of factory setting. -Gnuk (<= 0.11) had a bug which makes possible for attacker to change -user password without knowing original password. - ** tool/gnuk_put_binary.py now uses pyscard. Instead of PyUSB, it uses Python binding of PC/SC. PyUSB version is still available as tool/gnuk_put_binary_libusb.py. diff --git a/src/gnuk.h b/src/gnuk.h index c851bf4..2e98564 100644 --- a/src/gnuk.h +++ b/src/gnuk.h @@ -79,6 +79,8 @@ extern void gpg_pw_increment_err_counter (uint8_t which); extern int ac_check_status (uint8_t ac_flag); extern int verify_pso_cds (const uint8_t *pw, int pw_len); extern int verify_other (const uint8_t *pw, int pw_len); +extern int verify_user_0 (const uint8_t *pw, int buf_len, int pw_len_known, + const uint8_t *ks_pw1); extern int verify_admin (const uint8_t *pw, int pw_len); extern int verify_admin_0 (const uint8_t *pw, int buf_len, int pw_len_known);