pinpad entry parameter handling

ChangeLog

@@ -1,3 +1,10 @@
+2011-12-07  Niibe Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (GPGthread): Handle bConfirmPIN parameter.
+
+	* src/usb-icc.c (icc_handle_data): Pass PC_to_RDR_Secure
+	information to gpg_thread using memory of cmd_APDU.
+
 2011-12-01  Niibe Yutaka  <gniibe@fsij.org>
 
 	* src/gnuk.h (EV_PINPAD_INPUT_DONE, EV_NOP, EV_CMD_AVAILABLE)

src/openpgp.c

@@ -960,19 +960,28 @@ GPGthread (void *arg)
       else if (m == EV_MODIFY_CMD_AVAILABLE)
 	{
 #if defined(PINPAD_SUPPORT)
+	  uint8_t bConfirmPIN = cmd_APDU[4];
+	  uint8_t *p = &cmd_APDU[5];
+
 	  if (cmd_APDU[1] != INS_CHANGE_REFERENCE_DATA)
 	    {
 	      GPG_CONDITION_NOT_SATISFIED ();
 	      goto done;
 	    }
 
-	  pw_len = get_pinpad_input (PIN_INPUT_CURRENT);
-	  if (pw_len < 0)
+	  if ((bConfirmPIN & 2))	/* Require old PIN */
 	    {
-	      GPG_ERROR ();
-	      goto done;
+	      pw_len = get_pinpad_input (PIN_INPUT_CURRENT);
+	      if (pw_len < 0)
+		{
+		  GPG_ERROR ();
+		  goto done;
+		}
+	      memcpy (p, pin_input_buffer, pw_len);
+	      p += pw_len;
 	    }
-	  memcpy (&cmd_APDU[5], pin_input_buffer, pw_len);
+	  else
+	    pw_len = 0;
 
 	  newpw_len = get_pinpad_input (PIN_INPUT_NEW);
 	  if (newpw_len < 0)
@@ -980,20 +989,22 @@ GPGthread (void *arg)
 	      GPG_ERROR ();
 	      goto done;
 	    }
-	  memcpy (&cmd_APDU[5]+pw_len, pin_input_buffer, newpw_len);
+	  memcpy (p, pin_input_buffer, newpw_len);
 
-	  len = get_pinpad_input (PIN_INPUT_CONFIRM);
-	  if (len < 0)
+	  if ((bConfirmPIN & 1))	/* New PIN twice */
 	    {
-	      GPG_ERROR ();
-	      goto done;
-	    }
+	      len = get_pinpad_input (PIN_INPUT_CONFIRM);
+	      if (len < 0)
+		{
+		  GPG_ERROR ();
+		  goto done;
+		}
 
-	  if (len != newpw_len
-	      || memcmp (&cmd_APDU[5]+pw_len, pin_input_buffer, len) != 0)
-	    {
-	      GPG_SECURITY_FAILURE ();
-	      goto done;
+	      if (len != newpw_len || memcmp (p, pin_input_buffer, len) != 0)
+		{
+		  GPG_SECURITY_FAILURE ();
+		  goto done;
+		}
 	    }
 
 	  len = cmd_APDU[4] = pw_len + newpw_len;

src/usb-icc.c

@@ -524,6 +524,14 @@ icc_handle_data (void)
 	      cmd_APDU[2] = icc_buffer[27];
 	      cmd_APDU[3] = icc_buffer[28];
 	      icc_data_size = 4;
+	      cmd_APDU[4] = 0; /* bConfirmPIN */
+	      cmd_APDU[5] = icc_buffer[17]; /* bEntryValidationCondition */
+	      cmd_APDU[6] = icc_buffer[18]; /* bNumberMessage */
+	      cmd_APDU[7] = icc_buffer[19]; /* wLangId L */
+	      cmd_APDU[8] = icc_buffer[20]; /* wLangId H */
+	      cmd_APDU[9] = icc_buffer[21]; /* bMsgIndex, bMsgIndex1 */
+	      cmd_APDU[10] = 0; /* bMsgIndex2 */
+	      cmd_APDU[11] = 0; /* bMsgIndex3 */
 	      chEvtSignal (gpg_thread, EV_VERIFY_CMD_AVAILABLE);
 	      next_state = ICC_STATE_EXECUTE;
 	    }
@@ -540,6 +548,17 @@ icc_handle_data (void)
 	      cmd_APDU[2] = icc_buffer[29 + num_msgs];
 	      cmd_APDU[3] = icc_buffer[30 + num_msgs];
 	      icc_data_size = 4;
+	      cmd_APDU[4] = icc_buffer[19]; /* bConfirmPIN */
+	      cmd_APDU[5] = icc_buffer[20]; /* bEntryValidationCondition */
+	      cmd_APDU[6] = icc_buffer[21]; /* bNumberMessage */
+	      cmd_APDU[7] = icc_buffer[22]; /* wLangId L */
+	      cmd_APDU[8] = icc_buffer[23]; /* wLangId H */
+	      cmd_APDU[9] = icc_buffer[24]; /* bMsgIndex, bMsgIndex1 */
+	      cmd_APDU[10] = cmd_APDU[11] = 0;
+	      if (num_msgs >= 2)
+		cmd_APDU[10] = icc_buffer[25]; /* bMsgIndex2 */
+	      if (num_msgs == 3)
+		cmd_APDU[11] = icc_buffer[26]; /* bMsgIndex3 */
 	      chEvtSignal (gpg_thread, EV_MODIFY_CMD_AVAILABLE);
 	      next_state = ICC_STATE_EXECUTE;
 	    }