fix auth conditions

ChangeLog

@@ -1,7 +1,13 @@
 2013-10-11  Niibe Yutaka  <gniibe@fsij.org>
 
+	* src/ac.c (verify_user_0, verify_admin_00): Fix conditions.
+
 	* src/openpgp-do.c (gpg_do_write_prvkey): Delete keystring
 	information from data object of NR_DO_KEYSTRING_PW3.
+	Fix conditions.
+	(gpg_do_keygen): Likewise.
+
+	* src/openpgp.c (cmd_reset_user_password): Likewise.
 
 2013-10-10  Niibe Yutaka  <gniibe@fsij.org>
 

src/ac.c

@@ -109,8 +109,9 @@ verify_user_0 (uint8_t access, const uint8_t *pw, int buf_len, int pw_len_known,
 
   if (r1 < 0 || r2 < 0
       || (r1 == 0 && r2 == 0 && ks_pw1 != NULL
-	  && memcmp (KS_GET_KEYSTRING (ks_pw1),
+	  && ((ks_pw1[0] & PW_LEN_KEYSTRING_BIT) == 0
-		     keystring, KEYSTRING_MD_SIZE) != 0))
+	      || memcmp (KS_GET_KEYSTRING (ks_pw1),
+			 keystring, KEYSTRING_MD_SIZE) != 0)))
     {
     failure:
       gpg_pw_increment_err_counter (PW_ERR_PW1);
@@ -182,7 +183,8 @@ verify_admin_00 (const uint8_t *pw, int buf_len, int pw_len_known,
   if (r1 < 0 || r2 < 0)
     return -1;
   else if (r1 == 0 && r2 == 0)
-    if (memcmp (KS_GET_KEYSTRING (ks), keystring, KEYSTRING_MD_SIZE) != 0)
+    if ((ks[0] & PW_LEN_KEYSTRING_BIT) == 0
+	|| memcmp (KS_GET_KEYSTRING (ks), keystring, KEYSTRING_MD_SIZE) != 0)
       return -1;
 
   return pw_len;

src/openpgp-do.c

@@ -853,15 +853,11 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
   memcpy (pd->iv, iv, INITIAL_VECTOR_SIZE);
   memcpy (pd->checksum_encrypted, kdi.checksum, DATA_ENCRYPTION_KEY_SIZE);
 
-  if (ks_pw1)
+  if (ks_pw1 && ((ks_pw1_len = ks_pw1[0]) & PW_LEN_KEYSTRING_BIT))
     {
-      ks_pw1_len = ks_pw1[0];
+      ks_info0[0] = ks_pw1_len & PW_LEN_MASK;
+      memcpy (KS_GET_SALT (ks_info0), KS_GET_SALT (ks_pw1), SALT_SIZE);
       encrypt_dek (KS_GET_KEYSTRING (ks_pw1), pd->dek_encrypted_1);
-      if ((ks_pw1_len & PW_LEN_KEYSTRING_BIT))
-	{
-	  ks_info0[0] = ks_pw1_len & PW_LEN_MASK;
-	  memcpy (KS_GET_SALT (ks_info0), KS_GET_SALT (ks_pw1), SALT_SIZE);
-	}
     }
   else
     {
@@ -872,15 +868,11 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
       encrypt_dek (ks, pd->dek_encrypted_1);
     }
 
-  if (ks_rc)
+  if (ks_rc && ((ks_rc_len = ks_rc[0]) & PW_LEN_KEYSTRING_BIT))
     {
-      ks_rc_len = ks_rc[0];
+      ks_info1[0] = ks_rc_len & PW_LEN_MASK;
+      memcpy (KS_GET_SALT (ks_info1), KS_GET_SALT (ks_rc), SALT_SIZE);
       encrypt_dek (KS_GET_KEYSTRING (ks_rc), pd->dek_encrypted_2);
-      if ((ks_rc_len & PW_LEN_KEYSTRING_BIT))
-	{
-	  ks_info1[0] = ks_rc_len & PW_LEN_MASK;
-	  memcpy (KS_GET_SALT (ks_info1), KS_GET_SALT (ks_rc), SALT_SIZE);
-	}
     }
   else
     memset (pd->dek_encrypted_2, 0, DATA_ENCRYPTION_KEY_SIZE);
@@ -1742,15 +1734,21 @@ gpg_do_keygen (uint8_t kk_byte)
       /* GnuPG expects it's ready for signing. */
       /* Don't call ac_reset_pso_cds here, but load the private key */
 
-      if (ks_pw1)
+      if (ks_pw1 == NULL)
-	ks = KS_GET_KEYSTRING (ks_pw1);
-      else
 	{
 	  const uint8_t * pw = (const uint8_t *)OPENPGP_CARD_INITIAL_PW1;
 
 	  s2k (NULL, 0, pw, strlen (OPENPGP_CARD_INITIAL_PW1), keystring);
 	  ks = keystring;
 	}
+      else
+	if ((ks_pw1[0] & PW_LEN_KEYSTRING_BIT) != 0)
+	  ks = KS_GET_KEYSTRING (ks_pw1);
+	else
+	  {
+	    GPG_ERROR ();
+	    return;
+	  }
 
       gpg_do_load_prvkey (GPG_KEY_FOR_SIGNING, BY_USER, ks);
     }

src/openpgp.c

@@ -526,7 +526,9 @@ cmd_reset_user_password (void)
 	}
       else if (r == 0)
 	{
-	  if (memcmp (KS_GET_KEYSTRING (ks_rc), old_ks, KEYSTRING_MD_SIZE) != 0)
+	  if ((ks_rc[0] & PW_LEN_KEYSTRING_BIT) == 0
+	      || memcmp (KS_GET_KEYSTRING (ks_rc),
+			 old_ks, KEYSTRING_MD_SIZE) != 0)
 	    goto sec_fail;
 	  DEBUG_INFO ("done (no prvkey).\r\n");
 	  new_ks0[0] |= PW_LEN_KEYSTRING_BIT;