From bd58997dc98d03ec3a140894b59651903fed1798 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 8 Nov 2017 10:28:55 +0900
Subject: [PATCH] Possibly support other hash in future, for KDF.

---
 ChangeLog        |  7 +++++++
 src/gnuk.h       |  2 ++
 src/openpgp-do.c | 13 ++++++++++++-
 src/openpgp.c    |  8 ++++----
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 1b3f9c9..001952c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2017-11-08  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp-do.c (gpg_do_kdf_check): New.
+	(proc_resetting_code): Use gpg_do_kdf_check.
+	* src/openpgp.c (cmd_verify, cmd_change_password)
+	(cmd_reset_user_password): Likewise.
+
 2017-11-07  NIIBE Yutaka  <gniibe@fsij.org>
 
 	* src/openpgp-do.c (proc_resetting_code): Error when
diff --git a/src/gnuk.h b/src/gnuk.h
index b10d538..74c3eb4 100644
--- a/src/gnuk.h
+++ b/src/gnuk.h
@@ -298,6 +298,8 @@ void gpg_do_write_simple (uint8_t, const uint8_t *, int);
 void gpg_increment_digital_signature_counter (void);
 void gpg_do_get_initial_pw_setting (int is_pw3, int *r_len,
 				    const uint8_t **r_p);
+int gpg_do_kdf_check (int len, int how_many);
+
 
 void fatal (uint8_t code) __attribute__ ((noreturn));
 #define FATAL_FLASH  1
diff --git a/src/openpgp-do.c b/src/openpgp-do.c
index d81f5f6..a9fb771 100644
--- a/src/openpgp-do.c
+++ b/src/openpgp-do.c
@@ -865,6 +865,17 @@ rw_kdf (uint16_t tag, int with_tag, const uint8_t *data, int len, int is_write)
     }
 }
 
+int
+gpg_do_kdf_check (int len, int how_many)
+{
+  const uint8_t *kdf_spec = gpg_do_read_simple (NR_DO_KDF);
+
+  if (kdf_spec && (kdf_spec[43] * how_many) != len)
+    return 0;
+
+  return 1;
+}
+
 void
 gpg_do_get_initial_pw_setting (int is_pw3, int *r_len, const uint8_t **r_p)
 {
@@ -906,7 +917,7 @@ proc_resetting_code (const uint8_t *data, int len)
 
   DEBUG_INFO ("Resetting Code!\r\n");
 
-  if (gpg_do_read_simple (NR_DO_KDF) && len != 32)
+  if (gpg_do_kdf_check (len, 1) == 0)
     return 0;
 
   newpw_len = len;
diff --git a/src/openpgp.c b/src/openpgp.c
index e1191e1..9ceed84 100644
--- a/src/openpgp.c
+++ b/src/openpgp.c
@@ -192,7 +192,7 @@ cmd_verify (void)
       return;
     }
 
-  if (gpg_do_read_simple (NR_DO_KDF) && len != 32)
+  if (gpg_do_kdf_check (len, 1) == 0)
     {
       GPG_CONDITION_NOT_SATISFIED ();
       return;
@@ -305,7 +305,7 @@ cmd_change_password (void)
       return;
     }
 
-  if (gpg_do_read_simple (NR_DO_KDF) && len != 64)
+  if (gpg_do_kdf_check (len, 2) == 0)
     {
       GPG_CONDITION_NOT_SATISFIED ();
       return;
@@ -531,7 +531,7 @@ cmd_reset_user_password (void)
       const uint8_t *ks_rc = gpg_do_read_simple (NR_DO_KEYSTRING_RC);
       uint8_t old_ks[KEYSTRING_MD_SIZE];
 
-      if (gpg_do_read_simple (NR_DO_KDF) && len != 64)
+      if (gpg_do_kdf_check (len, 2) == 0)
 	{
 	  GPG_CONDITION_NOT_SATISFIED ();
 	  return;
@@ -601,7 +601,7 @@ cmd_reset_user_password (void)
 	  return;
 	}
 
-      if (gpg_do_read_simple (NR_DO_KDF) && len != 32)
+      if (gpg_do_kdf_check (len, 1) == 0)
 	{
 	  GPG_CONDITION_NOT_SATISFIED ();
 	  return;