From 19ca7d9308d232b04e1ea37b2b1add983e7c2657 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Tue, 2 Nov 2021 18:25:25 +0100
Subject: [PATCH] In factory_reset(), StatusBytes::PasswordNotChecked is also a
 legal response to "verify" calls to a card (with a bad password).

---
 openpgp-card/src/card_app.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/openpgp-card/src/card_app.rs b/openpgp-card/src/card_app.rs
index 32e1030..44d0453 100644
--- a/openpgp-card/src/card_app.rs
+++ b/openpgp-card/src/card_app.rs
@@ -271,7 +271,8 @@ impl CardApp {
             let resp =
                 apdu::send_command(&mut self.card_client, verify, false)?;
             if !(resp.status() == StatusBytes::SecurityStatusNotSatisfied
-                || resp.status() == StatusBytes::AuthenticationMethodBlocked)
+                || resp.status() == StatusBytes::AuthenticationMethodBlocked
+                || matches!(resp.status(), StatusBytes::PasswordNotChecked(_)))
             {
                 return Err(anyhow!("Unexpected status for reset, at pw1."));
             }
@@ -285,7 +286,8 @@ impl CardApp {
                 apdu::send_command(&mut self.card_client, verify, false)?;
 
             if !(resp.status() == StatusBytes::SecurityStatusNotSatisfied
-                || resp.status() == StatusBytes::AuthenticationMethodBlocked)
+                || resp.status() == StatusBytes::AuthenticationMethodBlocked
+                || matches!(resp.status(), StatusBytes::PasswordNotChecked(_)))
             {
                 return Err(anyhow!("Unexpected status for reset, at pw3."));
             }