turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

In factory_reset(), StatusBytes::PasswordNotChecked is also a legal response to "verify" calls to a card (with a bad password).

Browse source
This commit is contained in:
Heiko Schaefer 2021-11-02 18:25:25 +01:00
parent 5eea5c861d
commit 19ca7d9308
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
openpgp-card/src/card_app.rs
View file

@ -271,7 +271,8 @@ impl CardApp {
let resp =
apdu::send_command(&mut self.card_client, verify, false)?;
if !(resp.status() == StatusBytes::SecurityStatusNotSatisfied
|| resp.status() == StatusBytes::AuthenticationMethodBlocked)
|| resp.status() == StatusBytes::AuthenticationMethodBlocked
|| matches!(resp.status(), StatusBytes::PasswordNotChecked(_)))
{
return Err(anyhow!("Unexpected status for reset, at pw1."));
}
@ -285,7 +286,8 @@ impl CardApp {
apdu::send_command(&mut self.card_client, verify, false)?;
if !(resp.status() == StatusBytes::SecurityStatusNotSatisfied
|| resp.status() == StatusBytes::AuthenticationMethodBlocked)
|| resp.status() == StatusBytes::AuthenticationMethodBlocked
|| matches!(resp.status(), StatusBytes::PasswordNotChecked(_)))
{
return Err(anyhow!("Unexpected status for reset, at pw3."));
}