diff options
| author | Werner Koch <[email protected]> | 2020-04-01 18:31:21 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-04-15 13:10:54 +0000 |
| commit | 133b6ff8cd0c938abbf55ba6dc50299240d247f6 (patch) | |
| tree | 57e26811fab5095bb423df7c46b7747c536f0c54 | |
| parent | gpg: ECDH: Accept longer padding. (diff) | |
| download | gnupg-133b6ff8cd0c938abbf55ba6dc50299240d247f6.tar.gz gnupg-133b6ff8cd0c938abbf55ba6dc50299240d247f6.zip | |
scd:p15: Cache the PIN.
* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--
Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | scd/app-p15.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/scd/app-p15.c b/scd/app-p15.c index 744630b00..2726bc24e 100644 --- a/scd/app-p15.c +++ b/scd/app-p15.c @@ -181,6 +181,10 @@ struct prkdf_object_s unsigned int key_reference_valid:1; unsigned int have_off:1; + /* Flag indicating that the corresponding PIN has already been + * verified. */ + unsigned int pin_verified:1; + /* The key's usage flags. */ keyusage_flags_t usageflags; @@ -3147,6 +3151,9 @@ verify_pin (app_t app, const char *s; int i; + if (prkdf->pin_verified) + return 0; /* Already done. */ + if (prkdf->usageflags.non_repudiation && app->app_local->card_type == CARD_TYPE_BELPIC) err = pincb (pincb_arg, "PIN (qualified signature!)", &pinvalue); @@ -3294,6 +3301,7 @@ verify_pin (app_t app, } if (opt.verbose) log_info ("p15: PIN verification succeeded\n"); + prkdf->pin_verified = 1; return 0; } |