scd: Add condition for VERIFY with 0x82.

* scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- Backport master commit of: af189be481df02a77e088aa0a60a1fc02dfa12bf With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2020-08-27 01:41:51 +0000
committer: NIIBE Yutaka <[email protected]> 2020-08-27 01:54:59 +0000
commit: d2f1a0a791db3eb03c003365cbcd010bd8066edb (patch)
tree: 8be644937a5dd16bbaed5e80470b0dc0448d2aba
parent: build: Silence gcc warning -Wformat-zero-length (diff)
download: gnupg-d2f1a0a791db3eb03c003365cbcd010bd8066edb.tar.gz
gnupg-d2f1a0a791db3eb03c003365cbcd010bd8066edb.zip
1 files changed, 9 insertions, 4 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 7fc903b9a..8a1d30d5b 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -2361,10 +2361,15 @@ verify_chv2 (app_t app,
   if (app->did_chv2)
     return 0;  /* We already verified CHV2.  */
 
-  rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
-  if (rc)
-    return rc;
-  app->did_chv2 = 1;
+  if (app->app_local->pk[1].key || app->app_local->pk[2].key)
+    {
+      rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
+      if (rc)
+        return rc;
+      app->did_chv2 = 1;
+    }
+  else
+    rc = 0;
 
   if (!app->did_chv1 && !app->force_chv1 && pinvalue)
     {
author	NIIBE Yutaka <[email protected]>	2020-08-27 01:41:51 +0000
committer	NIIBE Yutaka <[email protected]>	2020-08-27 01:54:59 +0000
commit	d2f1a0a791db3eb03c003365cbcd010bd8066edb (patch)
tree	8be644937a5dd16bbaed5e80470b0dc0448d2aba
parent	build: Silence gcc warning -Wformat-zero-length (diff)
download	gnupg-d2f1a0a791db3eb03c003365cbcd010bd8066edb.tar.gz gnupg-d2f1a0a791db3eb03c003365cbcd010bd8066edb.zip