scd: Fix signing authentication status.

* scd/app-openpgp.c (do_sign): Clear DID_CHV1 after signing. -- We have a corner case: In "not forced" situation and authenticated, and it is changed to "forced", card implementaiton can actually accept signing, but GnuPG requires authentication, because it is "forced". GnuPG-bug-id: 4177 Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2018-10-15 02:10:15 +0000
committer: NIIBE Yutaka <[email protected]> 2018-10-15 02:10:15 +0000
commit: 78f542e1f4495195db2e668f9cd41657fb1afc77 (patch)
tree: 4f66b2a3ea598422583c12806ffb80cd32a33987
parent: agent: Fix message for ACK button. (diff)
download: gnupg-78f542e1f4495195db2e668f9cd41657fb1afc77.tar.gz
gnupg-78f542e1f4495195db2e668f9cd41657fb1afc77.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 8df9fab0a..87804f593 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -4393,7 +4393,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
   log_info (_("signatures created so far: %lu\n"), sigcount);
 
   /* Check CHV if needed.  */
-  if (!app->did_chv1 || app->force_chv1 )
+  if (!app->did_chv1 || app->force_chv1)
     {
       char *pinvalue;
       int pinlen;
@@ -4441,6 +4441,9 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
     }
   rc = iso7816_compute_ds (app->slot, exmode, data, datalen, le_value,
                            outdata, outdatalen);
+  if (!rc && app->force_chv1)
+    app->did_chv1 = 0;
+
   return rc;
 }
author	NIIBE Yutaka <[email protected]>	2018-10-15 02:10:15 +0000
committer	NIIBE Yutaka <[email protected]>	2018-10-15 02:10:15 +0000
commit	78f542e1f4495195db2e668f9cd41657fb1afc77 (patch)
tree	4f66b2a3ea598422583c12806ffb80cd32a33987
parent	agent: Fix message for ACK button. (diff)
download	gnupg-78f542e1f4495195db2e668f9cd41657fb1afc77.tar.gz gnupg-78f542e1f4495195db2e668f9cd41657fb1afc77.zip