scd: Add condition for VERIFY with 0x82.

* scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2020-08-27 01:41:51 +0000
committer: NIIBE Yutaka <[email protected]> 2020-08-27 01:41:51 +0000
commit: af189be481df02a77e088aa0a60a1fc02dfa12bf (patch)
tree: 247ba0ca339ec7d80bea764da570851e2c411ae7 /scd/app-openpgp.c
parent: build: Silence gcc warning -Wformat-zero-length (diff)
download: gnupg-af189be481df02a77e088aa0a60a1fc02dfa12bf.tar.gz
gnupg-af189be481df02a77e088aa0a60a1fc02dfa12bf.zip
1 files changed, 9 insertions, 4 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 205d4e579..13fdd894f 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -2565,10 +2565,15 @@ verify_chv2 (app_t app, ctrl_t ctrl,
   if (app->did_chv2)
     return 0;  /* We already verified CHV2.  */
 
-  rc = verify_a_chv (app, ctrl, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
-  if (rc)
-    return rc;
-  app->did_chv2 = 1;
+  if (app->app_local->pk[1].key || app->app_local->pk[2].key)
+    {
+      rc = verify_a_chv (app, ctrl, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
+      if (rc)
+        return rc;
+      app->did_chv2 = 1;
+    }
+  else
+    rc = 0;
 
   if (!app->did_chv1 && !app->force_chv1 && pinvalue)
     {
author	NIIBE Yutaka <[email protected]>	2020-08-27 01:41:51 +0000
committer	NIIBE Yutaka <[email protected]>	2020-08-27 01:41:51 +0000
commit	af189be481df02a77e088aa0a60a1fc02dfa12bf (patch)
tree	247ba0ca339ec7d80bea764da570851e2c411ae7 /scd/app-openpgp.c
parent	build: Silence gcc warning -Wformat-zero-length (diff)
download	gnupg-af189be481df02a77e088aa0a60a1fc02dfa12bf.tar.gz gnupg-af189be481df02a77e088aa0a60a1fc02dfa12bf.zip