I already help riham recover copyright infomation #134
Conversation
…0121209 pkcs15-tool: initialize 'opt_auth_id' consistently.
…ng with a error pin 2.Force the xxx_pin_cmd() returned with the tries_left while a failure authentication occurred 3.Modified author contact infomation
|
Can one of the admins verify this patch? |
|
If I recall correctly, a lawyer in copyright/GPL matters suggested to only accept code with copyright claims by human beings, not legal entities (companies), at least in/for EU, for reasons I unfortunately don't remember. |
| int ret = get_external_key_retries(card, 0x80 | kid, &retries); | ||
| if (ret == SC_SUCCESS) | ||
| *tries_left = retries; | ||
| return SC_ERROR_PIN_CODE_INCORRECT; |
There was a problem hiding this comment.
If it is not a PIN code but key based authentication, the error is misleading. In which context is this function called? (for example, if used through PKCS#11, how does the usual call stack look like in terms of C_ functions?)
There was a problem hiding this comment.
The usbkey returned status word 0x6300 represent verification failed.but in iso7816.c file, the error table "sc_card_error iso7816_errors[]",I don't know why status word 0x6300 represent "State of non-volatile memory changed"? Bcoz In ISO7816-4 7.5.1 last paragraph shows "In this group of commands, SW1-SW2 set to '6300' or '63CX' indicates that the verification failed ".
can anyone give me the answer ?
regards
There was a problem hiding this comment.
Two things:
- iso7816.c/.h must be fixed (it is good when someone notices this)
1a. Remove all the instances of wrongly used SC_ERROR_MEMORY_FAILURE as used in iasecc and sm code to signal memory allocation errors. - Still, if you do key based authentication, then the failure to authenticate can't be translated to an incorrect PIN error. If there's no suitable API level error code defined, create a new one (and make sure that it translated to something meaningful once it escapes the inner workings of OpenSC, like in PKCS#11 or CNG). That's why it would be best if you show some call trace where/when this error actually gets triggered.
There was a problem hiding this comment.
- and 1a. are fixed in 8fc679b,
thanks.
There was a problem hiding this comment.
@martinpaljak
Should I change SC_ERROR_MEMORY_FAILURE( 0x6300 ) to SC_ERROR_AUTHENTICATION_FAILURE
I think it's more clear .
There was a problem hiding this comment.
@viktorTarasov
why change SC_ERROR_MEMORY_FAILURE to SC_WARNING , it's also misleading . The given error infomations "warning: no information given, non-volatile memory has changed" is also indefinite .
There was a problem hiding this comment.
For your authentication failure error, please show where/how it gets triggered (and what is the expected result). For a more generic comment, have a look at 8fc679bf#commitcomment-2732558
There was a problem hiding this comment.
OK, I read the full file. Does the card support PIN based authentication at all? Why doesn't the external authenticate command return the retry counter? Given that for all other parts of OpenSC you actually do receive a PIN as input, the authentication failure indeed should be mapped to incorrect PIN. Epass was a token only, so secure PIN entry via pinpad is anyway not possible, correct?
There was a problem hiding this comment.
My reasons were following:
- according to ISO7816-4 the general meaning of 0x6300 return code is 'warning', without any precising information (ISO7816-4: ch. 5.1.3 "Status bytes", table 6, pp 12);
- the OpenSC's iso7816.c generic driver defines the general meaning of return codes;
- according to ISO7816-4 this return code in the context of particular APDU can be seen as 'error' (ISO7816-4: ch.7.5 "Basic secutity handling", pp 50);
- card driver can redefine the description of the particular return codes;
Finally, I have not strong conviction on this subject.
If you vote for "despite the ISO7816 definitions, in OpenSC any return code that is not 9000 is an error" (that is the current state) I will follow.
There was a problem hiding this comment.
From《Identification cards - Integrated circuit cards - Part 4: Organization, security and commands for interchange》Page 56 :
In this group of commands, SW1-SW2 set to '6300' or '63CX' indicates that the verification failed, 'X' > '0'
encodes the number of further allowed retries.
according to above, we can return SC_ERROR_PIN_CODE_INCORRECT when return 0x6300 .
We didn't find the exact error message which define verification failed, so we used the "SC_ERROR_PIN_CODE_INCORRECT" which most close to the current situation. And just use PIN to derive secret key for external authentication.
|
Can any gatekeeper close all pull requests fired on entersafe asap? We'll create a new on after fixing all issues. Thanks! |
Hello, can someone help to check? Thx!