Skip to content

Commit

Permalink
PIV: Update management_key_type after reset
Browse files Browse the repository at this point in the history
  • Loading branch information
@dainnilsson
dainnilsson committed Jun 17, 2024
1 parent 8369105 commit c5c8b80
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
5 changes: 5 additions & 0 deletions tests/device/test_piv.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -728,6 +728,8 @@ def test_management_key_metadata(self, session, info):
session.set_management_key(
MANAGEMENT_KEY_TYPE.AES192, NON_DEFAULT_MANAGEMENT_KEY
)
assert session.management_key_type == MANAGEMENT_KEY_TYPE.AES192

data = session.get_management_key_metadata()
assert data.key_type == MANAGEMENT_KEY_TYPE.AES192
assert data.default_value is False
Expand All @@ -744,6 +746,9 @@ def test_management_key_metadata(self, session, info):
data = session.get_management_key_metadata()
assert data.default_value is False

session.reset()
assert session.management_key_type == default_type

@pytest.mark.parametrize("key_type", list(KEY_TYPE))
def test_slot_metadata_generate(self, session, info, keys, key_type, scp):
skip_unsupported_key_type(key_type, info)
Expand Down
6 changes: 6 additions & 0 deletions yubikit/piv.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -570,6 +570,12 @@ def reset(self) -> None:
self._current_pin_retries = 3
self._max_pin_retries = 3

# Update management key type
try:
self._management_key_type = self.get_management_key_metadata().key_type
except NotSupportedError:
self._management_key_type = MANAGEMENT_KEY_TYPE.TDES

logger.info("PIV application data reset performed")

@overload
Expand Down

0 comments on commit c5c8b80

Please sign in to comment.