jpki/iso7816: explicityl check for PIN length != 0 on VERIFY

If we want to verify the PIN, we don't want the status request, which results in an almost identical APDU (VERIFY APDU with no data). However, as the request for verifying the PIN results in a CASE 3 APDU, `sc_check_apdu()` will check for missing data for the verification so that an error is returned and no PIN bypass is possible.
hhonkanen · Feb 7, 2024 · 23fead8 · 23fead8
1 parent 5bd9e78
commit 23fead8
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/src/libopensc/card-jpki.c b/src/libopensc/card-jpki.c
@@ -242,6 +242,9 @@ jpki_pin_cmd(sc_card_t *card, struct sc_pin_cmd_data *data, int *tries_left)
 
  switch (data->cmd) {
  case SC_PIN_CMD_VERIFY:
+ /* detect overloaded APDU with SC_PIN_CMD_GET_INFO */
+ if (data->pin1.len == 0)
+ LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_PIN_LENGTH);
  sc_format_apdu(card, &apdu, SC_APDU_CASE_3, 0x20, 0x00, 0x80);
  apdu.data = data->pin1.data;
  apdu.datalen = data->pin1.len;

diff --git a/src/libopensc/iso7816.c b/src/libopensc/iso7816.c
@@ -1202,6 +1202,9 @@ iso7816_build_pin_apdu(struct sc_card *card, struct sc_apdu *apdu,
  switch (data->cmd) {
  case SC_PIN_CMD_VERIFY:
  ins = 0x20;
+ /* detect overloaded APDU with SC_PIN_CMD_GET_INFO */
+ if (data->pin1.len == 0)
+ return SC_ERROR_INVALID_PIN_LENGTH;
  if ((r = sc_build_pin(buf, buf_len, &data->pin1, pad)) < 0)
  return r;
  len = r;