Skip to content

Commit

Permalink
main.c: remove output when RET_NO_PIN_ATTEMPTS (no PIN retry counter)…
Browse files Browse the repository at this point in the history 
… is true: the dongle is in a clean state here without bad PIN entered.

This doesn't imply that we are using the default PINS.

This seems to have been based on wrong assumption that if no prior PIN attempt we are in factory state with default PINS (USER 123456, ADMIN 12345678).
Calling code should be, and is responsible of interpreting artifacts telling that the USB Security dongle is not in factory reset mode with default PINS.

---

History:

Prior of linuxboot/heads@99673d3, Heads was doing the same wrong assumption.
Heads was consuming 1/3 of the PIN to check if it was the default one without, resulting with the user only having 2/3 PIN input attempts before being locked out.

Because of Nitrokey/nitrokey-pro-firmware#54 (unfixed, linking to unfixed Nitrokey/libnitrokey#137), if Heads attempts to use scdaemon/libnitrokey, the dongle hangs.
Let if be libnitrokey/gpg expecting exclusive dongle access, this cause hangs.

Therefore linuxboot/heads@99673d3 bases its assumptions on Heads previously created gpg keyring without relaying on neither scdaemon/libnitrokey.
It uses public key creation vs current timsetamp to determine if the user should be reminded that is using default PINs, they should be changed.

TODO:
- Fix Nitrokey/nitrokey-pro-firmware#54
- Fix Nitrokey/libnitrokey#137

Otherwise, if on any situation, libnitrokey/scdaemon operations are intertwined, this causes Nitrokey/heads#48, which i'll reopen.

Any Heads developer will come to the same problems:
- Develop on host. Push signed commits with said dongle, which use scdaemon on host to interact with USB Security dongle to do signing ops.
- Call make BOARD=qemu-coreboot-fbwhiptail-tpm2-hotp USB_TOKEN=NitrokeyPro/NitrokeyStorage/Nitrokey3NFC/LibremKey to test Heads.
- Land under kvm/qemu, observe reported locked problems, blame QubesOS, blame Heads, blame gnupg.
- Truth is that its libnitrokey/firmware bug.

----

hotp-verification should only report on : firmware version(currently wrong), serial number and success/fail state and not do any assumption reporting false information, confusing the end user.

Signed-off-by: Thierry Laurion <[email protected]>
  • Loading branch information
@tlaurion
tlaurion committed Apr 17, 2024
1 parent 70c04f5 commit 8a1f125
Showing 1 changed file with 0 additions and 2 deletions.
2 changes: 0 additions & 2 deletions src/main.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,8 +110,6 @@ int parse_cmd_and_run(int argc, char *const *argv) {
if (res != RET_NO_PIN_ATTEMPTS) {
printf("\tCard counters: Admin %d, User %d\n",
status.retry_admin, status.retry_user);
} else {
printf("\tCard counters: PIN is not set - set PIN before the first use\n");
}
}
if (res == RET_NO_PIN_ATTEMPTS) {
Expand Down

0 comments on commit 8a1f125

Please sign in to comment.