Possible bug or opportunity for user error with admin/user password

Peter Lebbing peter at digitalbrains.com
Wed Jan 30 12:07:20 CET 2019


I think your new password is now "78thisismypassword".

There's an annoying design deficiency in the OpenPGP Card
specification. It says this:

> The length of the existing password is known in the card, so that
> neither a delimiter nor padding for filling up fixed formats is
> necessary for UTF-8. The length of the new UTF-8 password therefore
> computes L new = Lc – L old.

Do you see the problem? :-)

The data field for changing OLDPIN to NEWPIN is formatted as:


The data field that is sent when you specify the old PIN as OLDPINBAD
and the new PIN as NEWPIN is:


So the pin is changed to BADNEWPIN.

So any suffix you accidentally add to the old PIN becomes a prefix to
the new PIN.

This is in the specification, not the GnuK implementation :-(.

And the mistake in the reasoning of the specification is that even
though the card might be completely certain of the length of the old
PIN, the user might not be. Add default PINs that only differ in suffix,
and we get a trap sprung for the unsuspecting user.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20190130/38196e18/attachment.sig>

More information about the Gnuk-users mailing list