Possible bug or opportunity for user error with admin/user password

Peter Lebbing peter at digitalbrains.com
Wed Jan 30 20:17:32 CET 2019

Hi all!

On 30/01/2019 18:38, Werner Koch wrote:
> Actually this is not OpenPGP card specific but demanded by ISO-7816.

ISO 7816-4:2013, section 11.5.7 CHANGE REFERENCE DATA command, states:
Verification data followed without delimitation by new reference data

While I knew it is a standardized command, I misremembered the details,
my mistake.

Anyway, can't we work around this? If we do a VERIFY first to check if
the old PIN is accepted, we can then do a CHANGE REFERENCE DATA only
when the VERIFY worked out okay. That way, entering the old PIN with a
suffix will fail on VERIFY.

Unfortunately, this is not fool-proof with smartcard readers with a
PIN-pad, since they require you to re-enter the PIN for CHANGE REFERENCE
DATA. Still, as long as the user doesn't mistype in such a way as to
create such a suffix, it will catch the mistake. It does mean that with
a PIN-pad, the user needs to enter the old PIN twice. I think that's
preferable to the confusion we have now. For PINs entered through
pinentry, we can just repeat it programmatically, the user doesn't have
to retype.

Or if you don't like that, you could just implement the check for cases
where pinentry is used, not for the PIN-pad case.

> Indeed, it is an ugly API but you should consider that it has been
> standardized about 25 years ago and back then the chips needed to
> spare as much memory as possible.

Hmmmm, even then I think it's overzealous optimization, given the
problem at hand. You'd need one byte more in your packet buffer, but
will CHANGE REFERENCE DATA often be the largest packet in your card
application (and hence determine the size of your buffer)? Even if that
were the case, they should have thought of a clever solution :-).

I suspect they simply forgot this special case, thinking "the length is
known", without asking themselves "to whom?".



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.  My key is
available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20190130/d630fffa/attachment.sig>

More information about the Gnuk-users mailing list