Missing feedback when changing a card pin fails
Johannes Zarl-Zierl
johannes at zarl-zierl.at
Thu Mar 22 22:37:22 CET 2018
Hi,
I've just spent half an hour scratching my head over an issue that should have
been simple:
I initialized a new OpenPGP card (v2.1 from Zeitcontrol) and changed the
(user) pin.
After this, I used the verify command to check whether the pin was working: I
put my pin into the pinentry dialog, and verified that the retry count
afterwards was still "3 0 3".
Still, when I was prompted the pin afterwards I got the error "wrong pin".
Strangely enough, the retry counter did not decrease when entering the pin.
Entering a different random pin resulted in the retry counter decreasing as it
should.
[Fast-forward through lots of head-scratching, mild swearing and asking myself
whether the card was broken.]
In the end the simple truth was that my pin code only had 5 digits, but the
minimum length is higher. Yes, I know that I *should* know the minimum pin-
code length for my card, and that I *should* use longer pins anyways.
Is it possible to issue some kind of diagnostic for this? I.e. either a
warning/error message when changing the pin, or at least the "verify" command
issuing a warning on an incorrect pin?
Btw. my gpg version is 2.2.5.
Cheers,
Johannes
More information about the Gnupg-users
mailing list