BugFix: set ACCESCOND for changing PIN mode tp PW1, not PW2

Allow PIN_CONFIRM switch with USER PIN level
2024-11-09 07:10:30 +00:00 · 2017-07-06 17:42:26 +02:00 · 2017-07-06 17:42:26 +02:00 · f8522808b6
commit f8522808b6
parent 4733d6f8ba
2 changed files with 4 additions and 3 deletions
--- a/src/gpg_pso.c
+++ b/src/gpg_pso.c
@ -183,7 +183,7 @@ int gpg_apdu_pso(unsigned int pso) {
     
      if ((key == NULL) || (key->size != ksz)) {
        THROW(SW_CONDITIONS_NOT_SATISFIED);
-      return 0;
+        return SW_CONDITIONS_NOT_SATISFIED;
      }
      msg_len = G_gpg_vstate.io_length - G_gpg_vstate.io_offset;
      sz = cx_rsa_decrypt(key,
--- a/src/gpg_ux_nanos.c
+++ b/src/gpg_ux_nanos.c
@ -661,13 +661,14 @@ void ui_menu_pinmode_action(unsigned int value) {
    switch (value) {
    case PIN_MODE_HOST:
    case PIN_MODE_SCREEN:
-      if (!gpg_pin_is_verified(gpg_pin_get_pin(PIN_ID_PW2))) {
+    case PIN_MODE_CONFIRM:
+      if (!gpg_pin_is_verified(gpg_pin_get_pin(PIN_ID_PW1))) {
        ui_info(PIN_USER, NOT_VERIFIED, ui_menu_pinmode_display,0);
       return;
      }
      break;
    
-    case PIN_MODE_CONFIRM:
+    
    case PIN_MODE_TRUST:
      if (!gpg_pin_is_verified(gpg_pin_get_pin(PIN_ID_PW3))) {
        ui_info(PIN_ADMIN, NOT_VERIFIED, ui_menu_pinmode_display,0);