From a6575ed68434ead1b2ebdfe1563d9cd11a2d4007 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 6 Aug 2009 14:00:38 +0000 Subject: FIX [462] PINMgmtSignatureCard changePIN silently ignores wrong pin entry [63cX] git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@413 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java | 16 ++++++++++++--- .../src/main/java/at/gv/egiz/smcc/STARCOSCard.java | 24 +++++++++++++++++----- 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java index 9825978c..99aadebd 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/ACOSCard.java @@ -449,7 +449,7 @@ public class ACOSCard extends AbstractSignatureCard implements PINMgmtSignatureC // SELECT application execSELECT_AID(channel, pinSpec.getContextAID()); // VERIFY - verifyPIN(channel, pinSpec, pinProvider, -1); + verifyPINLoop(channel, pinSpec, pinProvider); } catch (CardException e) { log.info("Failed to verify PIN.", e); throw new SignatureCardException("Failed to verify PIN.", e); @@ -471,7 +471,7 @@ public class ACOSCard extends AbstractSignatureCard implements PINMgmtSignatureC // SELECT application execSELECT_AID(channel, pinSpec.getContextAID()); // CHANGE REFERENCE DATA - changePIN(channel, pinSpec, pinProvider, -1); + changePINLoop(channel, pinSpec, pinProvider); } catch (CardException e) { log.info("Failed to change PIN.", e); throw new SignatureCardException("Failed to change PIN.", e); @@ -531,7 +531,17 @@ public class ACOSCard extends AbstractSignatureCard implements PINMgmtSignatureC do { retries = verifyPIN(channel, spec, provider, retries); } while (retries > 0); - + } + + protected void changePINLoop(CardChannel channel, PINSpec spec, ChangePINProvider provider) + throws InterruptedException, LockedException, NotActivatedException, + TimeoutException, PINFormatException, PINOperationAbortedException, + SignatureCardException, CardException { + + int retries = -1; + do { + retries = changePIN(channel, spec, provider, retries); + } while (retries > 0); } protected int verifyPIN(CardChannel channel, PINSpec pinSpec, diff --git a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java index 83c0197a..921819ee 100644 --- a/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java +++ b/smcc/src/main/java/at/gv/egiz/smcc/STARCOSCard.java @@ -357,8 +357,12 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu // SELECT application execSELECT_AID(channel, pinSpec.getContextAID()); } - int retries = verifyPIN(channel, pinSpec, null, 0); - verifyPIN(channel, pinSpec, pinProvider, retries); + log.debug("*** verifyPIN loop"); + verifyPINLoop(channel, pinSpec, pinProvider); +// log.debug("*** verifyPIN 0"); +// int retries = verifyPIN(channel, pinSpec, null, 0); +// log.debug("*** verifyPIN " + retries + " tries"); +// verifyPIN(channel, pinSpec, pinProvider, retries); } catch (CardException e) { log.info("Failed to verify PIN.", e); throw new SignatureCardException("Failed to verify PIN.", e); @@ -382,8 +386,9 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu // SELECT application execSELECT_AID(channel, pinSpec.getContextAID()); } - int retries = verifyPIN(channel, pinSpec, null, 0); - changePIN(channel, pinSpec, pinProvider, retries); + changePINLoop(channel, pinSpec, pinProvider); +// int retries = verifyPIN(channel, pinSpec, null, 0); +// changePIN(channel, pinSpec, pinProvider, retries); } catch (CardException e) { log.info("Failed to change PIN.", e); throw new SignatureCardException("Failed to change PIN.", e); @@ -492,7 +497,16 @@ public class STARCOSCard extends AbstractSignatureCard implements PINMgmtSignatu do { retries = verifyPIN(channel, spec, provider, retries); } while (retries > 0); - + } + + protected void changePINLoop(CardChannel channel, PINSpec spec, ChangePINProvider provider) + throws LockedException, NotActivatedException, SignatureCardException, + InterruptedException, CardException { + + int retries = verifyPIN(channel, spec, null, -1); + do { + retries = changePIN(channel, spec, provider, retries); + } while (retries > 0); } protected int verifyPIN(CardChannel channel, PINSpec pinSpec, -- cgit v1.2.3