use reset instead of modify for changing pw1
This commit is contained in:
parent
9b292a4c70
commit
e8103d8376
|
@ -97,12 +97,6 @@ class OpenPgpCommandApduFactory {
|
|||
MAX_APDU_NE_EXT);
|
||||
}
|
||||
|
||||
@NonNull
|
||||
CommandAPDU createChangePw1Command(byte[] pin, byte[] newPin) {
|
||||
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
|
||||
P2_CHANGE_REFERENCE_DATA_PW1, Arrays.concatenate(pin, newPin));
|
||||
}
|
||||
|
||||
@NonNull
|
||||
CommandAPDU createChangePw3Command(byte[] adminPin, byte[] newAdminPin) {
|
||||
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
|
||||
|
|
|
@ -208,13 +208,11 @@ public class SecurityTokenConnection {
|
|||
|
||||
}
|
||||
|
||||
public void resetPin(Passphrase adminPin, String newPinStr) throws IOException {
|
||||
public void resetPin(byte[] newPin, Passphrase adminPin) throws IOException {
|
||||
if (!mPw3Validated) {
|
||||
verifyAdminPin(adminPin);
|
||||
}
|
||||
|
||||
byte[] newPin = newPinStr.getBytes();
|
||||
|
||||
final int MAX_PW1_LENGTH_INDEX = 1;
|
||||
byte[] pwStatusBytes = getPwStatusBytes();
|
||||
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
|
||||
|
@ -255,31 +253,6 @@ public class SecurityTokenConnection {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Modifies the user's PW1. Before sending, the new PIN will be validated for
|
||||
* conformance to the token's requirements for key length.
|
||||
*
|
||||
* @param newPin The new PW1.
|
||||
*/
|
||||
public void modifyPw1Pin(byte[] newPin) throws IOException {
|
||||
final int MAX_PW1_LENGTH_INDEX = 1;
|
||||
|
||||
byte[] pwStatusBytes = getPwStatusBytes();
|
||||
|
||||
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
|
||||
throw new IOException("Invalid PIN length");
|
||||
}
|
||||
|
||||
byte[] pin = mPin.toStringUnsafe().getBytes();
|
||||
|
||||
CommandAPDU changePin = commandFactory.createChangePw1Command(pin, newPin);
|
||||
ResponseAPDU response = communicate(changePin);
|
||||
|
||||
if (response.getSW() != APDU_SW_SUCCESS) {
|
||||
throw new CardException("Failed to change PIN", response.getSW());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Call DECIPHER command
|
||||
*
|
||||
|
|
|
@ -141,7 +141,7 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
|
|||
@Override
|
||||
protected void doSecurityTokenInBackground(SecurityTokenConnection stConnection) throws IOException {
|
||||
Passphrase adminPin = new Passphrase(changePinInput.getAdminPin());
|
||||
stConnection.resetPin(adminPin, changePinInput.getNewPin());
|
||||
stConnection.resetPin(changePinInput.getNewPin().getBytes(), adminPin);
|
||||
|
||||
resultTokenInfo = stConnection.getTokenInfo();
|
||||
}
|
||||
|
|
|
@ -273,7 +273,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
|||
}
|
||||
|
||||
// change PINs afterwards
|
||||
stConnection.modifyPw1Pin(newPin);
|
||||
stConnection.resetPin(newPin, adminPin);
|
||||
stConnection.modifyPw3Pin(newAdminPin, adminPin);
|
||||
|
||||
break;
|
||||
|
|
Loading…
Reference in a new issue