use reset instead of modify for changing pw1
This commit is contained in:
parent
9b292a4c70
commit
e8103d8376
|
@ -97,12 +97,6 @@ class OpenPgpCommandApduFactory {
|
||||||
MAX_APDU_NE_EXT);
|
MAX_APDU_NE_EXT);
|
||||||
}
|
}
|
||||||
|
|
||||||
@NonNull
|
|
||||||
CommandAPDU createChangePw1Command(byte[] pin, byte[] newPin) {
|
|
||||||
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
|
|
||||||
P2_CHANGE_REFERENCE_DATA_PW1, Arrays.concatenate(pin, newPin));
|
|
||||||
}
|
|
||||||
|
|
||||||
@NonNull
|
@NonNull
|
||||||
CommandAPDU createChangePw3Command(byte[] adminPin, byte[] newAdminPin) {
|
CommandAPDU createChangePw3Command(byte[] adminPin, byte[] newAdminPin) {
|
||||||
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
|
return new CommandAPDU(CLA, INS_CHANGE_REFERENCE_DATA, P1_EMPTY,
|
||||||
|
|
|
@ -208,13 +208,11 @@ public class SecurityTokenConnection {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void resetPin(Passphrase adminPin, String newPinStr) throws IOException {
|
public void resetPin(byte[] newPin, Passphrase adminPin) throws IOException {
|
||||||
if (!mPw3Validated) {
|
if (!mPw3Validated) {
|
||||||
verifyAdminPin(adminPin);
|
verifyAdminPin(adminPin);
|
||||||
}
|
}
|
||||||
|
|
||||||
byte[] newPin = newPinStr.getBytes();
|
|
||||||
|
|
||||||
final int MAX_PW1_LENGTH_INDEX = 1;
|
final int MAX_PW1_LENGTH_INDEX = 1;
|
||||||
byte[] pwStatusBytes = getPwStatusBytes();
|
byte[] pwStatusBytes = getPwStatusBytes();
|
||||||
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
|
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
|
||||||
|
@ -255,31 +253,6 @@ public class SecurityTokenConnection {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Modifies the user's PW1. Before sending, the new PIN will be validated for
|
|
||||||
* conformance to the token's requirements for key length.
|
|
||||||
*
|
|
||||||
* @param newPin The new PW1.
|
|
||||||
*/
|
|
||||||
public void modifyPw1Pin(byte[] newPin) throws IOException {
|
|
||||||
final int MAX_PW1_LENGTH_INDEX = 1;
|
|
||||||
|
|
||||||
byte[] pwStatusBytes = getPwStatusBytes();
|
|
||||||
|
|
||||||
if (newPin.length < 6 || newPin.length > pwStatusBytes[MAX_PW1_LENGTH_INDEX]) {
|
|
||||||
throw new IOException("Invalid PIN length");
|
|
||||||
}
|
|
||||||
|
|
||||||
byte[] pin = mPin.toStringUnsafe().getBytes();
|
|
||||||
|
|
||||||
CommandAPDU changePin = commandFactory.createChangePw1Command(pin, newPin);
|
|
||||||
ResponseAPDU response = communicate(changePin);
|
|
||||||
|
|
||||||
if (response.getSW() != APDU_SW_SUCCESS) {
|
|
||||||
throw new CardException("Failed to change PIN", response.getSW());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Call DECIPHER command
|
* Call DECIPHER command
|
||||||
*
|
*
|
||||||
|
|
|
@ -141,7 +141,7 @@ public class SecurityTokenChangePinOperationActivity extends BaseSecurityTokenAc
|
||||||
@Override
|
@Override
|
||||||
protected void doSecurityTokenInBackground(SecurityTokenConnection stConnection) throws IOException {
|
protected void doSecurityTokenInBackground(SecurityTokenConnection stConnection) throws IOException {
|
||||||
Passphrase adminPin = new Passphrase(changePinInput.getAdminPin());
|
Passphrase adminPin = new Passphrase(changePinInput.getAdminPin());
|
||||||
stConnection.resetPin(adminPin, changePinInput.getNewPin());
|
stConnection.resetPin(changePinInput.getNewPin().getBytes(), adminPin);
|
||||||
|
|
||||||
resultTokenInfo = stConnection.getTokenInfo();
|
resultTokenInfo = stConnection.getTokenInfo();
|
||||||
}
|
}
|
||||||
|
|
|
@ -273,7 +273,7 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
|
||||||
}
|
}
|
||||||
|
|
||||||
// change PINs afterwards
|
// change PINs afterwards
|
||||||
stConnection.modifyPw1Pin(newPin);
|
stConnection.resetPin(newPin, adminPin);
|
||||||
stConnection.modifyPw3Pin(newAdminPin, adminPin);
|
stConnection.modifyPw3Pin(newAdminPin, adminPin);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue