Closed keiji closed 7 months ago
Hello,
I am not able to reproduce your error. Working on the app refactoring, I can verify correctly the PIN. As far as I can see, the pin verification is done thanks to the value provided in P2, as written in the openpgpg spec. In the logs, I can see:
scdaemon[27887] DBG: check_pcsc_pinpad: command=20, r=0
scdaemon[27887] DBG: prompting for pinpad entry '||Please unlock the card%0A%0ANumber: 2C97 1706948A%0AHolder: '
scdaemon[27887] DBG: chan_7 -> [ 49 4e 51 55 49 52 45 20 50 4f 50 55 50 50 49 4e ...(75 byte(s) skipped) ]
scdaemon[27887] DBG: chan_7 <- END
scdaemon[27887] DBG: send secure: c=00 i=20 p1=00 p2=82 len=24 pinmax=15
scdaemon[27887] DBG: response: sw=9000 datalen=2
scdaemon[27887] DBG: dismiss pinpad entry prompt
scdaemon[27887] DBG: chan_7 -> INQUIRE DISMISSPINPADPROMPT
scdaemon[27887] DBG: chan_7 <- END
scdaemon[27887] operation check_pin result: Success
Can you double check on your side?
Please note the updated version 2.0.0 is available in the branch develop
.
I propose to allow both PW1 and PW2 when reuesting to change the PIN mode.
One question I didn't find the answer: How to force the verification using either PW1 or PW2?
Changed in v2.0.1
still experiencing this issue, I can set the mode to trust after performing an action that requires admin pin verification, but I have been unable to set it to anything else.
very unsure what I did, i think it had something to do with UIF mode on decrypt, but I was able to change my pin mode to host now.
Describe the issue
We cannot change PIN mode by "User PIN Not Verified" error.
And I think "User PIN" cannot be verify by gpg command. Because of gpg command verify with CHV1-PIN but Ledger OpenPGP app is checking CHV2-PIN state.
scdaemon logs
2022-08-11 23:26:42 scdaemon[845] DBG: send apdu: c=00 i=20 p1=00 p2=81 lc=6 le=-1 em=0 2022-08-11 23:26:42 scdaemon[845] DBG: PCSC_data: 00 20 00 81 06 31 31 31 31 31 31 2022-08-11 23:26:42 scdaemon[845] DBG: response: sw=6982 datalen=0 2022-08-11 23:26:42 scdaemon[845] verify CHV1 failed: Bad PINhttps://github.com/LedgerHQ/openpgp-card-app/blob/64662c181f4c906288564cbfadc2db53df4534b0/src/gpg_ux_nanos.c#L763-L766
Steps to reproduce
gpg --edit-card
on your computer.admin
andverify
Expected behavior
If verify is succeeded by gpg command, we are able to change PIN mode "Host".
Environments
Additional context
I checked the scdaemon logs while I ran verify with the gpg command.
$ gpg --edit-card --verbose
$ gpg --edit-card --verbose Reader ...........: Ledger Nano S 0 Application ID ...: D2760001240103032C9731DE307A0000 Application type .: OpenPGP Version ..........: 3.3 Manufacturer .....: unknown Serial number ....: 31DE307A Name of cardholder: [not set] Language prefs ...: [not set] Salutation .......: URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 12 12 12 PIN retry counter : 3 0 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] gpg/card> admin Admin commands are allowed gpg/card> verify gpg: pinentry launched (851 w32 1.2.0-unknown /dev/pty0 xterm needs-to-be-defined 20600/197609/197121 197609/197121 0) Reader ...........: Ledger Nano S 0 Application ID ...: D2760001240103032C9731DE307A0000 Application type .: OpenPGP Version ..........: 3.3 Manufacturer .....: unknown Serial number ....: 31DE307A Name of cardholder: [not set] Language prefs ...: [not set] Salutation .......: URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: rsa2048 rsa2048 rsa2048 Max. PIN lengths .: 12 12 12 PIN retry counter : 2 0 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] gpg/card>These logs are failed(wrong PIN) pattern. You can see
verify CHV1
in the log.Workaround
I tried to verify CHV2-PIN by
opensc-explorer
command that is contained openSC.Then, I have succeeded to change PIN mode after CHV2-PIN has been verified!
Consideration
I think that gpg command verify with CHV1-PIN but Ledger OpenPGP app is checking CHV2-PIN state.
https://github.com/LedgerHQ/openpgp-card-app/blob/64662c181f4c906288564cbfadc2db53df4534b0/src/gpg_ux_nanos.c#L763-L766