make sure PUK is blocked when not explicitly initialized

philipWendland · Mar 17, 2019 · 6810ffc · 6810ffc
1 parent 4ec7308
commit 6810ffc
Showing 1 changed file with 15 additions and 11 deletions.
diff --git a/src/net/pwendland/javacard/pki/isoapplet/IsoApplet.java b/src/net/pwendland/javacard/pki/isoapplet/IsoApplet.java
@@ -173,7 +173,6 @@ public static void install(byte[] bArray, short bOffset, byte bLength) {
     protected IsoApplet() {
         api_features = 0;
         pin = new OwnerPIN(PIN_MAX_TRIES, PIN_MAX_LENGTH);
-        puk = new OwnerPIN(PUK_MAX_TRIES, PUK_LENGTH);
         fs = new IsoFileSystem();
         ram_buf = JCSystem.makeTransientByteArray(RAM_BUF_SIZE, JCSystem.CLEAR_ON_DESELECT);
         ram_chaining_cache = JCSystem.makeTransientShortArray(RAM_CHAINING_CACHE_SIZE, JCSystem.CLEAR_ON_DESELECT);
@@ -224,7 +223,9 @@ protected IsoApplet() {
      */
     public void deselect() {
         pin.reset();
-        puk.reset();
+        if(puk != null) {
+            puk.reset();
+        }
         fs.setUserAuthenticated(false);
     }
 
@@ -481,6 +482,7 @@ private void processChangeReferenceData(APDU apdu) throws ISOException {
                 }
 
                 // Set PUK
+                puk = new OwnerPIN(PUK_MAX_TRIES, PUK_LENGTH);
                 puk.update(buf, offset_cdata, (byte)lc);
                 puk.resetAndUnblock();
 
@@ -589,17 +591,19 @@ public void	processResetRetryCounter(APDU apdu) throws ISOException {
         }
 
         // Check the PUK.
-        if(!puk.check(buf, offset_cdata, PUK_LENGTH)) {
+        if(puk == null) {
+            ISOException.throwIt(SW_PIN_TRIES_REMAINING);
+        } else if (!puk.check(buf, offset_cdata, PUK_LENGTH)) {
             ISOException.throwIt((short)(SW_PIN_TRIES_REMAINING | puk.getTriesRemaining()));
-        }
-
-        // If we're here, the PUK was correct.
-        // Pad the new PIN, if not done by caller. We don't want any gargabe from the APDU buffer to be part of the new PIN.
-        Util.arrayFillNonAtomic(buf, (short)(offset_cdata + lc), (short)(PUK_LENGTH + PIN_MAX_LENGTH - lc), (byte) 0x00);
+        } else {
+            // If we're here, the PUK was correct.
+            // Pad the new PIN, if not done by caller. We don't want any gargabe from the APDU buffer to be part of the new PIN.
+            Util.arrayFillNonAtomic(buf, (short)(offset_cdata + lc), (short)(PUK_LENGTH + PIN_MAX_LENGTH - lc), (byte) 0x00);
 
-        // Set the PIN.
-        pin.update(buf, (short)(offset_cdata+PUK_LENGTH), PIN_MAX_LENGTH);
-        pin.resetAndUnblock();
+            // Set the PIN.
+            pin.update(buf, (short)(offset_cdata+PUK_LENGTH), PIN_MAX_LENGTH);
+            pin.resetAndUnblock();
+        }
     }
 
     /**