-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrade_by_passwd.py can brick the key on single invocation #12
Comments
@nakato Agreed. @alex-nitrokey That is a good candidate for the cause indeed. The loop should only continue in a case, where the connection issues had occurred, not when the PIN had been incorrect. It would be the safest to remove it for now. |
I created a PR in #13 I added a check if auth attempt actually worked. The loop breaks if the authentication failed. This helps to keep the feature of killing scdaemon automatically intact. |
Did you check if latest Gnuk contains a fix for that issue already,
perhaps?
|
Well... actually I should have, but I didn't. |
Doesn't look like it. |
In case the wrong PIN is supplied, and the factory-reset is set to no, this would lock the device entirely. Temporary fix for #12, while waiting for #13. Signed-off-by: Szczepan Zalega <[email protected]>
A single invocation of "upgrade_by_passwd.py" with the wrong admin key will brick the key in a single run if
factory_reset=no
I would not expect the tool to try a single pin 3 times in a row without prompting, it would probably be best to make this less aggressive.
The text was updated successfully, but these errors were encountered: