OwnerPIN check and update issue when using an offset

Question

OwnerPIN check and update issue when using an offset

Opened this issue 9 years ago · 2 comments

in /src/javacard/framework/OwnerPIN.java
(https://github.com/martinpaljak/vJCRE/blob/85c7828089fcde0fa8cde89a622b5ec582804947/src/javacard/framework/OwnerPIN.java)

The offset parameter of the functions check and update is not used.
My opinion is that:
Util.arrayCopy(pin, (short)0, value, (short)1, length);
should be changed to
Util.arrayCopy(pin, offset, value, (short)1, length);

and
if (Util.arrayCompare(pin, (short) 0, value, (short) 1, length) == 0) {
should be changed to
if (Util.arrayCompare(pin, offset, value, (short) 1, length) == 0) {

Answer 1 · 2015-11-07T13:57:54.000Z

Moreover limit is set to 0 at the initialisation and its value is never changed

Answer 2 · 2015-11-07T14:05:41.000Z

see PR #4 for a fix