<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi,<br>
<br>
sorry for crossposting (see below), but as it has probably something
to do with Gnuk implementation I want to try here. Maybe someone has
an idea.<br>
<br>
Kind regards<br>
Alex<br>
<div class="moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" align="RIGHT" nowrap="nowrap">Subject:
</th>
<td>Conditions for changing admin PIN not clarified (GNUK)</td>
</tr>
<tr>
<th valign="BASELINE" align="RIGHT" nowrap="nowrap">Date: </th>
<td>Thu, 14 Dec 2017 14:36:38 +0100</td>
</tr>
<tr>
<th valign="BASELINE" align="RIGHT" nowrap="nowrap">From: </th>
<td>Alexander Paetzelt | Nitrokey <a class="moz-txt-link-rfc2396E" href="mailto:alex@nitrokey.com"><alex@nitrokey.com></a></td>
</tr>
<tr>
<th valign="BASELINE" align="RIGHT" nowrap="nowrap">To: </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:gnupg-users@gnupg.org">gnupg-users@gnupg.org</a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>Hello everyone,
we realized (because of the question of a user), that there are
conditions in which GnuPG is not questioning to short PIN for admin.
This seems to be specific for Gnuk devices, as I could not reproduce on
OpenPGP Card 2.1
This is what happened:
* factory-reset of device (NK Start with Gnuk 1.2.6, maybe other
versions are affected as well)
* 'gpg --card-edit' -> admin -> passwd -> 3 -> '12345678' to 'newpin'
* "PIN changed." message stated that everything is fine, although admin
needs 8 character
* neither '12345678' nor 'newpin' is accepted afterwards
This is on GnuPG 2.2.3 on Arch Linux (which should not matter).
What shall I do, file a bug? Is this a bug in GnuPG or Gnuk? This seems
to be related to the admin-less mode, although changing admin PIN first
shouldn't trigger this, does it?
Kind regards
Alex
</pre>
</div>
</body>
</html>