--- trunk/OpenPGPminidriver/CardPinOperation.c	2010/03/04 21:50:46	7
+++ trunk/OpenPGPminidriver/CardPinOperation.c	2010/03/11 20:32:26	8
@@ -76,7 +76,7 @@
 				__leave;
 			}
 			dwReturn = VerifyPIN(pCardData, ROLE_USER, pbPin, cbPin);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
 				GetRemainingPin(pCardData, ROLE_USER, pcAttemptsRemaining);
 			}
@@ -89,7 +89,7 @@
 				__leave;
 			}
 			dwReturn = VerifyPIN(pCardData, ROLE_ADMIN, pbPin, cbPin);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
 				GetRemainingPin(pCardData, ROLE_ADMIN, pcAttemptsRemaining);
 			}
@@ -263,7 +263,7 @@
 			__leave;
 		}
 		dwReturn = VerifyPIN(pCardData, PinId, pbPinData, cbPinData);
-		if (pcAttemptsRemaining)
+		if (dwReturn && pcAttemptsRemaining)
 		{
 			GetRemainingPin(pCardData, PinId, pcAttemptsRemaining);
 		}
@@ -385,10 +385,16 @@
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
 			__leave;
 		}
-		if (!(dwFlags & CARD_AUTHENTICATE_PIN_PIN))
+		if (dwFlags == CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE)
 		{
 			dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
-			Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
+			Trace(WINEVENT_LEVEL_ERROR, L"CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE SCARD_E_UNSUPPORTED_FEATURE");
+			__leave;
+		}
+		if (dwFlags != CARD_AUTHENTICATE_PIN_PIN)
+		{
+			dwReturn = SCARD_E_INVALID_PARAMETER;
+			Trace(WINEVENT_LEVEL_ERROR, L"SCARD_E_INVALID_PARAMETER dwFlags = 0x%08X", dwFlags);
 			__leave;
 		}
 		dwReturn = CheckContext(pCardData);
@@ -470,14 +476,20 @@
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
 			__leave;
 		}
-		if (!(dwFlags & CARD_AUTHENTICATE_PIN_PIN))
+		if (dwFlags == CARD_AUTHENTICATE_PIN_CHALLENGE_RESPONSE)
 		{
 			dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
 			Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
 			__leave;
 		}
+		if (dwFlags != CARD_AUTHENTICATE_PIN_PIN)
+		{
+			dwReturn = SCARD_E_INVALID_PARAMETER;
+			Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
+			__leave;
+		}
 		dwReturn = CheckContext(pCardData);
-		if ( !dwReturn )
+		if (dwReturn )
 		{
 			Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
@@ -488,7 +500,7 @@
 			dwReturn = ChangePIN(pCardData, ROLE_USER,
 								pbCurrentAuthenticator, cbCurrentAuthenticator,
 								pbNewAuthenticator, cbNewAuthenticator);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
 				GetRemainingPin(pCardData, ROLE_USER, pcAttemptsRemaining);
 			}
@@ -498,7 +510,7 @@
 			dwReturn = ChangePIN(pCardData, ROLE_ADMIN,
 								pbCurrentAuthenticator, cbCurrentAuthenticator,
 								pbNewAuthenticator, cbNewAuthenticator);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
 				GetRemainingPin(pCardData,ROLE_ADMIN, pcAttemptsRemaining);
 			}
@@ -559,37 +571,49 @@
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
 			__leave;
 		}
-		if (!(dwFlags & CARD_AUTHENTICATE_PIN_PIN))
+		if (dwFlags != PIN_CHANGE_FLAG_UNBLOCK && dwFlags != PIN_CHANGE_FLAG_CHANGEPIN)
 		{
-			dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
+			dwReturn = SCARD_E_INVALID_PARAMETER;
 			Trace(WINEVENT_LEVEL_ERROR, L"dwFlags = 0x%08X", dwFlags);
 			__leave;
 		}
 		dwReturn = CheckContext(pCardData);
-		if ( !dwReturn )
+		if ( dwReturn )
 		{
 			Trace(WINEVENT_LEVEL_ERROR, L"GetContext dwReturn == 0x%08X", dwReturn);
 			dwReturn  = SCARD_E_INVALID_PARAMETER;
 			__leave;
 		}
-		if ( dwAuthenticatingPinId == dwTargetPinId) 
+		if ( dwAuthenticatingPinId == dwTargetPinId && dwFlags == PIN_CHANGE_FLAG_CHANGEPIN) 
 		{
 			dwReturn = ChangePIN(pCardData, dwAuthenticatingPinId,
 								pbAuthenticatingPinData, cbAuthenticatingPinData,
 								pbTargetData, cbTargetData);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
 				GetRemainingPin(pCardData, dwAuthenticatingPinId, pcAttemptsRemaining);
 			}
 		}
-		else if ( dwAuthenticatingPinId == ROLE_ADMIN &&  dwTargetPinId == ROLE_USER) 
+		else if ( (dwAuthenticatingPinId == ROLE_ADMIN || dwAuthenticatingPinId == ROLE_PUK )
+					&&  dwTargetPinId == ROLE_USER  && dwFlags == PIN_CHANGE_FLAG_UNBLOCK) 
+		{
+			dwReturn = ResetUserPIN(pCardData, dwAuthenticatingPinId,
+								pbAuthenticatingPinData, cbAuthenticatingPinData,
+								pbTargetData, cbTargetData);
+			if (dwReturn && pcAttemptsRemaining)
+			{
+				GetRemainingPin(pCardData,dwAuthenticatingPinId, pcAttemptsRemaining);
+			}
+		}
+		else if ( dwAuthenticatingPinId == ROLE_ADMIN
+					&&  dwTargetPinId == ROLE_PUK  && dwFlags == PIN_CHANGE_FLAG_CHANGEPIN) 
 		{
-			dwReturn = ResetUserPIN(pCardData, ROLE_ADMIN,
+			dwReturn = SetPUK(pCardData,
 								pbAuthenticatingPinData, cbAuthenticatingPinData,
 								pbTargetData, cbTargetData);
-			if (pcAttemptsRemaining)
+			if (dwReturn && pcAttemptsRemaining)
 			{
-				GetRemainingPin(pCardData,dwTargetPinId, pcAttemptsRemaining);
+				GetRemainingPin(pCardData,dwAuthenticatingPinId, pcAttemptsRemaining);
 			}
 		}
 		else