From 173ca7678da13647fde2e4d95c59d3793a436ca0 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Tue, 5 Sep 2023 19:46:32 +0200 Subject: [PATCH] Accept arbitrary SO-PIN length on reset retry. Signed-off-by: Pol Henarejos --- src/hsm/cmd_reset_retry.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/src/hsm/cmd_reset_retry.c b/src/hsm/cmd_reset_retry.c index 0522fda..2388d75 100644 --- a/src/hsm/cmd_reset_retry.c +++ b/src/hsm/cmd_reset_retry.c @@ -36,16 +36,15 @@ int cmd_reset_retry() { if (P1(apdu) == 0x0 || P1(apdu) == 0x2) { int newpin_len = 0; if (P1(apdu) == 0x0) { - if (apdu.nc <= 8) { + uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin)); + if (apdu.nc <= so_pin_len + 1) { return SW_WRONG_LENGTH(); } - uint16_t r = check_pin(file_sopin, apdu.data, 8); + uint16_t r = check_pin(file_sopin, apdu.data, so_pin_len); if (r != 0x9000) { return r; } - newpin_len = apdu.nc - 8; - has_session_sopin = true; - hash_multi(apdu.data, 8, session_sopin); + newpin_len = apdu.nc - so_pin_len; } else if (P1(apdu) == 0x2) { if (!has_session_sopin) { @@ -83,15 +82,14 @@ int cmd_reset_retry() { return SW_COMMAND_NOT_ALLOWED(); } if (P1(apdu) == 0x1) { - if (apdu.nc != 8) { + uint8_t so_pin_len = file_read_uint8(file_get_data(file_sopin)); + if (apdu.nc != so_pin_len) { return SW_WRONG_LENGTH(); } - uint16_t r = check_pin(file_sopin, apdu.data, 8); + uint16_t r = check_pin(file_sopin, apdu.data, so_pin_len); if (r != 0x9000) { return r; } - has_session_sopin = true; - hash_multi(apdu.data, 8, session_sopin); } else if (P1(apdu) == 0x3) { if (!has_session_sopin) {