From 49d9ec7cf9ca793fbcc01c985aa9b214cbeac7cc Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Wed, 13 Apr 2022 14:12:14 +0200
Subject: [PATCH] Session pin is randomized.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/sc_hsm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c
index 45f9b1f..db6ed28 100644
--- a/src/hsm/sc_hsm.c
+++ b/src/hsm/sc_hsm.c
@@ -1917,8 +1917,8 @@ int cmd_general_authenticate() {
 
 int cmd_session_pin() {
     if (P1(apdu) == 0x01 && P2(apdu) == 0x81) {
-        memcpy(sm_session_pin, "\x30\x31\x32\x33\x34\x35", 6);
-        sm_session_pin_len = 6;
+        memcpy(sm_session_pin, random_bytes_get(8), 8);
+        sm_session_pin_len = 8;
         
         memcpy(res_APDU, sm_session_pin, sm_session_pin_len);
         res_APDU_size = sm_session_pin_len;