From 2cf211cbd0504bd0c1252bfade0bbefa44725b29 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Fri, 9 Dec 2022 16:27:41 +0100 Subject: [PATCH] Fix clearing token rp link. Signed-off-by: Pol Henarejos --- src/fido/cbor_client_pin.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/fido/cbor_client_pin.c b/src/fido/cbor_client_pin.c index bf6a21e..4e2d053 100644 --- a/src/fido/cbor_client_pin.c +++ b/src/fido/cbor_client_pin.c @@ -31,7 +31,6 @@ #include "hsm.h" #include "apdu.h" -uint8_t permissions_rp_id = 0, permission_set = 0; uint32_t usage_timer = 0, initial_usage_time_limit = 0; uint32_t max_usage_time_period = 600*1000; bool needs_power_cycle = false; @@ -63,11 +62,11 @@ void clearPinUvAuthTokenPermissionsExceptLbw() { } void stopUsingPinUvAuthToken() { - permissions_rp_id = 0; paut.permissions = 0; usage_timer = 0; paut.in_use = false; memset(paut.rp_id_hash, 0, sizeof(paut.rp_id_hash)); + paut.has_rp_id = false; initial_usage_time_limit = 0; paut.user_present = paut.user_verified = false; user_present_time_limit = 0; @@ -547,7 +546,9 @@ int cbor_client_pin(const uint8_t *data, size_t len) { mbedtls_sha256((uint8_t *)rpId.data, rpId.len, paut.rp_id_hash, 0); paut.has_rp_id = true; } - uint8_t pinUvAuthToken_enc[32+IV_SIZE]; + else + paut.has_rp_id = false; + uint8_t pinUvAuthToken_enc[32 + IV_SIZE]; encrypt(pinUvAuthProtocol, sharedSecret, paut.data, 32, pinUvAuthToken_enc); CBOR_CHECK(cbor_encoder_create_map(&encoder, &mapEncoder, 1)); CBOR_CHECK(cbor_encode_uint(&mapEncoder, 0x02));