From f84d36b1da1d02736bb2f5b00bef4507ecc68abf Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Mon, 3 Oct 2022 17:47:27 +0200
Subject: [PATCH] Add return error when no pin is set on getUVToken.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/fido/cbor_client_pin.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/fido/cbor_client_pin.c b/src/fido/cbor_client_pin.c
index b161a4a..30fc6d5 100644
--- a/src/fido/cbor_client_pin.c
+++ b/src/fido/cbor_client_pin.c
@@ -460,6 +460,8 @@ int cbor_client_pin(const uint8_t *data, size_t len) {
             CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
         if ((subcommand == 0x9 && permissions == 0) || (subcommand == 0x5 && (permissions != 0 || rpId.present == true)))
             CBOR_ERROR(CTAP1_ERR_INVALID_PARAMETER);
+        if (!file_has_data(ef_pin))
+            CBOR_ERROR(CTAP2_ERR_PIN_NOT_SET);
         if (*file_get_data(ef_pin) == 0)
             CBOR_ERROR(CTAP2_ERR_PIN_BLOCKED);
         if (mbedtls_mpi_read_binary(&hkey.ctx.mbed_ecdh.Qp.X, kax.data, kax.len) != 0) {