From d5378ffa417c6eb1d5f41a28ad926029cf5e6d37 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Thu, 31 Mar 2022 19:31:22 +0200 Subject: [PATCH] If has_session_pin is true, it returns sw_ok Signed-off-by: Pol Henarejos --- src/hsm/sc_hsm.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/hsm/sc_hsm.c b/src/hsm/sc_hsm.c index 0953d37..1b58275 100644 --- a/src/hsm/sc_hsm.c +++ b/src/hsm/sc_hsm.c @@ -409,11 +409,12 @@ int pin_wrong_retry(const file_t *pin) { int check_pin(const file_t *pin, const uint8_t *data, size_t len) { if (!pin) - return SW_FILE_NOT_FOUND(); + return SW_REFERENCE_NOT_FOUND(); if (!pin->data) { return SW_REFERENCE_NOT_FOUND(); } isUserAuthenticated = false; + has_session_pin = has_session_sopin = false; uint8_t dhash[32]; double_hash_pin(data, len, dhash); if (sizeof(dhash) != file_read_uint16(pin->data)-1) //1 byte for pin len @@ -431,7 +432,10 @@ int check_pin(const file_t *pin, const uint8_t *data, size_t len) { return SW_MEMORY_FAILURE(); isUserAuthenticated = true; hash_multi(data, len, session_pin); - has_session_pin = true; + if (pin == file_pin1) + has_session_pin = true; + else if (pin == file_sopin) + has_session_sopin = true; return SW_OK(); } @@ -453,6 +457,8 @@ static int cmd_verify() { } if (file_read_uint8(file_retries_pin1->data+2) == 0) return SW_PIN_BLOCKED(); + if (has_session_pin) + return SW_OK(); return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_pin1->data+2)); } else if (p2 == 0x88) { //SOPin @@ -463,6 +469,8 @@ static int cmd_verify() { } if (file_read_uint8(file_retries_sopin->data+2) == 0) return SW_PIN_BLOCKED(); + if (has_session_sopin) + return SW_OK(); return set_res_sw(0x63, 0xc0 | file_read_uint8(file_retries_sopin->data+2)); } return SW_REFERENCE_NOT_FOUND();