From 2aa2a606f5b92268dc72c66ee233d71a5310d9df Mon Sep 17 00:00:00 2001 From: Charles-Edouard de la Vergne Date: Fri, 23 Feb 2024 12:51:35 +0100 Subject: [PATCH] Allow verified PW1 or PW2 before changing pin mode --- src/gpg_ux_msg.c | 3 +-- src/gpg_ux_msg.h | 6 ++---- src/gpg_ux_nanos.c | 4 ++-- src/gpg_ux_nanox.c | 4 ++-- src/gpg_ux_nbgl.c | 17 +++++++++++------ 5 files changed, 18 insertions(+), 16 deletions(-) diff --git a/src/gpg_ux_msg.c b/src/gpg_ux_msg.c index 182d818..d1c3a2d 100644 --- a/src/gpg_ux_msg.c +++ b/src/gpg_ux_msg.c @@ -27,8 +27,7 @@ const char *const C_RIGHT_PIN = "PIN Correct"; const char *const C_PIN_CHANGED = "PIN changed"; const char *const C_PIN_LOCKED = "PIN locked"; const char *const C_PIN_DIFFERS = "2 PINs differs"; -const char *const C_PIN_USER_81 = "User PIN 0x81"; -const char *const C_PIN_USER_82 = "User PIN 0x82"; +const char *const C_PIN_USER = "User PIN"; const char *const C_PIN_ADMIN = "Admin PIN"; const char *const C_VERIFIED = "Verified"; diff --git a/src/gpg_ux_msg.h b/src/gpg_ux_msg.h index de81d81..a3e0a9f 100644 --- a/src/gpg_ux_msg.h +++ b/src/gpg_ux_msg.h @@ -30,8 +30,7 @@ extern const char *const C_RIGHT_PIN; extern const char *const C_PIN_CHANGED; extern const char *const C_PIN_LOCKED; extern const char *const C_PIN_DIFFERS; -extern const char *const C_PIN_USER_81; -extern const char *const C_PIN_USER_82; +extern const char *const C_PIN_USER; extern const char *const C_PIN_ADMIN; extern const char *const C_VERIFIED; @@ -57,8 +56,7 @@ extern const char *const C_EMPTY; #define PIN_CHANGED PICSTR(C_PIN_CHANGED) #define PIN_LOCKED PICSTR(C_PIN_LOCKED) #define PIN_DIFFERS PICSTR(C_PIN_DIFFERS) -#define PIN_USER_81 PICSTR(C_PIN_USER_81) -#define PIN_USER_82 PICSTR(C_PIN_USER_82) +#define PIN_USER PICSTR(C_PIN_USER) #define PIN_ADMIN PICSTR(C_PIN_ADMIN) #define VERIFIED PICSTR(C_VERIFIED) #define NOT_VERIFIED PICSTR(C_NOT_VERIFIED) diff --git a/src/gpg_ux_nanos.c b/src/gpg_ux_nanos.c index 3ab355a..abfec68 100644 --- a/src/gpg_ux_nanos.c +++ b/src/gpg_ux_nanos.c @@ -830,8 +830,8 @@ void ui_menu_pinmode_action(unsigned int value) { value++; break; } - if (!gpg_pin_is_verified(PIN_ID_PW2)) { - ui_info(PIN_USER_82, NOT_VERIFIED, ui_menu_pinmode_display, 0); + if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) && (gpg_pin_is_verified(PIN_ID_PW2) == 0)) { + ui_info(PIN_USER, NOT_VERIFIED, ui_menu_pinmode_display, 0); return; } G_gpg_vstate.pinmode = value; diff --git a/src/gpg_ux_nanox.c b/src/gpg_ux_nanox.c index 790eb59..909f2b7 100644 --- a/src/gpg_ux_nanox.c +++ b/src/gpg_ux_nanox.c @@ -870,8 +870,8 @@ void ui_menu_pinmode_action(unsigned int value) { // Current selected mode break; } - if (!gpg_pin_is_verified(PIN_ID_PW2)) { - ui_info(PIN_USER_82, NOT_VERIFIED); + if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) && (gpg_pin_is_verified(PIN_ID_PW2) == 0)) { + ui_info(PIN_USER, NOT_VERIFIED); return; } G_gpg_vstate.pinmode = value; diff --git a/src/gpg_ux_nbgl.c b/src/gpg_ux_nbgl.c index c6c8436..55055c9 100644 --- a/src/gpg_ux_nbgl.c +++ b/src/gpg_ux_nbgl.c @@ -499,24 +499,29 @@ void trust_cb(bool confirm) { static void pin_cb(int token, uint8_t index) { const char* err = NULL; - int pin = 0; switch (token) { case TOKEN_PIN_BACK: ui_menu_settings(); break; case TOKEN_PIN_SET: + if (G_gpg_vstate.pinmode == index) { + break; + } switch (index) { case PIN_MODE_SCREEN: case PIN_MODE_CONFIRM: - pin = PIN_ID_PW2; - err = PIN_USER_82; + if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) && + (gpg_pin_is_verified(PIN_ID_PW2) == 0)) { + err = PIN_USER; + } break; case PIN_MODE_TRUST: - pin = PIN_ID_PW3; - err = PIN_ADMIN; + if (gpg_pin_is_verified(PIN_ID_PW3) == 0) { + err = PIN_ADMIN; + } break; } - if (!gpg_pin_is_verified(pin)) { + if (err != NULL) { ui_info(err, NOT_VERIFIED, ui_settings_pin, false); break; }