Allow verified PW1 or PW2 before changing pin mode

LedgerHQ · Feb 26, 2024 · 6e330ac · 6e330ac
1 parent 73304b9
commit 6e330ac
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 16 deletions.
diff --git a/src/gpg_ux_msg.c b/src/gpg_ux_msg.c
@@ -27,8 +27,7 @@ const char *const C_RIGHT_PIN = "PIN Correct";
 const char *const C_PIN_CHANGED = "PIN changed";
 const char *const C_PIN_LOCKED = "PIN locked";
 const char *const C_PIN_DIFFERS = "2 PINs differs";
-const char *const C_PIN_USER_81 = "User PIN 0x81";
-const char *const C_PIN_USER_82 = "User PIN 0x82";
+const char *const C_PIN_USER = "User PIN";
 const char *const C_PIN_ADMIN = "Admin PIN";
 
 const char *const C_VERIFIED = "Verified";

diff --git a/src/gpg_ux_msg.h b/src/gpg_ux_msg.h
@@ -30,8 +30,7 @@ extern const char *const C_RIGHT_PIN;
 extern const char *const C_PIN_CHANGED;
 extern const char *const C_PIN_LOCKED;
 extern const char *const C_PIN_DIFFERS;
-extern const char *const C_PIN_USER_81;
-extern const char *const C_PIN_USER_82;
+extern const char *const C_PIN_USER;
 extern const char *const C_PIN_ADMIN;
 
 extern const char *const C_VERIFIED;
@@ -57,8 +56,7 @@ extern const char *const C_EMPTY;
 #define PIN_CHANGED       PICSTR(C_PIN_CHANGED)
 #define PIN_LOCKED        PICSTR(C_PIN_LOCKED)
 #define PIN_DIFFERS       PICSTR(C_PIN_DIFFERS)
-#define PIN_USER_81       PICSTR(C_PIN_USER_81)
-#define PIN_USER_82       PICSTR(C_PIN_USER_82)
+#define PIN_USER          PICSTR(C_PIN_USER)
 #define PIN_ADMIN         PICSTR(C_PIN_ADMIN)
 #define VERIFIED          PICSTR(C_VERIFIED)
 #define NOT_VERIFIED      PICSTR(C_NOT_VERIFIED)

diff --git a/src/gpg_ux_nanos.c b/src/gpg_ux_nanos.c
@@ -830,8 +830,8 @@ void ui_menu_pinmode_action(unsigned int value) {
                 value++;
                 break;
             }
-            if (!gpg_pin_is_verified(PIN_ID_PW2)) {
-                ui_info(PIN_USER_82, NOT_VERIFIED, ui_menu_pinmode_display, 0);
+            if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) && (gpg_pin_is_verified(PIN_ID_PW2) == 0)) {
+                ui_info(PIN_USER, NOT_VERIFIED, ui_menu_pinmode_display, 0);
                 return;
             }
             G_gpg_vstate.pinmode = value;

diff --git a/src/gpg_ux_nanox.c b/src/gpg_ux_nanox.c
@@ -870,8 +870,8 @@ void ui_menu_pinmode_action(unsigned int value) {
                 // Current selected mode
                 break;
             }
-            if (!gpg_pin_is_verified(PIN_ID_PW2)) {
-                ui_info(PIN_USER_82, NOT_VERIFIED);
+            if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) && (gpg_pin_is_verified(PIN_ID_PW2) == 0)) {
+                ui_info(PIN_USER, NOT_VERIFIED);
                 return;
             }
             G_gpg_vstate.pinmode = value;

diff --git a/src/gpg_ux_nbgl.c b/src/gpg_ux_nbgl.c
@@ -499,24 +499,29 @@ void trust_cb(bool confirm) {
 
 static void pin_cb(int token, uint8_t index) {
     const char* err = NULL;
-    int pin = 0;
     switch (token) {
         case TOKEN_PIN_BACK:
             ui_menu_settings();
             break;
         case TOKEN_PIN_SET:
+            if (G_gpg_vstate.pinmode == index) {
+                break;
+            }
             switch (index) {
                 case PIN_MODE_SCREEN:
                 case PIN_MODE_CONFIRM:
-                    pin = PIN_ID_PW2;
-                    err = PIN_USER_82;
+                    if ((gpg_pin_is_verified(PIN_ID_PW1) == 0) &&
+                        (gpg_pin_is_verified(PIN_ID_PW2) == 0)) {
+                        err = PIN_USER;
+                    }
                     break;
                 case PIN_MODE_TRUST:
-                    pin = PIN_ID_PW3;
-                    err = PIN_ADMIN;
+                    if (gpg_pin_is_verified(PIN_ID_PW3) == 0) {
+                        err = PIN_ADMIN;
+                    }
                     break;
             }
-            if (!gpg_pin_is_verified(pin)) {
+            if (err != NULL) {
                 ui_info(err, NOT_VERIFIED, ui_settings_pin, false);
                 break;
             }