From 4dbbf016bdebe4b91ba2fb0d505175f8ff18de77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= Date: Fri, 24 May 2024 17:17:50 +0200 Subject: [PATCH] Enure that all pins are properly deleted with factory-reset --- src/core_api.rs | 2 +- src/trussed_auth_impl.rs | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core_api.rs b/src/core_api.rs index 873b192..eb283cc 100644 --- a/src/core_api.rs +++ b/src/core_api.rs @@ -85,7 +85,7 @@ struct WrappedKeyData { } bitflags! { - pub struct ItemsToDelete: u8 { + pub(crate) struct ItemsToDelete: u8 { const KEYS = 0b00000001; const PINS = 0b00000010; } diff --git a/src/trussed_auth_impl.rs b/src/trussed_auth_impl.rs index 693c0c7..42ef550 100644 --- a/src/trussed_auth_impl.rs +++ b/src/trussed_auth_impl.rs @@ -436,9 +436,16 @@ impl> ExtensionImpl Ok(reply::DeletePin {}.into()) } AuthRequest::DeleteAllPins(request::DeleteAllPins) => { + use crate::core_api::ItemsToDelete; let fs = &mut fs(resources, core_ctx); + // Satisfy the borrow checker + // The `once` trick makes it loose the information that drop is a noop :/ + drop(global_fs); delete_all_pins(fs, self.metadata_location, &mut self.se)?; + + // Ensure that any remaining PIN for the application is also deleted + self.delete_all_items(ItemsToDelete::PINS, &[], ns)?; Ok(reply::DeleteAllPins.into()) } AuthRequest::PinRetries(request) => {