From 626b1e666665df736545b96e8d5aaa9112bb0a9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Palmer?= <sebastien.palmer@functori.com>
Date: Tue, 5 Mar 2024 16:41:11 +0100
Subject: [PATCH] U2F: remove code related to U2F

Since it is not authorized by the baking app
---
 doc/apdu.md       | 1 -
 src/apdu.h        | 8 --------
 src/apdu_pubkey.c | 5 -----
 src/exception.h   | 1 -
 4 files changed, 15 deletions(-)

diff --git a/doc/apdu.md b/doc/apdu.md
index 558e8ad8..37c098aa 100644
--- a/doc/apdu.md
+++ b/doc/apdu.md
@@ -51,7 +51,6 @@ baking.
 | `EXC_REFERENCED_DATA_NOT_FOUND` | 0x6A88 | Referenced data not found.                      |
 | `EXC_WRONG_VALUES`              | 0x6A80 | The parameters in the data field are incorrect. |
 | `EXC_SECURITY`                  | 0x6982 | Security condition not satisfied.               |
-| `EXC_HID_REQUIRED`              | 0x6983 | Authentication method blocked.                  |
 | `EXC_CLASS`                     | 0x6E00 | Class not supported.                            |
 | `EXC_MEMORY_ERROR`              | 0x9200 | Memory error.                                   |
 
diff --git a/src/apdu.h b/src/apdu.h
index f10d53a9..292ae4e6 100644
--- a/src/apdu.h
+++ b/src/apdu.h
@@ -57,14 +57,6 @@ static inline bool delay_reject(void) {
     return true;
 }
 
-static inline void require_permissioned_comm(void) {
-    /* U2F is dangerous for privacy because any open website
-    in the browser can use it silently if the app is opened.*/
-    if (G_io_apdu_media == IO_APDU_MEDIA_U2F) {
-        THROW(EXC_HID_REQUIRED);
-    }
-}
-
 size_t provide_pubkey(uint8_t* const io_buffer, cx_ecfp_public_key_t const* const pubkey);
 
 size_t handle_apdu_error(uint8_t instruction, volatile uint32_t* flags);
diff --git a/src/apdu_pubkey.c b/src/apdu_pubkey.c
index a3232c89..80f7336a 100644
--- a/src/apdu_pubkey.c
+++ b/src/apdu_pubkey.c
@@ -42,11 +42,6 @@ size_t handle_apdu_get_public_key(uint8_t instruction, volatile uint32_t *flags)
         THROW(EXC_WRONG_PARAM);
     }
 
-    // do not expose pks without prompt through U2F (permissionless legacy comm in browser)
-    if (instruction == INS_GET_PUBLIC_KEY) {
-        require_permissioned_comm();
-    }
-
     global.path_with_curve.derivation_type = parse_derivation_type(G_io_apdu_buffer[OFFSET_CURVE]);
 
     size_t const cdata_size = G_io_apdu_buffer[OFFSET_LC];
diff --git a/src/exception.h b/src/exception.h
index 34497fc4..080e6a51 100644
--- a/src/exception.h
+++ b/src/exception.h
@@ -17,7 +17,6 @@
 #define EXC_REFERENCED_DATA_NOT_FOUND 0x6A88
 #define EXC_WRONG_VALUES              0x6A80
 #define EXC_SECURITY                  0x6982
-#define EXC_HID_REQUIRED              0x6983
 #define EXC_CLASS                     0x6E00
 #define EXC_MEMORY_ERROR              0x9200