Enure that all pins are properly deleted with factory-reset

Nitrokey · May 27, 2024 · 4dbbf01 · 4dbbf01
1 parent 6e2a20e
commit 4dbbf01
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/src/core_api.rs b/src/core_api.rs
@@ -85,7 +85,7 @@ struct WrappedKeyData {
 }
 
 bitflags! {
-    pub struct ItemsToDelete: u8 {
+    pub(crate) struct ItemsToDelete: u8 {
         const KEYS = 0b00000001;
         const PINS = 0b00000010;
     }

diff --git a/src/trussed_auth_impl.rs b/src/trussed_auth_impl.rs
@@ -436,9 +436,16 @@ impl<Twi: I2CForT1, D: DelayUs<u32>> ExtensionImpl<trussed_auth::AuthExtension>
                 Ok(reply::DeletePin {}.into())
             }
             AuthRequest::DeleteAllPins(request::DeleteAllPins) => {
+                use crate::core_api::ItemsToDelete;
                 let fs = &mut fs(resources, core_ctx);
+                // Satisfy the borrow checker
+                // The `once` trick makes it loose the information that drop is a noop :/
+                drop(global_fs);
 
                 delete_all_pins(fs, self.metadata_location, &mut self.se)?;
+
+                // Ensure that any remaining PIN for the application is also deleted
+                self.delete_all_items(ItemsToDelete::PINS, &[], ns)?;
                 Ok(reply::DeleteAllPins.into())
             }
             AuthRequest::PinRetries(request) => {