From af5cdc1818ab5156259df504d2257abebf4fc748 Mon Sep 17 00:00:00 2001 From: sra Date: Mon, 31 Jul 2023 16:13:27 +0200 Subject: [PATCH 1/2] Enable os_perso_is_pin_set for non-privileged applications --- include/os_pin.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/os_pin.h b/include/os_pin.h index aa78862d9..067823101 100644 --- a/include/os_pin.h +++ b/include/os_pin.h @@ -34,7 +34,7 @@ SYSCALL PERMISSION(APPLICATION_FLAG_GLOBAL_PIN) unsigned int os_global_pin_retri * @return BOLOS_TRUE if the CRC of N_secure_element_nvram_user_sensitive_data * is correct and if a PIN value has been written */ -SYSCALL PERMISSION(APPLICATION_FLAG_BOLOS_UX) +SYSCALL bolos_bool_t os_perso_is_pin_set(void); From 767f8c5d41e6643be5c5663a34df3b21811b2af2 Mon Sep 17 00:00:00 2001 From: sra Date: Tue, 1 Aug 2023 10:40:06 +0200 Subject: [PATCH 2/2] Use os_perso_is_pin_set even if an application is running --- src/os_io_seproxyhal.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/os_io_seproxyhal.c b/src/os_io_seproxyhal.c index 5e29c41b0..11b9ab07a 100644 --- a/src/os_io_seproxyhal.c +++ b/src/os_io_seproxyhal.c @@ -1414,13 +1414,8 @@ unsigned short io_exchange(unsigned char channel, unsigned short tx_len) { // An apdu has been received asynchronously. if (G_io_app.apdu_state != APDU_IDLE && G_io_app.apdu_length > 0) { -#ifdef HAVE_BOLOS - // for Bolos UX, answer SWO_SEC_PIN_15 as soon as PIN has been set and PIN is not validated + // for Bolos UX and apps, answer SWO_SEC_PIN_15 as soon as PIN has been set and PIN is not validated if (os_perso_is_pin_set() == BOLOS_TRUE && os_global_pin_is_validated() != BOLOS_TRUE) { -#else // ! HAVE_BOLOS - // for Apps, answer SWO_SEC_PIN_15 as soon as device is onboarded and PIN is not validated - if (os_perso_isonboarded() == BOLOS_TRUE && os_global_pin_is_validated() != BOLOS_TRUE) { -#endif // ! HAVE_BOLOS tx_len = 0; G_io_apdu_buffer[(tx_len)++] = (SWO_SEC_PIN_15 >> 8) & 0xFF; G_io_apdu_buffer[(tx_len)++] = (SWO_SEC_PIN_15) & 0xFF;