|
|
@ -57,6 +57,9 @@
|
|
|
|
// Norcow storage key of the storage upgrade flag.
|
|
|
|
// Norcow storage key of the storage upgrade flag.
|
|
|
|
#define STORAGE_UPGRADED_KEY ((APP_STORAGE << 8) | 0x07)
|
|
|
|
#define STORAGE_UPGRADED_KEY ((APP_STORAGE << 8) | 0x07)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// The PIN value corresponding to an invalid PIN.
|
|
|
|
|
|
|
|
#define PIN_INVALID 0
|
|
|
|
|
|
|
|
|
|
|
|
// The PIN value corresponding to an empty PIN.
|
|
|
|
// The PIN value corresponding to an empty PIN.
|
|
|
|
#define PIN_EMPTY 1
|
|
|
|
#define PIN_EMPTY 1
|
|
|
|
|
|
|
|
|
|
|
@ -943,7 +946,7 @@ static secbool decrypt_dek(const uint8_t *kek, const uint8_t *keiv) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static secbool unlock(uint32_t pin, const uint8_t *ext_salt) {
|
|
|
|
static secbool unlock(uint32_t pin, const uint8_t *ext_salt) {
|
|
|
|
if (sectrue != initialized) {
|
|
|
|
if (sectrue != initialized || pin == PIN_INVALID) {
|
|
|
|
return secfalse;
|
|
|
|
return secfalse;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -1317,7 +1320,8 @@ uint32_t storage_get_pin_rem(void) {
|
|
|
|
secbool storage_change_pin(uint32_t oldpin, uint32_t newpin,
|
|
|
|
secbool storage_change_pin(uint32_t oldpin, uint32_t newpin,
|
|
|
|
const uint8_t *old_ext_salt,
|
|
|
|
const uint8_t *old_ext_salt,
|
|
|
|
const uint8_t *new_ext_salt) {
|
|
|
|
const uint8_t *new_ext_salt) {
|
|
|
|
if (sectrue != initialized) {
|
|
|
|
if (sectrue != initialized || oldpin == PIN_INVALID ||
|
|
|
|
|
|
|
|
newpin == PIN_INVALID) {
|
|
|
|
return secfalse;
|
|
|
|
return secfalse;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -1345,7 +1349,8 @@ secbool storage_has_wipe_code(void) {
|
|
|
|
|
|
|
|
|
|
|
|
secbool storage_change_wipe_code(uint32_t pin, const uint8_t *ext_salt,
|
|
|
|
secbool storage_change_wipe_code(uint32_t pin, const uint8_t *ext_salt,
|
|
|
|
uint32_t wipe_code) {
|
|
|
|
uint32_t wipe_code) {
|
|
|
|
if (sectrue != initialized || (pin != PIN_EMPTY && pin == wipe_code)) {
|
|
|
|
if (sectrue != initialized || (pin != PIN_EMPTY && pin == wipe_code) ||
|
|
|
|
|
|
|
|
pin == PIN_INVALID || wipe_code == PIN_INVALID) {
|
|
|
|
memzero(&pin, sizeof(pin));
|
|
|
|
memzero(&pin, sizeof(pin));
|
|
|
|
memzero(&wipe_code, sizeof(wipe_code));
|
|
|
|
memzero(&wipe_code, sizeof(wipe_code));
|
|
|
|
return secfalse;
|
|
|
|
return secfalse;
|
|
|
|