feat(core): Add optiga_pin_wipe().

8 months ago · cde5a70c5c
parent 514c617f31
commit cde5a70c5c
3 changed files with 37 additions and 4 deletions
--- a/core/embed/trezorhal/optiga.h
+++ b/core/embed/trezorhal/optiga.h
@ -71,4 +71,6 @@ int __wur optiga_pin_get_fails(uint32_t *ctr);

 int __wur optiga_pin_fails_increase(uint32_t count);

+bool optiga_pin_wipe(void);
+
 #endif
--- a/core/embed/trezorhal/optiga/optiga.c
+++ b/core/embed/trezorhal/optiga/optiga.c
@ -510,14 +510,14 @@ int optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress,
                               sizeof(stretched_pin));
  memzero(stretched_pin, sizeof(stretched_pin));
  if (res != OPTIGA_SUCCESS) {
-    optiga_clear_auto_state(OID_PIN_SECRET);
+    (void)optiga_clear_auto_state(OID_PIN_SECRET);
    return res;
  }

  // Initialize the PIN counter.
  res = optiga_set_data_object(OID_PIN_COUNTER, false, COUNTER_RESET,
                               sizeof(COUNTER_RESET));
-  optiga_clear_auto_state(OID_PIN_SECRET);
+  (void)optiga_clear_auto_state(OID_PIN_SECRET);
  if (res != OPTIGA_SUCCESS) {
    return res;
  }
@ -588,7 +588,7 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress,
  size_t size = 0;
  res = optiga_get_data_object(OID_PIN_SECRET, false, out_secret,
                               OPTIGA_PIN_SECRET_SIZE, &size);
-  optiga_clear_auto_state(OID_STRETCHED_PIN);
+  (void)optiga_clear_auto_state(OID_STRETCHED_PIN);
  if (res != OPTIGA_SUCCESS) {
    return res;
  }
@ -609,7 +609,7 @@ int optiga_pin_verify(OPTIGA_UI_PROGRESS ui_progress,
  // Reset the PIN counter.
  res = optiga_set_data_object(OID_PIN_COUNTER, false, COUNTER_RESET,
                               sizeof(COUNTER_RESET));
-  optiga_clear_auto_state(OID_PIN_SECRET);
+  (void)optiga_clear_auto_state(OID_PIN_SECRET);
  if (res != OPTIGA_SUCCESS) {
    return res;
  }
@ -664,3 +664,32 @@ int optiga_pin_fails_increase(uint32_t count) {

  return optiga_count_data_object(OID_PIN_COUNTER, count);
 }
+
+bool optiga_pin_wipe(void) {
+  bool ret = true;
+
+  if (optiga_pin_init_stretch() != OPTIGA_SUCCESS) {
+    ret = false;
+  }
+
+  // Wipe the master secret / PIN counter reset key.
+  const uint8_t empty[] = {0};
+  if (optiga_set_data_object(OID_PIN_SECRET, false, empty, sizeof(empty)) !=
+      OPTIGA_SUCCESS) {
+    ret = false;
+  }
+
+  // Authorise using OID_PIN_SECRET so that we can wipe OID_STRETCHED_PIN.
+  if (optiga_set_auto_state(OPTIGA_OID_SESSION_CTX, OID_PIN_SECRET, empty,
+                            sizeof(empty)) != OPTIGA_SUCCESS) {
+    ret = false;
+  }
+
+  // Wipe the stretched PIN.
+  if (optiga_set_data_object(OID_STRETCHED_PIN, false, empty, sizeof(empty)) !=
+      OPTIGA_SUCCESS) {
+    ret = false;
+  }
+
+  return ret;
+}
--- a/core/embed/trezorhal/unix/optiga.c
+++ b/core/embed/trezorhal/unix/optiga.c
@ -176,3 +176,5 @@ int optiga_pin_get_fails(uint32_t *ctr) {
 }

 int optiga_pin_fails_increase(uint32_t count) { return OPTIGA_SUCCESS; }
+
+bool optiga_pin_wipe(void) { return true; }