diff --git a/core/embed/trezorhal/optiga/optiga.c b/core/embed/trezorhal/optiga/optiga.c index 96b9c6efff..4418c5df57 100644 --- a/core/embed/trezorhal/optiga/optiga.c +++ b/core/embed/trezorhal/optiga/optiga.c @@ -62,6 +62,10 @@ // Value of the PIN counter when it is reset. static const uint8_t COUNTER_RESET[] = {0, 0, 0, 0, 0, 0, 0, PIN_MAX_TRIES}; +// Value of the PIN counter with one extra attempt needed in optiga_pin_set(). +static const uint8_t COUNTER_RESET_EXTRA[] = {0, 0, 0, 0, + 0, 0, 0, PIN_MAX_TRIES + 1}; + // Initial value of the counter which limits the total number of PIN stretching // operations. The limit is 600000 stretching operations, which equates to // 300000 / PIN_STRETCH_ITERATIONS unlock operations over the lifetime of the @@ -578,10 +582,10 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, goto end; } - // Initialize the counter which limits the guesses at OID_STRETCHED_PIN so - // that we can authorise using OID_STRETCHED_PIN. - if (optiga_set_data_object(OID_STRETCHED_PIN_CTR, false, COUNTER_RESET, - sizeof(COUNTER_RESET)) != OPTIGA_SUCCESS) { + // Initialize the counter which limits the guesses at OID_STRETCHED_PIN with + // one extra attempt that we will use up in the next step. + if (optiga_set_data_object(OID_STRETCHED_PIN_CTR, false, COUNTER_RESET_EXTRA, + sizeof(COUNTER_RESET_EXTRA)) != OPTIGA_SUCCESS) { ret = false; goto end; } @@ -603,14 +607,6 @@ bool optiga_pin_set(OPTIGA_UI_PROGRESS ui_progress, goto end; } - // Initialize the counter which limits the guesses at OID_STRETCHED_PIN again, - // since we just depleted one attempt. - if (optiga_set_data_object(OID_STRETCHED_PIN_CTR, false, COUNTER_RESET, - sizeof(COUNTER_RESET)) != OPTIGA_SUCCESS) { - ret = false; - goto end; - } - // Initialize the PIN counter which limits the use of OID_PIN_HMAC. if (optiga_set_data_object(OID_PIN_HMAC_CTR, false, COUNTER_RESET, sizeof(COUNTER_RESET)) != OPTIGA_SUCCESS) {