Allow factory-resetting opcard from admin-app

Cargo.toml

@@ -12,7 +12,7 @@ version = "1.6.0-rc.1"
 
 [patch.crates-io]
 # forked
-admin-app = { git = "https://github.com/Nitrokey/admin-app.git", rev = "1adbce18ca884d35a3a4b80a7c5dd8fca9e4bae0" }
+admin-app = { git = "https://github.com/Nitrokey/admin-app.git", rev = "410899311ae7b194360366ff477f74d4d278e056" }
 ctap-types = { git = "https://github.com/Nitrokey/ctap-types", tag = "v0.1.2-nitrokey.4" }
 fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git", tag = "v0.1.1-nitrokey.8" }
 flexiber = { git = "https://github.com/Nitrokey/flexiber", tag = "0.1.1.nitrokey" }
@@ -31,7 +31,7 @@ littlefs2 = { git = "https://github.com/trussed-dev/littlefs2", rev = "e6c46e7ba
 # unreleased crates
 secrets-app = { git = "https://github.com/Nitrokey/trussed-secrets-app", tag = "v0.13.0-rc2" }
 webcrypt = { git = "https://github.com/nitrokey/nitrokey-websmartcard-rust", tag = "v0.8.0-rc4"}
-opcard = { git = "https://github.com/Nitrokey/opcard-rs", tag = "v1.2.0" }
+opcard = { git = "https://github.com/Nitrokey/opcard-rs", rev = "6dfe4c1112443e337591f59c0b74ece79a2e2c30" }
 piv-authenticator = { git = "https://github.com/Nitrokey/piv-authenticator", tag = "v0.3.3" }
 se05x = { git = "https://github.com/Nitrokey/se05x.git", tag = "v0.1.0"} 
 trussed-auth = { git = "https://github.com/trussed-dev/trussed-auth", rev = "62235294bd63977bbb88eb01e7ac44b8010eb450" }

components/apps/Cargo.toml

@@ -25,7 +25,7 @@ fido-authenticator = { version = "0.1.1", features = ["dispatch"], optional = tr
 ndef-app = { path = "../ndef-app", optional = true }
 webcrypt = { version = "0.8.0", optional = true }
 secrets-app = { version = "0.13.0", features = ["apdu-dispatch", "ctaphid"], optional = true }
-opcard = { version = "1.1.1", features = ["apdu-dispatch", "delog", "rsa2048-gen", "rsa4096"], optional = true }
+opcard = { version = "1.1.1", features = ["apdu-dispatch", "delog", "rsa2048-gen", "rsa4096", "admin-app"], optional = true }
 piv-authenticator = { version = "0.3.1", features = ["apdu-dispatch", "delog"], optional = true }
 provisioner-app = { path = "../provisioner-app", optional = true }
 se05x = { version = "0.0.1", optional = true}

components/apps/src/dispatch.rs

@@ -47,7 +47,7 @@ pub struct Dispatch<T = (), D = ()> {
     auth: AuthBackend,
     staging: StagingBackend,
     #[cfg(feature = "se050")]
-    se050: Option<trussed_se050_backend::Se050Backend<T, D>>,
+    se050: Option<Se050Backend<T, D>>,
     #[cfg(not(feature = "se050"))]
     __: PhantomData<(T, D)>,
 }

components/apps/src/lib.rs

@@ -12,6 +12,7 @@ use core::marker::PhantomData;
 use ctaphid_dispatch::app::App as CtaphidApp;
 #[cfg(feature = "se050")]
 use embedded_hal::blocking::delay::DelayUs;
+use littlefs2::path;
 use serde::{Deserialize, Serialize};
 use trussed::{
     backend::BackendId, client::ClientBuilder, interrupt::InterruptFlag, platform::Syscall,
@@ -48,16 +49,14 @@ impl admin_app::Config for Config {
         }
     }
 
-    fn reset_client_id(&self, _key: &str) -> Option<&'static Path> {
-        None
-    }
-
-    fn reset_signal(&self, _key: &str) -> Option<&'static ResetSignalAllocation> {
-        None
-    }
-
-    fn can_reset(&self, _client: &str) -> Option<&'static ResetSignalAllocation> {
-        None
+    fn reset_client_id(
+        &self,
+        key: &str,
+    ) -> Option<(&'static Path, &'static ResetSignalAllocation)> {
+        match key {
+            "opcard" => Some((path!("opcard"), &OPCARD_RESET_SIGNAL)),
+            _ => None,
+        }
     }
 }
 
@@ -533,6 +532,8 @@ impl<R: Runner> App<R> for SecretsApp<R> {
     }
 }
 
+static OPCARD_RESET_SIGNAL: ResetSignalAllocation = ResetSignalAllocation::new();
+
 #[cfg(feature = "opcard")]
 impl<R: Runner> App<R> for OpcardApp<R> {
     const CLIENT_ID: &'static str = "opcard";
@@ -548,6 +549,7 @@ impl<R: Runner> App<R> for OpcardApp<R> {
         options.manufacturer = 0x000Fu16.to_be_bytes();
         options.serial = [uuid[0], uuid[1], uuid[2], uuid[3]];
         options.storage = trussed::types::Location::External;
+        options.reset_signal = Some(&OPCARD_RESET_SIGNAL);
         Self::new(trussed, options)
     }
     fn backends(runner: &R, _: &()) -> &'static [BackendId<Backend>] {