Allow factory-resetting opcard from admin-app

Nitrokey · Nov 15, 2023 · d16dc8d · d16dc8d
1 parent 979ca38
commit d16dc8d
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 5 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -31,7 +31,7 @@ littlefs2 = { git = "https://github.com/trussed-dev/littlefs2", rev = "e6c46e7ba
 # unreleased crates
 secrets-app = { git = "https://github.com/Nitrokey/trussed-secrets-app", tag = "v0.13.0-rc2" }
 webcrypt = { git = "https://github.com/nitrokey/nitrokey-websmartcard-rust", tag = "v0.8.0-rc4"}
-opcard = { git = "https://github.com/Nitrokey/opcard-rs", tag = "v1.2.0" }
+opcard = { git = "https://github.com/Nitrokey/opcard-rs", rev = "b8ba8f5e70076533ce8c6d92b0666a0b24f5595e" }
 piv-authenticator = { git = "https://github.com/Nitrokey/piv-authenticator", tag = "v0.3.3" }
 se05x = { git = "https://github.com/Nitrokey/se05x.git", tag = "v0.1.0"} 
 trussed-auth = { git = "https://github.com/trussed-dev/trussed-auth", rev = "62235294bd63977bbb88eb01e7ac44b8010eb450" }

diff --git a/components/apps/src/lib.rs b/components/apps/src/lib.rs
@@ -56,8 +56,11 @@ impl admin_app::Config for Config {
         None
     }
 
-    fn can_reset(&self, _client: &str) -> Option<&'static ResetSignalAllocation> {
-        None
+    fn can_reset(&self, client: &str) -> Option<&'static ResetSignalAllocation> {
+        match client {
+            "opcard" => Some(&OPCARD_RESET_SIGNAL),
+            _ => None,
+        }
     }
 }
 
@@ -533,6 +536,8 @@ impl<R: Runner> App<R> for SecretsApp<R> {
     }
 }
 
+static OPCARD_RESET_SIGNAL: ResetSignalAllocation = ResetSignalAllocation::new();
+
 #[cfg(feature = "opcard")]
 impl<R: Runner> App<R> for OpcardApp<R> {
     const CLIENT_ID: &'static str = "opcard";
@@ -548,7 +553,9 @@ impl<R: Runner> App<R> for OpcardApp<R> {
         options.manufacturer = 0x000Fu16.to_be_bytes();
         options.serial = [uuid[0], uuid[1], uuid[2], uuid[3]];
         options.storage = trussed::types::Location::External;
-        Self::new(trussed, options)
+        let mut card = Self::new(trussed, options);
+        card.set_reset_signal(Some(&OPCARD_RESET_SIGNAL));
+        card
     }
     fn backends(runner: &R, _: &()) -> &'static [BackendId<Backend>] {
         const BACKENDS_OPCARD: &[BackendId<Backend>] = &[