From 43bcd3e452e5151e71ccba0aa15b360416663c29 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sosth=C3=A8ne=20Gu=C3=A9don?= <sosthene@nitrokey.com>
Date: Wed, 8 Nov 2023 11:52:00 +0100
Subject: [PATCH] Update apdu-dispatch

This allows rejecting calls to `select` over NFC over NFC
---
 Cargo.lock          | 24 +++++++++++++++++++++---
 Cargo.toml          |  6 +++---
 src/lib/ctap_app.rs |  5 +++++
 3 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c065180..54ff925 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -5,12 +5,17 @@ version = 3
 [[package]]
 name = "admin-app"
 version = "0.1.0"
-source = "git+https://github.com/Nitrokey/admin-app?tag=v0.1.0-nitrokey.3#15aec92ff3f30f2ad1ff157ac5077c7211a04c77"
+source = "git+https://github.com/Nitrokey/admin-app?rev=6c88a4bd58f2b6516c424b4dbf9581989ffa915e#6c88a4bd58f2b6516c424b4dbf9581989ffa915e"
 dependencies = [
  "apdu-dispatch",
+ "cbor-smol",
  "ctaphid-dispatch",
  "delog",
+ "hex-literal",
  "iso7816",
+ "littlefs2",
+ "serde",
+ "strum_macros",
  "trussed",
 ]
 
@@ -48,7 +53,7 @@ dependencies = [
 [[package]]
 name = "apdu-dispatch"
 version = "0.1.2"
-source = "git+https://github.com/Nitrokey/apdu-dispatch?tag=v0.1.2-nitrokey.1#b72d5eb9f4d7a3f107a78a2f0e41f3c403f4c7a4"
+source = "git+https://github.com/trussed-dev/apdu-dispatch.git?rev=915fc237103fcecc29d0f0b73391f19abf6576de#915fc237103fcecc29d0f0b73391f19abf6576de"
 dependencies = [
  "delog",
  "heapless",
@@ -550,7 +555,7 @@ dependencies = [
 [[package]]
 name = "fido-authenticator"
 version = "0.1.1"
-source = "git+https://github.com/Nitrokey/fido-authenticator.git?tag=v0.1.1-nitrokey.7#2f49017eec5a87bd2570593571b87a15a9890ed0"
+source = "git+https://github.com/Nitrokey/fido-authenticator.git?rev=bb6c07c12a8ea94db1dc897513cdf54f73a275e4#bb6c07c12a8ea94db1dc897513cdf54f73a275e4"
 dependencies = [
  "apdu-dispatch",
  "ctap-types",
@@ -1518,6 +1523,19 @@ version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
 
+[[package]]
+name = "strum_macros"
+version = "0.25.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23dc1fa9ac9c169a78ba62f0b841814b7abae11bdd047b9c58f893439e309ea0"
+dependencies = [
+ "heck",
+ "proc-macro2",
+ "quote",
+ "rustversion",
+ "syn 2.0.28",
+]
+
 [[package]]
 name = "subtle"
 version = "2.5.0"
diff --git a/Cargo.toml b/Cargo.toml
index fded9e1..72e56e8 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -91,15 +91,15 @@ ctaphid-dispatch = { git = "https://github.com/Nitrokey/ctaphid-dispatch", tag =
 #apdu-dispatch = { git = "https://github.com/Nitrokey/apdu-dispatch.git", branch="sz-multiple-apps" }
 
 # forked
-admin-app = { git = "https://github.com/Nitrokey/admin-app", tag = "v0.1.0-nitrokey.3" }
+admin-app = { git = "https://github.com/Nitrokey/admin-app", rev = "6c88a4bd58f2b6516c424b4dbf9581989ffa915e" }
 ctap-types = { git = "https://github.com/nitrokey/ctap-types.git", tag = "v0.1.2-nitrokey.4" }
-fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git", tag = "v0.1.1-nitrokey.7" }
+fido-authenticator = { git = "https://github.com/Nitrokey/fido-authenticator.git", rev = "bb6c07c12a8ea94db1dc897513cdf54f73a275e4" }
 trussed = { git = "https://github.com/Nitrokey/trussed", tag = "v0.1.0-nitrokey.12" }
 serde-indexed = { git = "https://github.com/sosthene-nitrokey/serde-indexed.git", rev = "5005d23cb4ee8622e62188ea0f9466146f851f0d" }
 
 # unreleased upstream changes
 usbd-ctaphid = { git = "https://github.com/Nitrokey/usbd-ctaphid", tag = "v0.1.0-nitrokey.1" }
-apdu-dispatch = { git = "https://github.com/Nitrokey/apdu-dispatch", tag = "v0.1.2-nitrokey.1" }
+apdu-dispatch = { git = "https://github.com/trussed-dev/apdu-dispatch.git", rev = "915fc237103fcecc29d0f0b73391f19abf6576de" }
 
 # unreleased crates
 trussed-auth = { git = "https://github.com/Nitrokey/trussed-auth", tag = "v0.2.2-nitrokey.1" }
diff --git a/src/lib/ctap_app.rs b/src/lib/ctap_app.rs
index 4a12436..65e93b0 100644
--- a/src/lib/ctap_app.rs
+++ b/src/lib/ctap_app.rs
@@ -304,9 +304,14 @@ where
 {
     fn select(
         &mut self,
+        interface: Interface,
         _apdu: &apdu::Command<{ SIZE }>,
         reply: &mut apdu::Data<{ apdu_dispatch::response::SIZE }>,
     ) -> apdu::Result {
+        if interface != Interface::Contactless {
+            return Err(Status::ConditionsOfUseNotSatisfied);
+        }
+
         reply.extend_from_slice(b"U2F_V2").unwrap();
         Ok(())
     }