-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use trussed-auth #125
Use trussed-auth #125
Conversation
480de43
to
7fe1555
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The changes look good to me. But as far as I see, init_pins
is only called if there is no valid state. Couldn’t this lead to problems when upgrading from an older version?
This make it possible for dependants to override the version
ffb21c2
to
93b0fc2
Compare
If try_syscall is Err, the PIN is not set for some reason, so it cannot be verified.
I added pin deletion to the factory reset. What do you see that would go wrong? |
I think the path I saw was: Suppose you initialized the state with an old opcard version and stored the PINs in the FS. Now you update to this version. There are no PINs in trussed-auth, but there is a valid state. Factory reset is only allowed if a) verified as admin or b) if the admin PIN is locked. a) is not possible without a PIN, and b) was not possible because the retries would default to 3 if the PIN is not set. This should be fixed now. |
Shouldn’t it reset the PINs to the defaults? |
On factory reset, the state and pins are deleted. On state load, if no state is present the pins are set to their default values. |
No description provided.