Closed sosthene-nitrokey closed 1 year ago
I think the path I saw was: Suppose you initialized the state with an old opcard version and stored the PINs in the FS. Now you update to this version. There are no PINs in trussed-auth, but there is a valid state. Factory reset is only allowed if a) verified as admin or b) if the admin PIN is locked. a) is not possible without a PIN, and b) was not possible because the retries would default to 3 if the PIN is not set. This should be fixed now.
I added pin deletion to the factory reset.
Shouldn’t it reset the PINs to the defaults?
On factory reset, the state and pins are deleted.
On state load, if no state is present the pins are set to their default values.
I added pin deletion to the factory reset. What do you see that would go wrong?