From fdc1186280cb1da44dbf36367814809c3beb4577 Mon Sep 17 00:00:00 2001
From: Toporin <satochip.wallet@gmail.com>
Date: Wed, 6 Sep 2023 21:08:27 +0100
Subject: [PATCH] Satochip: add check pin size

---
 .../sparrow/io/satochip/SatochipCommandSet.java              | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/com/sparrowwallet/sparrow/io/satochip/SatochipCommandSet.java b/src/main/java/com/sparrowwallet/sparrow/io/satochip/SatochipCommandSet.java
index 3c10a2d9..2f580f70 100644
--- a/src/main/java/com/sparrowwallet/sparrow/io/satochip/SatochipCommandSet.java
+++ b/src/main/java/com/sparrowwallet/sparrow/io/satochip/SatochipCommandSet.java
@@ -129,6 +129,7 @@ public class SatochipCommandSet {
                     log.error("SATOCHIP: SatochipCommandSet cardTransmit() sw12==0x9C06: PIN required!");
                     //TODO: throw?
                     //TODO: verify PIN?
+                    throw new RuntimeException("PIN required!");
                 }
                 // SecureChannel is not initialized
                 else if (sw12==0x9C21){
@@ -297,7 +298,11 @@ public class SatochipCommandSet {
             }
             pin = this.pinCached;
         }
+
         byte[] pinBytes = pin.getBytes(StandardCharsets.UTF_8);
+        if (pinBytes.length > 16){
+            throw new RuntimeException("PIN should be maximum 16 characters!");
+        }
 
         APDUCommand capdu = new APDUCommand(0xB0, INS_VERIFY_PIN, (byte)pinNbr, 0x00, pinBytes);
         log.trace("SATOCHIP SatochipCommandSet cardVerifyPIN() capdu:"+ capdu.toHexString());