From 704df76499f78d01623d79e3754c8fb0cb0af3c8 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Wed, 18 Feb 2026 00:38:52 +0100
Subject: [PATCH] DO is cleared when no data is provided.

Solves #50.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/openpgp/cmd_put_data.c | 53 +++++++++++++++++++++-----------------
 1 file changed, 29 insertions(+), 24 deletions(-)

diff --git a/src/openpgp/cmd_put_data.c b/src/openpgp/cmd_put_data.c
index 0168468..312a876 100644
--- a/src/openpgp/cmd_put_data.c
+++ b/src/openpgp/cmd_put_data.c
@@ -45,36 +45,41 @@ int cmd_put_data() {
     if (currentEF && currentEF->fid == fid) { // previously selected same EF
         ef = currentEF;
     }
-    if (apdu.nc > 0 && (ef->type & FILE_DATA_FLASH)) {
+    if (ef->type & FILE_DATA_FLASH) {
         int r = 0;
-        if (fid == EF_RC) {
-            has_rc = false;
-            if ((r = load_dek()) != PICOKEY_OK) {
-                return SW_EXEC_ERROR();
-            }
-            uint8_t dhash[33];
-            dhash[0] = apdu.nc;
-            double_hash_pin(apdu.data, apdu.nc, dhash + 1);
-            r = file_put_data(ef, dhash, sizeof(dhash));
+        if (apdu.nc > 0) {
+            if (fid == EF_RC) {
+                has_rc = false;
+                if ((r = load_dek()) != PICOKEY_OK) {
+                    return SW_EXEC_ERROR();
+                }
+                uint8_t dhash[33];
+                dhash[0] = apdu.nc;
+                double_hash_pin(apdu.data, apdu.nc, dhash + 1);
+                r = file_put_data(ef, dhash, sizeof(dhash));
 
-            file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
-            if (!tf) {
-                return SW_REFERENCE_NOT_FOUND();
+                file_t *tf = search_by_fid(EF_DEK, NULL, SPECIFY_EF);
+                if (!tf) {
+                    return SW_REFERENCE_NOT_FOUND();
+                }
+                uint8_t def[IV_SIZE + 32 + 32 + 32 + 32];
+                memcpy(def, file_get_data(tf), file_get_size(tf));
+                hash_multi(apdu.data, apdu.nc, session_rc);
+                memcpy(def + IV_SIZE + 32, dek + IV_SIZE, 32);
+                aes_encrypt_cfb_256(session_rc, def, def + IV_SIZE + 32, 32);
+                r = file_put_data(tf, def, sizeof(def));
             }
-            uint8_t def[IV_SIZE + 32 + 32 + 32 + 32];
-            memcpy(def, file_get_data(tf), file_get_size(tf));
-            hash_multi(apdu.data, apdu.nc, session_rc);
-            memcpy(def + IV_SIZE + 32, dek + IV_SIZE, 32);
-            aes_encrypt_cfb_256(session_rc, def, def + IV_SIZE + 32, 32);
-            r = file_put_data(tf, def, sizeof(def));
+            else {
+                r = file_put_data(ef, apdu.data, apdu.nc);
+            }
+            if (r != PICOKEY_OK) {
+                return SW_MEMORY_FAILURE();
+            }
+            low_flash_available();
         }
         else {
-            r = file_put_data(ef, apdu.data, apdu.nc);
+            delete_file(ef);
         }
-        if (r != PICOKEY_OK) {
-            return SW_MEMORY_FAILURE();
-        }
-        low_flash_available();
     }
     return SW_OK();
 }