reset nvdata in case of error or end of signing

app/src/apdu_handler.c

@@ -111,6 +111,7 @@ __Z_INLINE void handleSignTransaction(volatile uint32_t *flags, volatile uint32_
     CHECK_APP_CANARY()
 
     if (error_msg != NULL) {
+        transaction_reset();
         const int error_msg_length = strnlen(error_msg, sizeof(G_io_apdu_buffer));
         memcpy(G_io_apdu_buffer, error_msg, error_msg_length);
         *tx += (error_msg_length);
@@ -156,6 +157,7 @@ __Z_INLINE void handleSignMaspSpends(volatile uint32_t *flags, volatile uint32_t
     CHECK_APP_CANARY()
 
     if (error_msg != NULL) {
+        transaction_reset();
         const int error_msg_length = strnlen(error_msg, sizeof(G_io_apdu_buffer));
         memcpy(G_io_apdu_buffer, error_msg, error_msg_length);
         *tx += (error_msg_length);
@@ -202,6 +204,7 @@ __Z_INLINE void handleComputeMaspRand(__Z_UNUSED volatile uint32_t *flags, volat
     *tx = 0;
     zxerr_t zxerr = app_fill_randomness(type);
     if (zxerr != zxerr_ok) {
+        transaction_reset();
         *tx = 0;
         THROW(APDU_CODE_DATA_INVALID);
     }

app/src/common/actions.h

@@ -100,10 +100,12 @@ __Z_INLINE void app_sign() {
     const zxerr_t err = crypto_sign(txObj, G_io_apdu_buffer, sizeof(G_io_apdu_buffer) - 2);
 
     if (err != zxerr_ok) {
+        transaction_reset();
         MEMZERO(G_io_apdu_buffer, sizeof(G_io_apdu_buffer));
         set_code(G_io_apdu_buffer, 0, APDU_CODE_SIGN_VERIFY_ERROR);
         io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, 2);
     } else {
+        transaction_reset();
         const uint16_t responseLen = PK_LEN_25519_PLUS_TAG + 2 * SALT_LEN + 2 * SIG_LEN_25519_PLUS_TAG + 2 + 10;
         set_code(G_io_apdu_buffer, responseLen, APDU_CODE_OK);
         io_exchange(CHANNEL_APDU | IO_RETURN_AFTER_TX, responseLen + 2);