trezor-firmware/core/src/apps/common/cache.py

from trezor.crypto import hashlib, hmac, random

from apps.common import storage

_cached_seed = None
_cached_passphrase = None


def get_state(prev_state: bytes = None, passphrase: str = None) -> bytes:
    if prev_state is None:
        salt = random.bytes(32)  # generate a random salt if no state provided
    else:
        salt = prev_state[:32]  # use salt from provided state
        if len(salt) != 32:
            return None  # invalid state
    if passphrase is None:
        if _cached_passphrase is None:
            return None  # we don't have any passphrase to compute the state
        else:
            passphrase = _cached_passphrase  # use cached passphrase
    return _compute_state(salt, passphrase)


def _compute_state(salt: bytes, passphrase: str) -> bytes:
    # state = HMAC(passphrase, salt || device_id)
    message = salt + storage.get_device_id().encode()
    state = hmac.new(passphrase.encode(), message, hashlib.sha256).digest()
    return salt + state


def get_seed():
    return _cached_seed


def get_passphrase():
    return _cached_passphrase


def has_passphrase():
    return _cached_passphrase is not None


def set_seed(seed):
    global _cached_seed
    _cached_seed = seed


def set_passphrase(passphrase):
    global _cached_passphrase
    _cached_passphrase = passphrase


def clear(skip_passphrase: bool = False):
    set_seed(None)
    if skip_passphrase:
        set_passphrase("")
    else:
        set_passphrase(None)
src/apps: cleanup workflow modules 2018-02-27 15:35:21 +00:00			`from trezor.crypto import hashlib, hmac, random`
src: run isort 2018-07-03 14:20:26 +00:00
src/apps: cleanup workflow modules 2018-02-27 15:35:21 +00:00			`from apps.common import storage`
apps.common: implement finish device state handling 2018-02-24 17:58:02 +00:00
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`_cached_seed = None`
			`_cached_passphrase = None`
apps.common: implement finish device state handling 2018-02-24 17:58:02 +00:00

apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`def get_state(prev_state: bytes = None, passphrase: str = None) -> bytes:`
			`if prev_state is None:`
src/apps/common: rework PassphraseState behaviour 2018-02-28 23:07:45 +00:00			`salt = random.bytes(32) # generate a random salt if no state provided`
apps.common: implement finish device state handling 2018-02-24 17:58:02 +00:00			`else:`
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`salt = prev_state[:32] # use salt from provided state`
			`if len(salt) != 32:`
			`return None # invalid state`
apps.common: implement finish device state handling 2018-02-24 17:58:02 +00:00			`if passphrase is None:`
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`if _cached_passphrase is None:`
			`return None # we don't have any passphrase to compute the state`
			`else:`
			`passphrase = _cached_passphrase # use cached passphrase`
			`return _compute_state(salt, passphrase)`
src/apps/common: rework PassphraseState behaviour 2018-02-28 23:07:45 +00:00
apps.common: introduce cache module instead of caching in global variables 2017-05-08 20:31:21 +00:00
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`def _compute_state(salt: bytes, passphrase: str) -> bytes:`
			`# state = HMAC(passphrase, salt \|\| device_id)`
			`message = salt + storage.get_device_id().encode()`
			`state = hmac.new(passphrase.encode(), message, hashlib.sha256).digest()`
src/apps/common: rework PassphraseState behaviour 2018-02-28 23:07:45 +00:00			`return salt + state`
src/apps/common: rewrite cache to use getters/setters 2018-02-09 17:59:26 +00:00

			`def get_seed():`
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`return _cached_seed`
src/apps/common: rewrite cache to use getters/setters 2018-02-09 17:59:26 +00:00

apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`def get_passphrase():`
			`return _cached_passphrase`
src/apps/homescreen: implement {Initialize,Features}.state field, implement ClearSession handling 2018-02-09 17:07:47 +00:00

src/apps/homescreen: add missing fields to Features 2018-02-27 19:48:01 +00:00			`def has_passphrase():`
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`return _cached_passphrase is not None`

src/apps/homescreen: add missing fields to Features 2018-02-27 19:48:01 +00:00
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`def set_seed(seed):`
			`global _cached_seed`
			`_cached_seed = seed`
src/apps/homescreen: add missing fields to Features 2018-02-27 19:48:01 +00:00
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00
			`def set_passphrase(passphrase):`
			`global _cached_passphrase`
			`_cached_passphrase = passphrase`


			`def clear(skip_passphrase: bool = False):`
			`set_seed(None)`
			`if skip_passphrase:`
src: run black 2018-07-03 14:20:58 +00:00			`set_passphrase("")`
apps/homescreen: handle Initialize.skip_passphrase TODO: tests 2018-05-28 13:20:31 +00:00			`else:`
			`set_passphrase(None)`