storage: make FLAG_PUBLIC and FLAGS_WRITE part of public API

5 years ago · 1caae698ca
parent 51d7a5feaa
commit 1caae698ca
5 changed files with 40 additions and 43 deletions
--- a/core/embed/extmod/modtrezorconfig/modtrezorconfig.c
+++ b/core/embed/extmod/modtrezorconfig/modtrezorconfig.c
@ -183,7 +183,7 @@ STATIC mp_obj_t mod_trezorconfig_get(size_t n_args, const mp_obj_t *args) {
  uint8_t app = trezor_obj_get_uint8(args[0]) & 0x3F;
  uint8_t key = trezor_obj_get_uint8(args[1]);
  if (n_args > 2 && args[2] == mp_const_true) {
-    app |= 0x80;
+    app |= FLAG_PUBLIC;
  }
  uint16_t appkey = (app << 8) | key;
  uint16_t len = 0;
@ -212,7 +212,7 @@ STATIC mp_obj_t mod_trezorconfig_set(size_t n_args, const mp_obj_t *args) {
  uint8_t app = trezor_obj_get_uint8(args[0]) & 0x3F;
  uint8_t key = trezor_obj_get_uint8(args[1]);
  if (n_args > 3 && args[3] == mp_const_true) {
-    app |= 0x80;
+    app |= FLAG_PUBLIC;
  }
  uint16_t appkey = (app << 8) | key;
  mp_buffer_info_t value;
@ -233,7 +233,7 @@ STATIC mp_obj_t mod_trezorconfig_delete(size_t n_args, const mp_obj_t *args) {
  uint8_t app = trezor_obj_get_uint8(args[0]) & 0x3F;
  uint8_t key = trezor_obj_get_uint8(args[1]);
  if (n_args > 2 && args[2] == mp_const_true) {
-    app |= 0x80;
+    app |= FLAG_PUBLIC;
  }
  uint16_t appkey = (app << 8) | key;
  if (sectrue != storage_delete(appkey)) {
@ -255,9 +255,9 @@ STATIC mp_obj_t mod_trezorconfig_set_counter(size_t n_args,
  uint8_t app = trezor_obj_get_uint8(args[0]) & 0x3F;
  uint8_t key = trezor_obj_get_uint8(args[1]);
  if (n_args > 3 && args[3] == mp_const_true) {
-    app |= 0xC0;
+    app |= FLAGS_WRITE;
  } else {
-    app |= 0x80;
+    app |= FLAG_PUBLIC;
  }
  uint16_t appkey = (app << 8) | key;
  if (args[2] == mp_const_none) {
@ -287,9 +287,9 @@ STATIC mp_obj_t mod_trezorconfig_next_counter(size_t n_args,
  uint8_t app = trezor_obj_get_uint8(args[0]) & 0x3F;
  uint8_t key = trezor_obj_get_uint8(args[1]);
  if (n_args > 2 && args[2] == mp_const_true) {
-    app |= 0xC0;
+    app |= FLAGS_WRITE;
  } else {
-    app |= 0x80;
+    app |= FLAG_PUBLIC;
  }
  uint16_t appkey = (app << 8) | key;
  uint32_t count = 0;
--- a/legacy/firmware/config.c
+++ b/legacy/firmware/config.c
@ -56,28 +56,28 @@ static const uint32_t META_MAGIC_V10 = 0x525a5254;  // 'TRZR' as uint32_t
 static const uint32_t META_MAGIC_V10 = 0xFFFFFFFF;
 #endif

-#define APP 0x0100
-#define FLAG_PUBLIC 0x8000
-#define FLAGS_WRITE 0xC000
-
-#define KEY_UUID (0 | APP | FLAG_PUBLIC)                   // bytes(12)
-#define KEY_VERSION (1 | APP)                              // uint32
-#define KEY_MNEMONIC (2 | APP)                             // string(241)
-#define KEY_LANGUAGE (3 | APP | FLAG_PUBLIC)               // string(17)
-#define KEY_LABEL (4 | APP | FLAG_PUBLIC)                  // string(33)
-#define KEY_PASSPHRASE_PROTECTION (5 | APP | FLAG_PUBLIC)  // bool
-#define KEY_HOMESCREEN (6 | APP | FLAG_PUBLIC)             // bytes(1024)
-#define KEY_NEEDS_BACKUP (7 | APP)                         // bool
-#define KEY_FLAGS (8 | APP)                                // uint32
-#define KEY_U2F_COUNTER (9 | APP | FLAGS_WRITE)            // uint32
-#define KEY_UNFINISHED_BACKUP (11 | APP)                   // bool
-#define KEY_AUTO_LOCK_DELAY_MS (12 | APP)                  // uint32
-#define KEY_NO_BACKUP (13 | APP)                           // bool
-#define KEY_INITIALIZED (14 | APP | FLAG_PUBLIC)           // uint32
-#define KEY_NODE (15 | APP)                                // node
-#define KEY_IMPORTED (16 | APP)                            // bool
-#define KEY_U2F_ROOT (17 | APP | FLAG_PUBLIC)              // node
-#define KEY_DEBUG_LINK_PIN (255 | APP | FLAG_PUBLIC)       // string(10)
+#define APP (0x01 << 8)
+#define FLAG_PUBLIC_SHIFTED (FLAG_PUBLIC << 8)
+#define FLAGS_WRITE_SHIFTED (FLAGS_WRITE << 8)
+
+#define KEY_UUID (0 | APP | FLAG_PUBLIC_SHIFTED)      // bytes(12)
+#define KEY_VERSION (1 | APP)                         // uint32
+#define KEY_MNEMONIC (2 | APP)                        // string(241)
+#define KEY_LANGUAGE (3 | APP | FLAG_PUBLIC_SHIFTED)  // string(17)
+#define KEY_LABEL (4 | APP | FLAG_PUBLIC_SHIFTED)     // string(33)
+#define KEY_PASSPHRASE_PROTECTION (5 | APP | FLAG_PUBLIC_SHIFTED)  // bool
+#define KEY_HOMESCREEN (6 | APP | FLAG_PUBLIC_SHIFTED)        // bytes(1024)
+#define KEY_NEEDS_BACKUP (7 | APP)                            // bool
+#define KEY_FLAGS (8 | APP)                                   // uint32
+#define KEY_U2F_COUNTER (9 | APP | FLAGS_WRITE_SHIFTED)       // uint32
+#define KEY_UNFINISHED_BACKUP (11 | APP)                      // bool
+#define KEY_AUTO_LOCK_DELAY_MS (12 | APP)                     // uint32
+#define KEY_NO_BACKUP (13 | APP)                              // bool
+#define KEY_INITIALIZED (14 | APP | FLAG_PUBLIC_SHIFTED)      // uint32
+#define KEY_NODE (15 | APP)                                   // node
+#define KEY_IMPORTED (16 | APP)                               // bool
+#define KEY_U2F_ROOT (17 | APP | FLAG_PUBLIC_SHIFTED)         // node
+#define KEY_DEBUG_LINK_PIN (255 | APP | FLAG_PUBLIC_SHIFTED)  // string(10)

 // The PIN value corresponding to an empty PIN.
 static const uint32_t PIN_EMPTY = 1;
--- a/storage/storage.c
+++ b/storage/storage.c
@ -64,13 +64,6 @@
 // The number of seconds required to derive the KEK and KEIV.
 #define DERIVE_SECS 1

-// If the top bit of APP is set, then the value is not encrypted.
-#define FLAG_PUBLIC 0x80
-
-// If the top two bits of APP are set, then the value is not encrypted and it
-// can be written even when the storage is locked.
-#define FLAGS_WRITE 0xC0
-
 // The length of the guard key in words.
 #define GUARD_KEY_WORDS 1

@ -967,7 +960,6 @@ secbool storage_get(const uint16_t key, void *val_dest, const uint16_t max_len,

  // If the top bit of APP is set, then the value is not encrypted and can be
  // read from a locked device.
-  secbool ret = secfalse;
  if ((app & FLAG_PUBLIC) != 0) {
    const void *val_stored = NULL;
    if (sectrue != norcow_get(key, &val_stored, len)) {
@ -980,15 +972,13 @@ secbool storage_get(const uint16_t key, void *val_dest, const uint16_t max_len,
      return secfalse;
    }
    memcpy(val_dest, val_stored, *len);
-    ret = sectrue;
+    return sectrue;
  } else {
    if (sectrue != unlocked) {
      return secfalse;
    }
-    ret = storage_get_encrypted(key, val_dest, max_len, len);
+    return storage_get_encrypted(key, val_dest, max_len, len);
  }
-
-  return ret;
 }

 /*
--- a/storage/storage.h
+++ b/storage/storage.h
@ -27,6 +27,13 @@
 // The length of the external salt in bytes.
 #define EXTERNAL_SALT_SIZE 32

+// If the top bit of APP is set, then the value is not encrypted.
+#define FLAG_PUBLIC 0x80
+
+// If the top two bits of APP are set, then the value is not encrypted and it
+// can be written even when the storage is locked.
+#define FLAGS_WRITE 0xC0
+
 typedef secbool (*PIN_UI_WAIT_CALLBACK)(uint32_t wait, uint32_t progress,
                                        const char *message);

--- a/storage/tests/python/src/consts.py
+++ b/storage/tests/python/src/consts.py
@ -80,7 +80,7 @@ FLAG_PUBLIC = 0x80

 # If the top two bits of APP are set, then the value is not encrypted and it
 # can be written even when the storage is locked.
-FLAG_WRITE = 0xC0
+FLAGS_WRITE = 0xC0

 # Length of word in bytes.
 WORD_SIZE = 4
@ -147,6 +147,6 @@ def is_app_private(app: int):


 def is_app_lock_writable(app: int):
-    if app & FLAG_WRITE == FLAG_WRITE:
+    if app & FLAGS_WRITE == FLAGS_WRITE:
        return True
    return False