src/apps/management: fix change_pin behaviour

2024-11-26 01:18:28 +00:00 · 2018-02-26 23:02:44 +01:00 · 2018-02-26 23:02:44 +01:00 · 20f1644ef9
commit 20f1644ef9
parent b97e5b7a55
4 changed files with 37 additions and 7 deletions
--- a/embed/extmod/modtrezorconfig/modtrezorconfig.c
+++ b/embed/extmod/modtrezorconfig/modtrezorconfig.c
@ -41,6 +41,19 @@ STATIC mp_obj_t mod_trezorconfig_init(void) {
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_init_obj, mod_trezorconfig_init);

+/// def check_pin(pin: int, waitcallback: (int, int -> None)) -> bool:
+///     '''
+///     Check the given PIN. Returns True on success, False on failure.
+///     '''
+STATIC mp_obj_t mod_trezorconfig_check_pin(mp_obj_t pin, mp_obj_t waitcallback) {
+    uint32_t pin_i = mp_obj_get_int(pin);
+    if (sectrue != storage_check_pin(pin_i, waitcallback)) {
+        return mp_const_false;
+    }
+    return mp_const_true;
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_check_pin_obj, mod_trezorconfig_check_pin);
+
 /// def unlock(pin: int, waitcallback: (int, int -> None)) -> bool:
 ///     '''
 ///     Attempts to unlock the storage with given PIN.  Returns True on
@ -134,6 +147,7 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_wipe_obj, mod_trezorconfig_wip
 STATIC const mp_rom_map_elem_t mp_module_trezorconfig_globals_table[] = {
    { MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_trezorconfig) },
    { MP_ROM_QSTR(MP_QSTR_init), MP_ROM_PTR(&mod_trezorconfig_init_obj) },
+    { MP_ROM_QSTR(MP_QSTR_check_pin), MP_ROM_PTR(&mod_trezorconfig_check_pin_obj) },
    { MP_ROM_QSTR(MP_QSTR_unlock), MP_ROM_PTR(&mod_trezorconfig_unlock_obj) },
    { MP_ROM_QSTR(MP_QSTR_has_pin), MP_ROM_PTR(&mod_trezorconfig_has_pin_obj) },
    { MP_ROM_QSTR(MP_QSTR_change_pin), MP_ROM_PTR(&mod_trezorconfig_change_pin_obj) },
--- a/embed/extmod/modtrezorconfig/storage.c
+++ b/embed/extmod/modtrezorconfig/storage.c
@ -131,7 +131,7 @@ static secbool pin_get_fails(const uint32_t **pinfail, uint32_t *pofs)
    return sectrue;
 }

-static secbool pin_check(uint32_t pin, mp_obj_t callback)
+secbool storage_check_pin(uint32_t pin, mp_obj_t callback)
 {
    const uint32_t *pinfail = NULL;
    uint32_t ofs;
@ -185,7 +185,7 @@ static secbool pin_check(uint32_t pin, mp_obj_t callback)
 secbool storage_unlock(const uint32_t pin, mp_obj_t callback)
 {
    unlocked = secfalse;
-    if (sectrue == initialized && sectrue == pin_check(pin, callback)) {
+    if (sectrue == initialized && sectrue == storage_check_pin(pin, callback)) {
        unlocked = sectrue;
    }
    return unlocked;
@ -228,7 +228,7 @@ secbool storage_change_pin(const uint32_t pin, const uint32_t newpin, mp_obj_t c
    if (sectrue != initialized || sectrue != unlocked) {
        return secfalse;
    }
-    if (sectrue != pin_check(pin, callback)) {
+    if (sectrue != storage_check_pin(pin, callback)) {
        return secfalse;
    }
    return norcow_set(PIN_KEY, &newpin, sizeof(uint32_t));
--- a/embed/extmod/modtrezorconfig/storage.h
+++ b/embed/extmod/modtrezorconfig/storage.h
@ -24,9 +24,9 @@

 void storage_init(void);
 void storage_wipe(void);
+secbool storage_check_pin(uint32_t pin, mp_obj_t callback);
 secbool storage_unlock(const uint32_t pin, mp_obj_t callback);
 secbool storage_has_pin(void);
-uint32_t storage_pin_wait_time(void);
 secbool storage_change_pin(const uint32_t pin, const uint32_t newpin, mp_obj_t callback);
 secbool storage_get(uint16_t key, const void **val, uint16_t *len);
 secbool storage_set(uint16_t key, const void *val, uint16_t len);
--- a/src/apps/management/change_pin.py
+++ b/src/apps/management/change_pin.py
@ -1,5 +1,4 @@
-from trezor import ui
-from trezor import config
+from trezor import config, loop, ui
 from trezor.pin import pin_to_int, show_pin_timeout


@ -13,6 +12,21 @@ async def request_pin(ctx, *args, **kwargs):
    return await request_pin(*args, **kwargs)


+@ui.layout
+async def pin_mismatch():
+    from trezor.ui.text import Text
+
+    text = Text(
+        'PIN mismatch', ui.ICON_DEFAULT,
+        'Entered PINs do not',
+        'match each other.',
+        '',
+        'Please, try again...',
+    )
+    text.render()
+    await loop.sleep(3 * 1000 * 1000)
+
+
 async def request_pin_confirm(ctx, *args, **kwargs):
    from trezor.messages import PinMatrixRequestType

@ -23,7 +37,7 @@ async def request_pin_confirm(ctx, *args, **kwargs):
            ctx, code=PinMatrixRequestType.NewSecond, *args, **kwargs)
        if pin1 == pin2:
            return pin1
-        # TODO: display a message and wait
+        await pin_mismatch()


 def confirm_change_pin(ctx, msg):
@ -59,6 +73,8 @@ async def layout_change_pin(ctx, msg):
    await confirm_change_pin(ctx, msg)
    if config.has_pin():
        curr_pin = await request_pin(ctx, PinMatrixRequestType.Current)
+        if not config.check_pin(pin_to_int(curr_pin), show_pin_timeout):
+            return Failure(code=FailureType.PinInvalid, message='PIN invalid')
    else:
        curr_pin = ''
    if msg.remove: