1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-01 20:08:26 +00:00

src/apps/management: fix change_pin behaviour

This commit is contained in:
Pavol Rusnak 2018-02-26 23:02:44 +01:00
parent b97e5b7a55
commit 20f1644ef9
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
4 changed files with 37 additions and 7 deletions

View File

@ -41,6 +41,19 @@ STATIC mp_obj_t mod_trezorconfig_init(void) {
} }
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_init_obj, mod_trezorconfig_init); STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_init_obj, mod_trezorconfig_init);
/// def check_pin(pin: int, waitcallback: (int, int -> None)) -> bool:
/// '''
/// Check the given PIN. Returns True on success, False on failure.
/// '''
STATIC mp_obj_t mod_trezorconfig_check_pin(mp_obj_t pin, mp_obj_t waitcallback) {
uint32_t pin_i = mp_obj_get_int(pin);
if (sectrue != storage_check_pin(pin_i, waitcallback)) {
return mp_const_false;
}
return mp_const_true;
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_check_pin_obj, mod_trezorconfig_check_pin);
/// def unlock(pin: int, waitcallback: (int, int -> None)) -> bool: /// def unlock(pin: int, waitcallback: (int, int -> None)) -> bool:
/// ''' /// '''
/// Attempts to unlock the storage with given PIN. Returns True on /// Attempts to unlock the storage with given PIN. Returns True on
@ -134,6 +147,7 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_wipe_obj, mod_trezorconfig_wip
STATIC const mp_rom_map_elem_t mp_module_trezorconfig_globals_table[] = { STATIC const mp_rom_map_elem_t mp_module_trezorconfig_globals_table[] = {
{ MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_trezorconfig) }, { MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_trezorconfig) },
{ MP_ROM_QSTR(MP_QSTR_init), MP_ROM_PTR(&mod_trezorconfig_init_obj) }, { MP_ROM_QSTR(MP_QSTR_init), MP_ROM_PTR(&mod_trezorconfig_init_obj) },
{ MP_ROM_QSTR(MP_QSTR_check_pin), MP_ROM_PTR(&mod_trezorconfig_check_pin_obj) },
{ MP_ROM_QSTR(MP_QSTR_unlock), MP_ROM_PTR(&mod_trezorconfig_unlock_obj) }, { MP_ROM_QSTR(MP_QSTR_unlock), MP_ROM_PTR(&mod_trezorconfig_unlock_obj) },
{ MP_ROM_QSTR(MP_QSTR_has_pin), MP_ROM_PTR(&mod_trezorconfig_has_pin_obj) }, { MP_ROM_QSTR(MP_QSTR_has_pin), MP_ROM_PTR(&mod_trezorconfig_has_pin_obj) },
{ MP_ROM_QSTR(MP_QSTR_change_pin), MP_ROM_PTR(&mod_trezorconfig_change_pin_obj) }, { MP_ROM_QSTR(MP_QSTR_change_pin), MP_ROM_PTR(&mod_trezorconfig_change_pin_obj) },

View File

@ -131,7 +131,7 @@ static secbool pin_get_fails(const uint32_t **pinfail, uint32_t *pofs)
return sectrue; return sectrue;
} }
static secbool pin_check(uint32_t pin, mp_obj_t callback) secbool storage_check_pin(uint32_t pin, mp_obj_t callback)
{ {
const uint32_t *pinfail = NULL; const uint32_t *pinfail = NULL;
uint32_t ofs; uint32_t ofs;
@ -185,7 +185,7 @@ static secbool pin_check(uint32_t pin, mp_obj_t callback)
secbool storage_unlock(const uint32_t pin, mp_obj_t callback) secbool storage_unlock(const uint32_t pin, mp_obj_t callback)
{ {
unlocked = secfalse; unlocked = secfalse;
if (sectrue == initialized && sectrue == pin_check(pin, callback)) { if (sectrue == initialized && sectrue == storage_check_pin(pin, callback)) {
unlocked = sectrue; unlocked = sectrue;
} }
return unlocked; return unlocked;
@ -228,7 +228,7 @@ secbool storage_change_pin(const uint32_t pin, const uint32_t newpin, mp_obj_t c
if (sectrue != initialized || sectrue != unlocked) { if (sectrue != initialized || sectrue != unlocked) {
return secfalse; return secfalse;
} }
if (sectrue != pin_check(pin, callback)) { if (sectrue != storage_check_pin(pin, callback)) {
return secfalse; return secfalse;
} }
return norcow_set(PIN_KEY, &newpin, sizeof(uint32_t)); return norcow_set(PIN_KEY, &newpin, sizeof(uint32_t));

View File

@ -24,9 +24,9 @@
void storage_init(void); void storage_init(void);
void storage_wipe(void); void storage_wipe(void);
secbool storage_check_pin(uint32_t pin, mp_obj_t callback);
secbool storage_unlock(const uint32_t pin, mp_obj_t callback); secbool storage_unlock(const uint32_t pin, mp_obj_t callback);
secbool storage_has_pin(void); secbool storage_has_pin(void);
uint32_t storage_pin_wait_time(void);
secbool storage_change_pin(const uint32_t pin, const uint32_t newpin, mp_obj_t callback); secbool storage_change_pin(const uint32_t pin, const uint32_t newpin, mp_obj_t callback);
secbool storage_get(uint16_t key, const void **val, uint16_t *len); secbool storage_get(uint16_t key, const void **val, uint16_t *len);
secbool storage_set(uint16_t key, const void *val, uint16_t len); secbool storage_set(uint16_t key, const void *val, uint16_t len);

View File

@ -1,5 +1,4 @@
from trezor import ui from trezor import config, loop, ui
from trezor import config
from trezor.pin import pin_to_int, show_pin_timeout from trezor.pin import pin_to_int, show_pin_timeout
@ -13,6 +12,21 @@ async def request_pin(ctx, *args, **kwargs):
return await request_pin(*args, **kwargs) return await request_pin(*args, **kwargs)
@ui.layout
async def pin_mismatch():
from trezor.ui.text import Text
text = Text(
'PIN mismatch', ui.ICON_DEFAULT,
'Entered PINs do not',
'match each other.',
'',
'Please, try again...',
)
text.render()
await loop.sleep(3 * 1000 * 1000)
async def request_pin_confirm(ctx, *args, **kwargs): async def request_pin_confirm(ctx, *args, **kwargs):
from trezor.messages import PinMatrixRequestType from trezor.messages import PinMatrixRequestType
@ -23,7 +37,7 @@ async def request_pin_confirm(ctx, *args, **kwargs):
ctx, code=PinMatrixRequestType.NewSecond, *args, **kwargs) ctx, code=PinMatrixRequestType.NewSecond, *args, **kwargs)
if pin1 == pin2: if pin1 == pin2:
return pin1 return pin1
# TODO: display a message and wait await pin_mismatch()
def confirm_change_pin(ctx, msg): def confirm_change_pin(ctx, msg):
@ -59,6 +73,8 @@ async def layout_change_pin(ctx, msg):
await confirm_change_pin(ctx, msg) await confirm_change_pin(ctx, msg)
if config.has_pin(): if config.has_pin():
curr_pin = await request_pin(ctx, PinMatrixRequestType.Current) curr_pin = await request_pin(ctx, PinMatrixRequestType.Current)
if not config.check_pin(pin_to_int(curr_pin), show_pin_timeout):
return Failure(code=FailureType.PinInvalid, message='PIN invalid')
else: else:
curr_pin = '' curr_pin = ''
if msg.remove: if msg.remove: