1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

fixup! fixup! wip: single packet decryption (not finished) [no changelog]

This commit is contained in:
M1nd3r 2024-12-18 15:55:51 +01:00
parent 04f6a3e04a
commit 46d1605ef1
5 changed files with 41 additions and 10 deletions

View File

@ -44,6 +44,10 @@ class ThpInvalidDataError(ThpError):
pass pass
class ThpDeviceLockedError(ThpError):
pass
class ThpUnallocatedSessionError(ThpError): class ThpUnallocatedSessionError(ThpError):
def __init__(self, session_id: int) -> None: def __init__(self, session_id: int) -> None:
@ -55,6 +59,7 @@ class ThpErrorType(IntEnum):
UNALLOCATED_CHANNEL = 2 UNALLOCATED_CHANNEL = 2
DECRYPTION_FAILED = 3 DECRYPTION_FAILED = 3
INVALID_DATA = 4 INVALID_DATA = 4
DEVICE_LOCKED = 5
class ChannelState(IntEnum): class ChannelState(IntEnum):

View File

@ -15,7 +15,7 @@ from storage.cache_thp import (
update_channel_last_used, update_channel_last_used,
update_session_last_used, update_session_last_used,
) )
from trezor import log, loop, protobuf, utils from trezor import config, log, loop, protobuf, utils
from trezor.enums import FailureType from trezor.enums import FailureType
from trezor.messages import Failure from trezor.messages import Failure
from trezor.wire.thp import memory_manager from trezor.wire.thp import memory_manager
@ -35,6 +35,7 @@ from . import (
ThpErrorType, ThpErrorType,
ThpInvalidDataError, ThpInvalidDataError,
ThpUnallocatedSessionError, ThpUnallocatedSessionError,
ThpDeviceLockedError,
) )
from . import alternating_bit_protocol as ABP from . import alternating_bit_protocol as ABP
from . import ( from . import (
@ -139,6 +140,9 @@ async def handle_received_message(
except ThpInvalidDataError: except ThpInvalidDataError:
await ctx.write_error(ThpErrorType.INVALID_DATA) await ctx.write_error(ThpErrorType.INVALID_DATA)
ctx.clear() ctx.clear()
except ThpDeviceLockedError:
await ctx.write_error(ThpErrorType.DEVICE_LOCKED)
if __debug__ and utils.ALLOW_DEBUG_MESSAGES: if __debug__ and utils.ALLOW_DEBUG_MESSAGES:
log.debug(__name__, "handle_received_message - end") log.debug(__name__, "handle_received_message - end")
@ -226,6 +230,9 @@ async def _handle_state_TH1(
if not payload_length == PUBKEY_LENGTH + CHECKSUM_LENGTH: if not payload_length == PUBKEY_LENGTH + CHECKSUM_LENGTH:
raise ThpError("Message received is not a valid handshake init request!") raise ThpError("Message received is not a valid handshake init request!")
if not config.is_unlocked():
raise ThpDeviceLockedError
ctx.handshake = Handshake() ctx.handshake = Handshake()
buffer = memory_manager.get_existing_read_buffer(ctx.get_channel_id_int()) buffer = memory_manager.get_existing_read_buffer(ctx.get_channel_id_int())
@ -272,6 +279,9 @@ async def _handle_state_TH2(ctx: Channel, message_length: int, ctrl_byte: int) -
if ctx.handshake is None: if ctx.handshake is None:
raise Exception("Handshake object is not prepared. Retry handshake.") raise Exception("Handshake object is not prepared. Retry handshake.")
if not config.is_unlocked():
raise ThpDeviceLockedError
buffer = memory_manager.get_existing_read_buffer(ctx.get_channel_id_int()) buffer = memory_manager.get_existing_read_buffer(ctx.get_channel_id_int())
# if buffer is BufferError: # if buffer is BufferError:
# pass # TODO handle # pass # TODO handle

View File

@ -262,17 +262,23 @@ def with_session(
def function_with_session( def function_with_session(
obj: TrezorConnection, *args: "P.args", **kwargs: "P.kwargs" obj: TrezorConnection, *args: "P.args", **kwargs: "P.kwargs"
) -> "R": ) -> "R":
if management:
session = obj.get_management_session()
else:
# TODO try (sys.exit ve finally)
session = obj.get_session(
derive_cardano=derive_cardano,
empty_passphrase=empty_passphrase,
must_resume=must_resume,
)
try: try:
if management:
session = obj.get_management_session()
else:
# TODO try (sys.exit ve finally)
session = obj.get_session(
derive_cardano=derive_cardano,
empty_passphrase=empty_passphrase,
must_resume=must_resume,
)
return func(session, *args, **kwargs) return func(session, *args, **kwargs)
except exceptions.DeviceLockedException:
click.echo(
"Device is locked, enter a pin on the device.",
err=True,
)
finally: finally:
pass pass
# TODO try end session if not resumed # TODO try end session if not resumed

View File

@ -55,3 +55,7 @@ class Cancelled(TrezorException):
class OutdatedFirmwareError(TrezorException): class OutdatedFirmwareError(TrezorException):
pass pass
class DeviceLockedException(TrezorException):
pass

View File

@ -173,7 +173,13 @@ class ProtocolV2(ProtocolAndChannel):
header, payload = self._read_until_valid_crc_check() header, payload = self._read_until_valid_crc_check()
self._send_ack_0() self._send_ack_0()
if header.ctrl_byte == 0x42:
if payload == b"\x05":
raise exceptions.DeviceLockedException()
if not header.is_handshake_init_response(): if not header.is_handshake_init_response():
LOG.debug("Received message is not a valid handshake init response message")
click.echo( click.echo(
"Received message is not a valid handshake init response message", "Received message is not a valid handshake init response message",
err=True, err=True,