core: only unlock storage if it is locked (solves determinism issue in tests)

2024-11-17 21:22:10 +00:00 · 2020-05-28 11:57:04 +02:00 · 2020-05-28 11:57:04 +02:00 · 4bc865794f
commit 4bc865794f
parent 0799595b5b
3 changed files with 49 additions and 4 deletions
--- a/core/src/apps/base.py
+++ b/core/src/apps/base.py
@ -151,8 +151,15 @@ def lock_device() -> None:


 async def unlock_device(ctx: wire.GenericContext = wire.DUMMY_CONTEXT) -> None:
-    await verify_user_pin(ctx)
-    # verify_user_pin will raise if the PIN was invalid
+    """Ensure the device is in unlocked state.
+
+    If the storage is locked, attempt to unlock it. Reset the homescreen and the wire
+    handler.
+    """
+    if not config.is_unlocked():
+        # verify_user_pin will raise if the PIN was invalid
+        await verify_user_pin(ctx)
+
    set_homescreen()
    wire.find_handler = wire.find_registered_workflow_handler

--- a/core/src/apps/homescreen/lockscreen.py
+++ b/core/src/apps/homescreen/lockscreen.py
@ -7,9 +7,12 @@ async def lockscreen() -> None:
    from apps.common.request_pin import can_lock_device
    from apps.base import unlock_device

+    # Only show the lockscreen UI if the device can in fact be locked.
    if can_lock_device():
        await Lockscreen()
-
+    # Otherwise proceed directly to unlock() call. If the device is already unlocked,
+    # it should be a no-op storage-wise, but it resets the internal configuration
+    # to an unlocked state.
    try:
        await unlock_device()
    except wire.PinCancelled:
--- a/tests/device_tests/test_debuglink.py
+++ b/tests/device_tests/test_debuglink.py
@ -16,7 +16,7 @@

 import pytest

-from trezorlib import messages
+from trezorlib import debuglink, device, messages, misc

 from ..common import MNEMONIC12

@ -47,3 +47,38 @@ class TestDebuglink:

        resp = client.call_raw(messages.PassphraseAck(passphrase=""))
        assert isinstance(resp, messages.Address)
+
+
+@pytest.mark.skip_ui
+@pytest.mark.skip_t1
+def test_softlock_instability(client):
+    def load_device():
+        debuglink.load_device(
+            client,
+            mnemonic=MNEMONIC12,
+            pin="1234",
+            passphrase_protection=False,
+            label="test",
+        )
+
+    # start from a clean slate:
+    client.debug.reseed(0)
+    device.wipe(client)
+    entropy_after_wipe = misc.get_entropy(client, 16)
+
+    # configure and wipe the device
+    load_device()
+    client.debug.reseed(0)
+    device.wipe(client)
+    assert misc.get_entropy(client, 16) == entropy_after_wipe
+
+    load_device()
+    # the device has PIN -> lock it
+    client.call(messages.LockDevice())
+    client.debug.reseed(0)
+    # wipe_device should succeed with no need to unlock
+    device.wipe(client)
+    # the device is now trying to run the lockscreen, which attempts to unlock.
+    # If the device actually called config.unlock(), it would use additional randomness.
+    # That is undesirable. Assert that the returned entropy is still the same.
+    assert misc.get_entropy(client, 16) == entropy_after_wipe