arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-30 17:21:21 +00:00
Code Issues Releases Wiki Activity

core: only unlock storage if it is locked (solves determinism issue in tests)

Browse Source
This commit is contained in:
matejcik 2020-05-28 11:57:04 +02:00 committed by matejcik
parent 0799595b5b
commit 4bc865794f
3 changed files with 49 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
core/src/apps/base.py
View File

@ -151,8 +151,15 @@ def lock_device() -> None:
async def unlock_device(ctx: wire.GenericContext = wire.DUMMY_CONTEXT) -> None: async def unlock_device(ctx: wire.GenericContext = wire.DUMMY_CONTEXT) -> None:
await verify_user_pin(ctx) """Ensure the device is in unlocked state.
If the storage is locked, attempt to unlock it. Reset the homescreen and the wire
handler.
"""
if not config.is_unlocked():
# verify_user_pin will raise if the PIN was invalid # verify_user_pin will raise if the PIN was invalid
await verify_user_pin(ctx)
set_homescreen() set_homescreen()
wire.find_handler = wire.find_registered_workflow_handler wire.find_handler = wire.find_registered_workflow_handler

5
core/src/apps/homescreen/lockscreen.py
View File

@ -7,9 +7,12 @@ async def lockscreen() -> None:
from apps.common.request_pin import can_lock_device from apps.common.request_pin import can_lock_device
from apps.base import unlock_device from apps.base import unlock_device
# Only show the lockscreen UI if the device can in fact be locked.
if can_lock_device(): if can_lock_device():
await Lockscreen() await Lockscreen()
# Otherwise proceed directly to unlock() call. If the device is already unlocked,
# it should be a no-op storage-wise, but it resets the internal configuration
# to an unlocked state.
try: try:
await unlock_device() await unlock_device()
except wire.PinCancelled: except wire.PinCancelled:

37
tests/device_tests/test_debuglink.py
View File

@ -16,7 +16,7 @@
import pytest import pytest
from trezorlib import messages from trezorlib import debuglink, device, messages, misc
from ..common import MNEMONIC12 from ..common import MNEMONIC12
@ -47,3 +47,38 @@ class TestDebuglink:
resp = client.call_raw(messages.PassphraseAck(passphrase="")) resp = client.call_raw(messages.PassphraseAck(passphrase=""))
assert isinstance(resp, messages.Address) assert isinstance(resp, messages.Address)
@pytest.mark.skip_ui
@pytest.mark.skip_t1
def test_softlock_instability(client):
def load_device():
debuglink.load_device(
client,
mnemonic=MNEMONIC12,
pin="1234",
passphrase_protection=False,
label="test",
)
# start from a clean slate:
client.debug.reseed(0)
device.wipe(client)
entropy_after_wipe = misc.get_entropy(client, 16)
# configure and wipe the device
load_device()
client.debug.reseed(0)
device.wipe(client)
assert misc.get_entropy(client, 16) == entropy_after_wipe
load_device()
# the device has PIN -> lock it
client.call(messages.LockDevice())
client.debug.reseed(0)
# wipe_device should succeed with no need to unlock
device.wipe(client)
# the device is now trying to run the lockscreen, which attempts to unlock.
# If the device actually called config.unlock(), it would use additional randomness.
# That is undesirable. Assert that the returned entropy is still the same.
assert misc.get_entropy(client, 16) == entropy_after_wipe