mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 14:28:07 +00:00
Merge pull request #739 from trezor/tsusanka/storage-unlock
Unlock storage after wipe
This commit is contained in:
commit
4cc2250ddb
@ -629,6 +629,7 @@ static void init_wiped_storage(void) {
|
||||
return;
|
||||
}
|
||||
random_buffer(cached_keys, sizeof(cached_keys));
|
||||
unlocked = sectrue;
|
||||
uint32_t version = NORCOW_VERSION;
|
||||
ensure(auth_init(), "set_storage_auth_tag failed");
|
||||
ensure(storage_set_encrypted(VERSION_KEY, &version, sizeof(version)),
|
||||
@ -642,9 +643,6 @@ static void init_wiped_storage(void) {
|
||||
ui_rem = ui_total;
|
||||
ui_message = PROCESSING_MSG;
|
||||
ensure(set_pin(PIN_EMPTY, NULL), "init_pin failed");
|
||||
if (unlocked != sectrue) {
|
||||
memzero(cached_keys, sizeof(cached_keys));
|
||||
}
|
||||
}
|
||||
|
||||
void storage_init(PIN_UI_WAIT_CALLBACK callback, const uint8_t *salt,
|
||||
@ -669,6 +667,7 @@ void storage_init(PIN_UI_WAIT_CALLBACK callback, const uint8_t *salt,
|
||||
uint16_t len = 0;
|
||||
if (secfalse == norcow_get(EDEK_PVC_KEY, &val, &len)) {
|
||||
init_wiped_storage();
|
||||
storage_lock();
|
||||
}
|
||||
memzero(cached_keys, sizeof(cached_keys));
|
||||
}
|
||||
|
@ -130,8 +130,12 @@ class Storage:
|
||||
# public fields can be read from an unlocked device
|
||||
raise RuntimeError("Storage locked")
|
||||
if consts.is_app_public(app):
|
||||
return self.nc.get(key)
|
||||
return self._get_encrypted(key)
|
||||
value = self.nc.get(key)
|
||||
else:
|
||||
value = self._get_encrypted(key)
|
||||
if value is False:
|
||||
raise RuntimeError("Failed to find key in storage.")
|
||||
return value
|
||||
|
||||
def set(self, key: int, val: bytes) -> bool:
|
||||
app = key >> 8
|
||||
@ -153,7 +157,7 @@ class Storage:
|
||||
app = key >> 8
|
||||
self._check_lock(app)
|
||||
|
||||
current = self.get(key)
|
||||
current = self.nc.get(key)
|
||||
if current is False:
|
||||
self.set_counter(key, 0)
|
||||
return 0
|
||||
|
@ -83,6 +83,13 @@ def test_invalid_key():
|
||||
s.set(0xFFFF, b"Hello")
|
||||
|
||||
|
||||
def test_non_existing_key():
|
||||
sc, sp = common.init()
|
||||
for s in (sc, sp):
|
||||
with pytest.raises(RuntimeError):
|
||||
s.get(0xABCD)
|
||||
|
||||
|
||||
def test_chacha_strings():
|
||||
sc, sp = common.init(unlock=True)
|
||||
for s in (sc, sp):
|
||||
|
Loading…
Reference in New Issue
Block a user