feat(python): allow trezorctl firmware commands to work with unknown models

[no changelog]
2025-02-21 20:12:02 +00:00 · 2025-01-20 11:34:12 +01:00 · 2025-01-20 11:34:12 +01:00 · 72d14a370c
commit 72d14a370c
parent cba5e60c96
4 changed files with 25 additions and 5 deletions
--- a/python/src/trezorlib/cli/firmware.py
+++ b/python/src/trezorlib/cli/firmware.py
@ -95,9 +95,9 @@ def _print_firmware_model(hw_model: Union[bytes, fw_models.Model]) -> None:
        pass
    assert isinstance(hw_model, bytes)
-    if all(0x20 <= b < 0x80 for b in hw_model):  # isascii
+    if hw_model.isascii():
        model_name = hw_model.decode("ascii")
-        click.echo(f"Unknown hardware model: {model_name}")
+        click.echo(f"Unrecognized hardware model: {model_name}")
        return
    click.echo(f"Suspicious hardware model code: {hw_model.hex()} ({hw_model!r})")
@ -404,7 +404,7 @@ def validate_firmware(
    fingerprint: Optional[str] = None,
    model: Optional[TrezorModel] = None,
    bootloader_onev2: Optional[bool] = None,
-    prompt_unsigned: bool = True,
+    verify_only: bool = False,
 ) -> None:
    """Validate the firmware through multiple tests.
@ -419,8 +419,14 @@ def validate_firmware(
        sys.exit(2)
    print_firmware_version(fw)
    if not fw.model():
        click.echo("Cannot validate firmware for unrecognized model.")
        if not verify_only:
            click.echo("(Hint: use --skip-check to skip validation.)")
        sys.exit(3)
    validate_fingerprint(fw, fingerprint)
-    validate_signatures(fw, prompt_unsigned=prompt_unsigned)
+    validate_signatures(fw, prompt_unsigned=not verify_only)
    if model is not None and bootloader_onev2 is not None:
        check_device_match(fw, model, bootloader_onev2)
@ -548,7 +554,7 @@ def verify(
        fingerprint=fingerprint,
        bootloader_onev2=bootloader_onev2,
        model=model,
-        prompt_unsigned=False,
+        verify_only=True,
    )
--- a/python/src/trezorlib/firmware/init.py
+++ b/python/src/trezorlib/firmware/init.py
@ -21,6 +21,7 @@ from typing_extensions import Protocol, TypeGuard
 from .. import messages
 from ..tools import session
 from .models import Model
 from .core import VendorFirmware
 from .legacy import LegacyFirmware, LegacyV2Firmware
@ -50,6 +51,8 @@ if t.TYPE_CHECKING:
        def digest(self) -> bytes: ...
        def model(self) -> Model | None: ...
 def parse(data: bytes) -> "FirmwareType":
    try:
--- a/python/src/trezorlib/firmware/core.py
+++ b/python/src/trezorlib/firmware/core.py
@ -165,6 +165,11 @@ class FirmwareImage(Struct):
        header.v1_signatures = [b"\x00" * 64] * consts.V1_SIGNATURE_SLOTS
        return hash_params.hash_function(header.build()).digest()
    def model(self) -> Model | None:
        if isinstance(self.header.hw_model, Model):
            return self.header.hw_model
        return None
 class VendorFirmware(Struct):
    """Firmware image prefixed by a vendor header.
@ -203,3 +208,6 @@ class VendorFirmware(Struct):
        # now = time.gmtime()
        # if time.gmtime(fw.vendor_header.expiry) < now:
        #     raise ValueError("Vendor header expired.")
    def model(self) -> Model | None:
        return self.firmware.model()
--- a/python/src/trezorlib/firmware/legacy.py
+++ b/python/src/trezorlib/firmware/legacy.py
@ -202,3 +202,6 @@ class LegacyFirmware(Struct):
        if self.embedded_v2:
            self.embedded_v2.verify()
    def model(self) -> Model | None:
        return Model.T1B1