mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-12 08:20:56 +00:00
legacy: Implement ChangeWipeCode message for Trezor One.
This commit is contained in:
parent
1bc8226a50
commit
829da5fe6c
@ -785,6 +785,22 @@ bool config_getPin(char *dest, uint16_t dest_size) {
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
bool config_hasWipeCode(void) { return sectrue == storage_has_wipe_code(); }
|
||||||
|
|
||||||
|
bool config_changeWipeCode(const char *pin, const char *wipe_code) {
|
||||||
|
uint32_t wipe_code_int = pin_to_int(wipe_code);
|
||||||
|
if (wipe_code_int == 0) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
char oldTiny = usbTiny(1);
|
||||||
|
secbool ret = storage_change_wipe_code(pin_to_int(pin), NULL, wipe_code_int);
|
||||||
|
usbTiny(oldTiny);
|
||||||
|
|
||||||
|
memzero(&wipe_code_int, sizeof(wipe_code_int));
|
||||||
|
return sectrue == ret;
|
||||||
|
}
|
||||||
|
|
||||||
void session_cachePassphrase(const char *passphrase) {
|
void session_cachePassphrase(const char *passphrase) {
|
||||||
strlcpy(sessionPassphrase, passphrase, sizeof(sessionPassphrase));
|
strlcpy(sessionPassphrase, passphrase, sizeof(sessionPassphrase));
|
||||||
sessionPassphraseCached = sectrue;
|
sessionPassphraseCached = sectrue;
|
||||||
|
@ -129,6 +129,9 @@ bool config_hasPin(void);
|
|||||||
bool config_changePin(const char *old_pin, const char *new_pin);
|
bool config_changePin(const char *old_pin, const char *new_pin);
|
||||||
bool session_isUnlocked(void);
|
bool session_isUnlocked(void);
|
||||||
|
|
||||||
|
bool config_hasWipeCode(void);
|
||||||
|
bool config_changeWipeCode(const char *pin, const char *wipe_code);
|
||||||
|
|
||||||
uint32_t config_nextU2FCounter(void);
|
uint32_t config_nextU2FCounter(void);
|
||||||
void config_setU2FCounter(uint32_t u2fcounter);
|
void config_setU2FCounter(uint32_t u2fcounter);
|
||||||
|
|
||||||
|
@ -167,6 +167,9 @@ void fsm_sendFailure(FailureType code, const char *text)
|
|||||||
case FailureType_Failure_PinMismatch:
|
case FailureType_Failure_PinMismatch:
|
||||||
text = _("PIN mismatch");
|
text = _("PIN mismatch");
|
||||||
break;
|
break;
|
||||||
|
case FailureType_Failure_WipeCodeMismatch:
|
||||||
|
text = _("Wipe code mismatch");
|
||||||
|
break;
|
||||||
case FailureType_Failure_FirmwareError:
|
case FailureType_Failure_FirmwareError:
|
||||||
text = _("Firmware error");
|
text = _("Firmware error");
|
||||||
break;
|
break;
|
||||||
|
@ -52,6 +52,7 @@ void fsm_msgInitialize(const Initialize *msg);
|
|||||||
void fsm_msgGetFeatures(const GetFeatures *msg);
|
void fsm_msgGetFeatures(const GetFeatures *msg);
|
||||||
void fsm_msgPing(const Ping *msg);
|
void fsm_msgPing(const Ping *msg);
|
||||||
void fsm_msgChangePin(const ChangePin *msg);
|
void fsm_msgChangePin(const ChangePin *msg);
|
||||||
|
void fsm_msgChangeWipeCode(const ChangeWipeCode *msg);
|
||||||
void fsm_msgWipeDevice(const WipeDevice *msg);
|
void fsm_msgWipeDevice(const WipeDevice *msg);
|
||||||
void fsm_msgGetEntropy(const GetEntropy *msg);
|
void fsm_msgGetEntropy(const GetEntropy *msg);
|
||||||
#if DEBUG_LINK
|
#if DEBUG_LINK
|
||||||
|
@ -82,6 +82,10 @@ void fsm_msgGetFeatures(const GetFeatures *msg) {
|
|||||||
resp->has_flags = config_getFlags(&(resp->flags));
|
resp->has_flags = config_getFlags(&(resp->flags));
|
||||||
resp->has_model = true;
|
resp->has_model = true;
|
||||||
strlcpy(resp->model, "1", sizeof(resp->model));
|
strlcpy(resp->model, "1", sizeof(resp->model));
|
||||||
|
if (session_isUnlocked()) {
|
||||||
|
resp->has_wipe_code_protection = true;
|
||||||
|
resp->wipe_code_protection = config_hasWipeCode();
|
||||||
|
}
|
||||||
|
|
||||||
#if BITCOIN_ONLY
|
#if BITCOIN_ONLY
|
||||||
resp->capabilities_count = 2;
|
resp->capabilities_count = 2;
|
||||||
@ -176,6 +180,52 @@ void fsm_msgChangePin(const ChangePin *msg) {
|
|||||||
layoutHome();
|
layoutHome();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void fsm_msgChangeWipeCode(const ChangeWipeCode *msg) {
|
||||||
|
CHECK_INITIALIZED
|
||||||
|
|
||||||
|
bool removal = msg->has_remove && msg->remove;
|
||||||
|
bool has_wipe_code = config_hasWipeCode();
|
||||||
|
|
||||||
|
if (removal) {
|
||||||
|
// Note that if storage is locked, then config_hasWipeCode() returns false.
|
||||||
|
if (has_wipe_code || !session_isUnlocked()) {
|
||||||
|
layoutDialogSwipe(&bmp_icon_question, _("Cancel"), _("Confirm"), NULL,
|
||||||
|
_("Do you really want to"), _("disable wipe code"),
|
||||||
|
_("protection?"), NULL, NULL, NULL);
|
||||||
|
} else {
|
||||||
|
fsm_sendSuccess(_("Wipe code removed"));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (has_wipe_code) {
|
||||||
|
layoutDialogSwipe(&bmp_icon_question, _("Cancel"), _("Confirm"), NULL,
|
||||||
|
_("Do you really want to"), _("change the current"),
|
||||||
|
_("wipe code?"), NULL, NULL, NULL);
|
||||||
|
} else {
|
||||||
|
layoutDialogSwipe(&bmp_icon_question, _("Cancel"), _("Confirm"), NULL,
|
||||||
|
_("Do you really want to"), _("set a new wipe code?"),
|
||||||
|
NULL, NULL, NULL, NULL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL);
|
||||||
|
layoutHome();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (protectChangeWipeCode(removal)) {
|
||||||
|
if (removal) {
|
||||||
|
fsm_sendSuccess(_("Wipe code removed"));
|
||||||
|
} else if (has_wipe_code) {
|
||||||
|
fsm_sendSuccess(_("Wipe code changed"));
|
||||||
|
} else {
|
||||||
|
fsm_sendSuccess(_("Wipe code set"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
layoutHome();
|
||||||
|
}
|
||||||
|
|
||||||
void fsm_msgWipeDevice(const WipeDevice *msg) {
|
void fsm_msgWipeDevice(const WipeDevice *msg) {
|
||||||
(void)msg;
|
(void)msg;
|
||||||
layoutDialogSwipe(&bmp_icon_question, _("Cancel"), _("Confirm"), NULL,
|
layoutDialogSwipe(&bmp_icon_question, _("Cancel"), _("Confirm"), NULL,
|
||||||
|
@ -270,6 +270,80 @@ bool protectChangePin(bool removal) {
|
|||||||
bool ret = config_changePin(old_pin, new_pin);
|
bool ret = config_changePin(old_pin, new_pin);
|
||||||
memzero(old_pin, sizeof(old_pin));
|
memzero(old_pin, sizeof(old_pin));
|
||||||
memzero(new_pin, sizeof(new_pin));
|
memzero(new_pin, sizeof(new_pin));
|
||||||
|
if (ret == false) {
|
||||||
|
if (removal) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
|
||||||
|
} else {
|
||||||
|
fsm_sendFailure(FailureType_Failure_ProcessError,
|
||||||
|
_("The new PIN must be different from your wipe code."));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool protectChangeWipeCode(bool removal) {
|
||||||
|
static CONFIDENTIAL char pin[MAX_PIN_LEN + 1] = "";
|
||||||
|
static CONFIDENTIAL char wipe_code[MAX_PIN_LEN + 1] = "";
|
||||||
|
const char *input = NULL;
|
||||||
|
|
||||||
|
if (config_hasPin()) {
|
||||||
|
input = requestPin(PinMatrixRequestType_PinMatrixRequestType_Current,
|
||||||
|
_("Please enter your PIN:"));
|
||||||
|
if (input == NULL) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_PinCancelled, NULL);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// If removing, defer the check to config_changeWipeCode().
|
||||||
|
if (!removal) {
|
||||||
|
usbTiny(1);
|
||||||
|
bool ret = config_unlock(input);
|
||||||
|
usbTiny(0);
|
||||||
|
if (ret == false) {
|
||||||
|
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
strlcpy(pin, input, sizeof(pin));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!removal) {
|
||||||
|
input = requestPin(PinMatrixRequestType_PinMatrixRequestType_WipeCodeFirst,
|
||||||
|
_("Enter new wipe code:"));
|
||||||
|
if (input == NULL) {
|
||||||
|
memzero(pin, sizeof(pin));
|
||||||
|
fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (strncmp(pin, input, sizeof(pin)) == 0) {
|
||||||
|
memzero(pin, sizeof(pin));
|
||||||
|
fsm_sendFailure(FailureType_Failure_ProcessError,
|
||||||
|
_("The wipe code must be different from your PIN."));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
strlcpy(wipe_code, input, sizeof(wipe_code));
|
||||||
|
|
||||||
|
input = requestPin(PinMatrixRequestType_PinMatrixRequestType_WipeCodeSecond,
|
||||||
|
_("Re-enter new wipe code:"));
|
||||||
|
if (input == NULL) {
|
||||||
|
memzero(pin, sizeof(pin));
|
||||||
|
memzero(wipe_code, sizeof(wipe_code));
|
||||||
|
fsm_sendFailure(FailureType_Failure_ActionCancelled, NULL);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strncmp(wipe_code, input, sizeof(wipe_code)) != 0) {
|
||||||
|
memzero(pin, sizeof(pin));
|
||||||
|
memzero(wipe_code, sizeof(wipe_code));
|
||||||
|
fsm_sendFailure(FailureType_Failure_WipeCodeMismatch, NULL);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
bool ret = config_changeWipeCode(pin, wipe_code);
|
||||||
|
memzero(pin, sizeof(pin));
|
||||||
|
memzero(wipe_code, sizeof(wipe_code));
|
||||||
if (ret == false) {
|
if (ret == false) {
|
||||||
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
|
fsm_sendFailure(FailureType_Failure_PinInvalid, NULL);
|
||||||
}
|
}
|
||||||
|
@ -29,6 +29,7 @@ secbool protectPinUiCallback(uint32_t wait, uint32_t progress,
|
|||||||
const char* message);
|
const char* message);
|
||||||
bool protectPin(bool use_cached);
|
bool protectPin(bool use_cached);
|
||||||
bool protectChangePin(bool removal);
|
bool protectChangePin(bool removal);
|
||||||
|
bool protectChangeWipeCode(bool removal);
|
||||||
bool protectPassphrase(void);
|
bool protectPassphrase(void);
|
||||||
|
|
||||||
extern bool protectAbortedByCancel;
|
extern bool protectAbortedByCancel;
|
||||||
|
@ -36,6 +36,6 @@
|
|||||||
/*
|
/*
|
||||||
* Current storage version.
|
* Current storage version.
|
||||||
*/
|
*/
|
||||||
#define NORCOW_VERSION ((uint32_t)0x00000001)
|
#define NORCOW_VERSION ((uint32_t)0x00000002)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user