|
|
|
@ -2,20 +2,46 @@ import utime
|
|
|
|
|
from typing import TYPE_CHECKING
|
|
|
|
|
|
|
|
|
|
import storage.cache as storage_cache
|
|
|
|
|
from trezor import config, wire
|
|
|
|
|
|
|
|
|
|
from .sdcard import request_sd_salt
|
|
|
|
|
from trezor import config, utils, wire
|
|
|
|
|
|
|
|
|
|
if TYPE_CHECKING:
|
|
|
|
|
from typing import Any, NoReturn
|
|
|
|
|
from trezor.wire import Context, GenericContext
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
async def _request_sd_salt(
|
|
|
|
|
ctx: wire.GenericContext, raise_cancelled_on_unavailable: bool = False
|
|
|
|
|
) -> bytearray | None:
|
|
|
|
|
"""Helper to get SD salt in a general manner, working for all models.
|
|
|
|
|
|
|
|
|
|
Is model-specific, because some models (like TR/T2B1) do not even
|
|
|
|
|
have SD card support (and we do not want to include SD-card connected code).
|
|
|
|
|
"""
|
|
|
|
|
from trezor import utils
|
|
|
|
|
|
|
|
|
|
if utils.MODEL in ("R",):
|
|
|
|
|
return None
|
|
|
|
|
else:
|
|
|
|
|
from .sdcard import request_sd_salt, SdCardUnavailable
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
return await request_sd_salt(ctx)
|
|
|
|
|
except SdCardUnavailable:
|
|
|
|
|
if raise_cancelled_on_unavailable:
|
|
|
|
|
raise wire.PinCancelled("SD salt is unavailable")
|
|
|
|
|
else:
|
|
|
|
|
raise
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def can_lock_device() -> bool:
|
|
|
|
|
"""Return True if the device has a PIN set or SD-protect enabled."""
|
|
|
|
|
import storage.sd_salt
|
|
|
|
|
"""Return True if the device has a PIN set or SD-protect enabled (when supported)."""
|
|
|
|
|
# TR/T2B1 does not support SD card
|
|
|
|
|
if utils.MODEL in ("R",):
|
|
|
|
|
return config.has_pin()
|
|
|
|
|
else:
|
|
|
|
|
import storage.sd_salt
|
|
|
|
|
|
|
|
|
|
return config.has_pin() or storage.sd_salt.is_enabled()
|
|
|
|
|
return config.has_pin() or storage.sd_salt.is_enabled()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
async def request_pin(
|
|
|
|
@ -50,7 +76,7 @@ async def request_pin_and_sd_salt(
|
|
|
|
|
else:
|
|
|
|
|
pin = ""
|
|
|
|
|
|
|
|
|
|
salt = await request_sd_salt(ctx)
|
|
|
|
|
salt = await _request_sd_salt(ctx)
|
|
|
|
|
|
|
|
|
|
return pin, salt
|
|
|
|
|
|
|
|
|
@ -67,8 +93,6 @@ async def verify_user_pin(
|
|
|
|
|
retry: bool = True,
|
|
|
|
|
cache_time_ms: int = 0,
|
|
|
|
|
) -> None:
|
|
|
|
|
from .sdcard import SdCardUnavailable
|
|
|
|
|
|
|
|
|
|
# _get_last_unlock_time
|
|
|
|
|
last_unlock = int.from_bytes(
|
|
|
|
|
storage_cache.get(storage_cache.APP_COMMON_REQUEST_PIN_LAST_UNLOCK, b""), "big"
|
|
|
|
@ -92,10 +116,7 @@ async def verify_user_pin(
|
|
|
|
|
else:
|
|
|
|
|
pin = ""
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
salt = await request_sd_salt(ctx)
|
|
|
|
|
except SdCardUnavailable:
|
|
|
|
|
raise wire.PinCancelled("SD salt is unavailable")
|
|
|
|
|
salt = await _request_sd_salt(ctx, raise_cancelled_on_unavailable=True)
|
|
|
|
|
if config.unlock(pin, salt):
|
|
|
|
|
_set_last_unlock_time()
|
|
|
|
|
return
|
|
|
|
|