mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-16 19:38:09 +00:00
Merge branch 'secfix'
This commit is contained in:
commit
8be4ed41bc
@ -1,5 +1,11 @@
|
||||
Version 2.1.0 [unreleased]
|
||||
Version 2.1.0
|
||||
* stable release, optional update
|
||||
* Security improvements
|
||||
* Upgraded to new storage format
|
||||
* Ripple, Stellar, Cardano and NEM fixes
|
||||
* New coins: ATS, AXE, FLO, GIN, KMD, NIX,
|
||||
PIVX, REOSC, XPM, XSN, ZCL
|
||||
* New ETH tokens
|
||||
|
||||
Version 2.0.10
|
||||
* stable release, optional update
|
||||
|
@ -83,6 +83,7 @@ SOURCE_TREZORHAL = [
|
||||
'embed/trezorhal/image.c',
|
||||
'embed/trezorhal/flash.c',
|
||||
'embed/trezorhal/mini_printf.c',
|
||||
'embed/trezorhal/mpu.c',
|
||||
'embed/trezorhal/rng.c',
|
||||
'embed/trezorhal/stm32.c',
|
||||
'embed/trezorhal/touch.c',
|
||||
|
@ -29,7 +29,6 @@ CPPDEFINES_MOD += [
|
||||
'AES_128',
|
||||
'AES_192',
|
||||
'RAND_PLATFORM_INDEPENDENT',
|
||||
('USE_BIP39_CACHE', '0'),
|
||||
('USE_KECCAK', '1'),
|
||||
('USE_ETHEREUM', '1'),
|
||||
('USE_MONERO', '1'),
|
||||
|
@ -27,7 +27,6 @@ CPPPATH_MOD += [
|
||||
CPPDEFINES_MOD += [
|
||||
'AES_128',
|
||||
'AES_192',
|
||||
('USE_BIP39_CACHE', '0'),
|
||||
('USE_KECCAK', '1'),
|
||||
('USE_ETHEREUM', '1'),
|
||||
('USE_MONERO', '1'),
|
||||
|
@ -105,9 +105,9 @@ static secbool copy_sdcard(void)
|
||||
|
||||
// erase all flash (except boardloader)
|
||||
static const uint8_t sectors[] = {
|
||||
3,
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
3,
|
||||
FLASH_SECTOR_BOOTLOADER,
|
||||
FLASH_SECTOR_FIRMWARE_START,
|
||||
7,
|
||||
@ -168,12 +168,8 @@ int main(void)
|
||||
periph_init();
|
||||
|
||||
if (sectrue != flash_configure_option_bytes()) {
|
||||
static const uint8_t sectors[] = {
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
};
|
||||
// display is not initialized so don't call ensure
|
||||
secbool r = flash_erase_sectors(sectors, sizeof(sectors), NULL);
|
||||
secbool r = flash_erase_sectors(STORAGE_SECTORS, STORAGE_SECTORS_COUNT, NULL);
|
||||
(void)r;
|
||||
return 2;
|
||||
}
|
||||
|
@ -21,6 +21,7 @@
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "common.h"
|
||||
#include "mpu.h"
|
||||
#include "image.h"
|
||||
#include "flash.h"
|
||||
#include "display.h"
|
||||
@ -224,15 +225,18 @@ static void check_bootloader_version(void)
|
||||
|
||||
int main(void)
|
||||
{
|
||||
main_start:
|
||||
display_clear();
|
||||
touch_init();
|
||||
touch_power_on();
|
||||
|
||||
mpu_config_bootloader();
|
||||
|
||||
#if PRODUCTION
|
||||
check_bootloader_version();
|
||||
#endif
|
||||
|
||||
touch_init();
|
||||
touch_power_on();
|
||||
main_start:
|
||||
|
||||
display_clear();
|
||||
|
||||
// delay to detect touch
|
||||
uint32_t touched = 0;
|
||||
@ -258,7 +262,7 @@ main_start:
|
||||
firmware_present = load_image_header((const uint8_t *)(FIRMWARE_START + vhdr.hdrlen), FIRMWARE_IMAGE_MAGIC, FIRMWARE_IMAGE_MAXSIZE, vhdr.vsig_m, vhdr.vsig_n, vhdr.vpub, &hdr);
|
||||
}
|
||||
if (sectrue == firmware_present) {
|
||||
firmware_present = check_image_contents(&hdr, IMAGE_HEADER_SIZE + vhdr.hdrlen, firmware_sectors, FIRMWARE_SECTORS_COUNT);
|
||||
firmware_present = check_image_contents(&hdr, IMAGE_HEADER_SIZE + vhdr.hdrlen, FIRMWARE_SECTORS, FIRMWARE_SECTORS_COUNT);
|
||||
}
|
||||
|
||||
// start the bootloader if no or broken firmware found ...
|
||||
@ -282,11 +286,7 @@ main_start:
|
||||
ui_fadein();
|
||||
|
||||
// erase storage
|
||||
static const uint8_t sectors_storage[] = {
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
};
|
||||
ensure(flash_erase_sectors(sectors_storage, sizeof(sectors_storage), NULL), NULL);
|
||||
ensure(flash_erase_sectors(STORAGE_SECTORS, STORAGE_SECTORS_COUNT, NULL), NULL);
|
||||
|
||||
// and start the usb loop
|
||||
if (bootloader_usb_loop(NULL, NULL) != sectrue) {
|
||||
@ -349,7 +349,7 @@ main_start:
|
||||
"invalid firmware header");
|
||||
|
||||
ensure(
|
||||
check_image_contents(&hdr, IMAGE_HEADER_SIZE + vhdr.hdrlen, firmware_sectors, FIRMWARE_SECTORS_COUNT),
|
||||
check_image_contents(&hdr, IMAGE_HEADER_SIZE + vhdr.hdrlen, FIRMWARE_SECTORS, FIRMWARE_SECTORS_COUNT),
|
||||
"invalid firmware hash");
|
||||
|
||||
// if all VTRUST flags are unset = ultimate trust => skip the procedure
|
||||
@ -379,9 +379,10 @@ main_start:
|
||||
ui_fadeout();
|
||||
}
|
||||
|
||||
// mpu_config();
|
||||
// mpu_config_firmware();
|
||||
// jump_to_unprivileged(FIRMWARE_START + vhdr.hdrlen + IMAGE_HEADER_SIZE);
|
||||
|
||||
mpu_config_off();
|
||||
jump_to(FIRMWARE_START + vhdr.hdrlen + IMAGE_HEADER_SIZE);
|
||||
|
||||
return 0;
|
||||
|
@ -39,22 +39,6 @@
|
||||
#define MSG_HEADER1_LEN 9
|
||||
#define MSG_HEADER2_LEN 1
|
||||
|
||||
const uint8_t firmware_sectors[FIRMWARE_SECTORS_COUNT] = {
|
||||
FLASH_SECTOR_FIRMWARE_START,
|
||||
7,
|
||||
8,
|
||||
9,
|
||||
10,
|
||||
FLASH_SECTOR_FIRMWARE_END,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_START,
|
||||
18,
|
||||
19,
|
||||
20,
|
||||
21,
|
||||
22,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_END,
|
||||
};
|
||||
|
||||
secbool msg_parse_header(const uint8_t *buf, uint16_t *msg_id, uint32_t *msg_size)
|
||||
{
|
||||
if (buf[0] != '?' || buf[1] != '#' || buf[2] != '#') {
|
||||
@ -479,13 +463,9 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size, uint8_t *bu
|
||||
|
||||
// if firmware is not upgrade, erase storage
|
||||
if (sectrue != is_upgrade) {
|
||||
static const uint8_t sectors_storage[] = {
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
};
|
||||
ensure(flash_erase_sectors(sectors_storage, sizeof(sectors_storage), NULL), NULL);
|
||||
ensure(flash_erase_sectors(STORAGE_SECTORS, STORAGE_SECTORS_COUNT, NULL), NULL);
|
||||
}
|
||||
ensure(flash_erase_sectors(firmware_sectors, FIRMWARE_SECTORS_COUNT, ui_screen_install_progress_erase), NULL);
|
||||
ensure(flash_erase_sectors(FIRMWARE_SECTORS, FIRMWARE_SECTORS_COUNT, ui_screen_install_progress_erase), NULL);
|
||||
|
||||
firstskip = IMAGE_HEADER_SIZE + vhdr.hdrlen;
|
||||
}
|
||||
@ -521,7 +501,7 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size, uint8_t *bu
|
||||
|
||||
const uint32_t * const src = (const uint32_t * const)chunk_buffer;
|
||||
for (int i = 0; i < chunk_size / sizeof(uint32_t); i++) {
|
||||
ensure(flash_write_word(firmware_sectors[firmware_block], i * sizeof(uint32_t), src[i]), NULL);
|
||||
ensure(flash_write_word(FIRMWARE_SECTORS[firmware_block], i * sizeof(uint32_t), src[i]), NULL);
|
||||
}
|
||||
|
||||
ensure(flash_lock_write(), NULL);
|
||||
@ -546,9 +526,9 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size, uint8_t *bu
|
||||
int process_msg_WipeDevice(uint8_t iface_num, uint32_t msg_size, uint8_t *buf)
|
||||
{
|
||||
static const uint8_t sectors[] = {
|
||||
3,
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
// 3, // skip because of MPU protection
|
||||
FLASH_SECTOR_FIRMWARE_START,
|
||||
7,
|
||||
8,
|
||||
@ -558,7 +538,7 @@ int process_msg_WipeDevice(uint8_t iface_num, uint32_t msg_size, uint8_t *buf)
|
||||
FLASH_SECTOR_UNUSED_START,
|
||||
13,
|
||||
14,
|
||||
FLASH_SECTOR_UNUSED_END,
|
||||
// FLASH_SECTOR_UNUSED_END, // skip because of MPU protection
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_START,
|
||||
18,
|
||||
19,
|
||||
|
@ -28,7 +28,6 @@
|
||||
#define USB_PACKET_SIZE 64
|
||||
|
||||
#define FIRMWARE_UPLOAD_CHUNK_RETRY_COUNT 2
|
||||
extern const uint8_t firmware_sectors[FIRMWARE_SECTORS_COUNT];
|
||||
|
||||
secbool msg_parse_header(const uint8_t *buf, uint16_t *msg_id, uint32_t *msg_size);
|
||||
|
||||
|
@ -17,6 +17,8 @@
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "py/runtime.h"
|
||||
#include "py/mphal.h"
|
||||
#include "py/objstr.h"
|
||||
@ -31,9 +33,13 @@
|
||||
|
||||
STATIC mp_obj_t ui_wait_callback = mp_const_none;
|
||||
|
||||
STATIC secbool wrapped_ui_wait_callback(uint32_t wait, uint32_t progress) {
|
||||
STATIC secbool wrapped_ui_wait_callback(uint32_t wait, uint32_t progress, const char* message) {
|
||||
if (mp_obj_is_callable(ui_wait_callback)) {
|
||||
if (mp_call_function_2(ui_wait_callback, mp_obj_new_int(wait), mp_obj_new_int(progress)) == mp_const_true) {
|
||||
mp_obj_t args[3];
|
||||
args[0] = mp_obj_new_int(wait);
|
||||
args[1] = mp_obj_new_int(progress);
|
||||
args[2] = mp_obj_new_str(message, strlen(message));
|
||||
if (mp_call_function_n_kw(ui_wait_callback, 3, 0, args) == mp_const_true) {
|
||||
return sectrue;
|
||||
}
|
||||
}
|
||||
|
@ -38,6 +38,10 @@ static secbool known_bootloader(const uint8_t *hash, int len) {
|
||||
if (0 == memcmp(hash, "\x2e\xf7\x47\xf8\x49\x87\x1e\xc8\xc6\x01\x35\xd6\x32\xe5\x5a\xd1\x56\x18\xf8\x64\x87\xb7\xaa\x7c\x62\x0e\xc3\x0d\x25\x69\x4e\x18", 32)) return sectrue;
|
||||
// bootloader-2.0.2.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\xcc\x6b\x35\xc3\x8f\x29\x5c\xbd\x7d\x31\x69\xaf\xae\xf1\x61\x01\xef\xbe\x9f\x3b\x0a\xfd\xc5\x91\x70\x9b\xf5\xa0\xd5\xa4\xc5\xe0", 32)) return sectrue;
|
||||
// bootloader-2.0.3.bin (padded with 0x00)
|
||||
if (0 == memcmp(hash, "\xb1\x83\xd3\x31\xc7\xff\x3d\xcf\x54\x1e\x7e\x40\xf4\x9e\xc3\x53\x4c\xcc\xf3\x8c\x35\x39\x88\x81\x65\xc0\x5c\x25\xbd\xfc\xea\x14", 32)) return sectrue;
|
||||
// bootloader-2.0.3.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\xab\xdb\x7d\xe2\xef\x44\x66\xa7\xb7\x1f\x2b\x02\xf3\xe1\x40\xe7\xcd\xf2\x8e\xc0\xbb\x33\x04\xce\x0d\xa5\xca\x02\x57\xb6\xd4\x30", 32)) return sectrue;
|
||||
return secfalse;
|
||||
}
|
||||
*/
|
||||
@ -45,9 +49,9 @@ static secbool known_bootloader(const uint8_t *hash, int len) {
|
||||
static secbool latest_bootloader(const uint8_t *hash, int len) {
|
||||
if (len != 32) return secfalse;
|
||||
// bootloader.bin (padded with 0x00)
|
||||
if (0 == memcmp(hash, "\x2e\xf7\x47\xf8\x49\x87\x1e\xc8\xc6\x01\x35\xd6\x32\xe5\x5a\xd1\x56\x18\xf8\x64\x87\xb7\xaa\x7c\x62\x0e\xc3\x0d\x25\x69\x4e\x18", 32)) return sectrue;
|
||||
if (0 == memcmp(hash, "\xb1\x83\xd3\x31\xc7\xff\x3d\xcf\x54\x1e\x7e\x40\xf4\x9e\xc3\x53\x4c\xcc\xf3\x8c\x35\x39\x88\x81\x65\xc0\x5c\x25\xbd\xfc\xea\x14", 32)) return sectrue;
|
||||
// bootloader.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\xcc\x6b\x35\xc3\x8f\x29\x5c\xbd\x7d\x31\x69\xaf\xae\xf1\x61\x01\xef\xbe\x9f\x3b\x0a\xfd\xc5\x91\x70\x9b\xf5\xa0\xd5\xa4\xc5\xe0", 32)) return sectrue;
|
||||
if (0 == memcmp(hash, "\xab\xdb\x7d\xe2\xef\x44\x66\xa7\xb7\x1f\x2b\x02\xf3\xe1\x40\xe7\xcd\xf2\x8e\xc0\xbb\x33\x04\xce\x0d\xa5\xca\x02\x57\xb6\xd4\x30", 32)) return sectrue;
|
||||
return secfalse;
|
||||
}
|
||||
|
||||
|
Binary file not shown.
@ -54,7 +54,7 @@ int main(void)
|
||||
#if TREZOR_MODEL == T
|
||||
check_and_replace_bootloader();
|
||||
// Enable MPU
|
||||
mpu_config();
|
||||
mpu_config_firmware();
|
||||
#endif
|
||||
|
||||
// Init peripherals
|
||||
|
@ -29,7 +29,8 @@
|
||||
|
||||
#include "stm32f4xx_ll_utils.h"
|
||||
|
||||
void shutdown(void);
|
||||
// from util.s
|
||||
extern void shutdown(void);
|
||||
|
||||
#define COLOR_FATAL_ERROR RGB16(0x7F, 0x00, 0x00)
|
||||
|
||||
@ -115,6 +116,24 @@ void hal_delay(uint32_t ms)
|
||||
HAL_Delay(ms);
|
||||
}
|
||||
|
||||
void delay_random(void)
|
||||
{
|
||||
int wait = rng_get() & 0xff;
|
||||
volatile int i = 0;
|
||||
volatile int j = wait;
|
||||
while (i < wait) {
|
||||
if (i + j != wait) {
|
||||
shutdown();
|
||||
}
|
||||
++i;
|
||||
--j;
|
||||
}
|
||||
// Double-check loop completion.
|
||||
if (i != wait || j != 0) {
|
||||
shutdown();
|
||||
}
|
||||
}
|
||||
|
||||
// reference RM0090 section 35.12.1 Figure 413
|
||||
#define USB_OTG_HS_DATA_FIFO_RAM (USB_OTG_HS_PERIPH_BASE + 0x20000U)
|
||||
#define USB_OTG_HS_DATA_FIFO_SIZE (4096U)
|
||||
|
@ -26,11 +26,14 @@
|
||||
#define XSTR(s) STR(s)
|
||||
#define STR(s) #s
|
||||
|
||||
#ifndef MIN_8bits
|
||||
#define MIN_8bits(a, b) ({ typeof(a) _a = (a); typeof(b) _b = (b); _a < _b ? (_a & 0xFF) : (_b & 0xFF); })
|
||||
#endif
|
||||
#ifndef MIN
|
||||
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
|
||||
#define MIN(a, b) ({ typeof(a) _a = (a); typeof(b) _b = (b); _a < _b ? _a : _b; })
|
||||
#endif
|
||||
#ifndef MAX
|
||||
#define MAX(a, b) (((a) > (b)) ? (a) : (b))
|
||||
#define MAX(a, b) ({ typeof(a) _a = (a); typeof(b) _b = (b); _a > _b ? _a : _b; })
|
||||
#endif
|
||||
|
||||
void __attribute__((noreturn)) __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func);
|
||||
@ -40,6 +43,8 @@ void __attribute__((noreturn)) error_shutdown(const char *line1, const char *lin
|
||||
|
||||
void hal_delay(uint32_t ms);
|
||||
|
||||
void delay_random(void);
|
||||
|
||||
void clear_otg_hs_memory(void);
|
||||
|
||||
extern uint32_t __stack_chk_guard;
|
||||
|
@ -54,6 +54,27 @@ static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = {
|
||||
[24] = 0x08200000, // last element - not a valid sector
|
||||
};
|
||||
|
||||
const uint8_t FIRMWARE_SECTORS [FIRMWARE_SECTORS_COUNT] = {
|
||||
FLASH_SECTOR_FIRMWARE_START,
|
||||
7,
|
||||
8,
|
||||
9,
|
||||
10,
|
||||
FLASH_SECTOR_FIRMWARE_END,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_START,
|
||||
18,
|
||||
19,
|
||||
20,
|
||||
21,
|
||||
22,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_END,
|
||||
};
|
||||
|
||||
const uint8_t STORAGE_SECTORS[STORAGE_SECTORS_COUNT] = {
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
};
|
||||
|
||||
void flash_init(void)
|
||||
{
|
||||
}
|
||||
|
@ -60,6 +60,13 @@
|
||||
// 22
|
||||
#define FLASH_SECTOR_FIRMWARE_EXTRA_END 23
|
||||
|
||||
#define BOOTLOADER_SECTORS_COUNT (1)
|
||||
#define STORAGE_SECTORS_COUNT (2)
|
||||
#define FIRMWARE_SECTORS_COUNT (6 + 7)
|
||||
|
||||
extern const uint8_t STORAGE_SECTORS[STORAGE_SECTORS_COUNT];
|
||||
extern const uint8_t FIRMWARE_SECTORS[FIRMWARE_SECTORS_COUNT];
|
||||
|
||||
// note: FLASH_SR_RDERR is STM32F42xxx and STM32F43xxx specific (STM32F427) (reference RM0090 section 3.7.5)
|
||||
#ifndef STM32F427xx
|
||||
#define FLASH_SR_RDERR 0
|
||||
|
@ -27,9 +27,6 @@
|
||||
#define BOOTLOADER_START 0x08020000
|
||||
#define FIRMWARE_START 0x08040000
|
||||
|
||||
#define BOOTLOADER_SECTORS_COUNT (1)
|
||||
#define FIRMWARE_SECTORS_COUNT (6 + 7)
|
||||
|
||||
#define IMAGE_HEADER_SIZE 0x400
|
||||
#define IMAGE_SIG_SIZE 65
|
||||
#define IMAGE_CHUNK_SIZE (128 * 1024)
|
||||
|
@ -27,48 +27,49 @@
|
||||
|
||||
#define MPU_SUBREGION_DISABLE(X) ((X) << MPU_RASR_SRD_Pos)
|
||||
|
||||
void mpu_config(void)
|
||||
void mpu_config_off(void)
|
||||
{
|
||||
// Disable MPU
|
||||
HAL_MPU_Disable();
|
||||
}
|
||||
|
||||
void mpu_config_bootloader(void)
|
||||
{
|
||||
// Disable MPU
|
||||
HAL_MPU_Disable();
|
||||
|
||||
/*
|
||||
// Boardloader (0x08000000 - 0x0800FFFF, 64 KiB, read-only, execute never)
|
||||
MPU->RBAR = FLASH_BASE | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER0;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_PRIV_RO_URO | MPU_RASR_XN_Msk;
|
||||
*/
|
||||
// Note: later entries overwrite previous ones
|
||||
|
||||
// Bootloader (0x08020000 - 0x0803FFFF, 64 KiB, read-only)
|
||||
MPU->RBAR = FLASH_BASE | 0x20000 | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER0;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_PRIV_RO_URO;
|
||||
// Everything (0x00000000 - 0xFFFFFFFF, 4 GiB, read-write)
|
||||
MPU->RNR = MPU_REGION_NUMBER0;
|
||||
MPU->RBAR = 0;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_4GB | LL_MPU_REGION_FULL_ACCESS;
|
||||
|
||||
// Storage#1 (0x08010000 - 0x0801FFFF, 64 KiB, read-write, execute never)
|
||||
MPU->RBAR = FLASH_BASE | 0x10000 | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER1;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
// Storage#2 (0x08110000 - 0x0811FFFF, 64 KiB, read-write, execute never)
|
||||
MPU->RBAR = FLASH_BASE | 0x110000 | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER2;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
// Flash (0x0800C000 - 0x0800FFFF, 16 KiB, no access)
|
||||
MPU->RNR = MPU_REGION_NUMBER1;
|
||||
MPU->RBAR = FLASH_BASE + 0xC000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_16KB | LL_MPU_REGION_NO_ACCESS;
|
||||
|
||||
// Firmware (0x08040000 - 0x080FFFFF, 6 * 128 KiB = 1024 KiB except 2/8 at start = 768 KiB, read-only)
|
||||
MPU->RBAR = FLASH_BASE | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER3;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_1MB | LL_MPU_REGION_PRIV_RO_URO | MPU_SUBREGION_DISABLE(0x03);
|
||||
|
||||
// Firmware extra (0x08120000 - 0x081FFFFF, 7 * 128 KiB = 1024 KiB except 1/8 at start = 896 KiB, read-only)
|
||||
MPU->RBAR = FLASH_BASE | 0x100000 | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER4;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_1MB | LL_MPU_REGION_PRIV_RO_URO | MPU_SUBREGION_DISABLE(0x01);
|
||||
// Flash (0x0810C000 - 0x0810FFFF, 16 KiB, no access)
|
||||
MPU->RNR = MPU_REGION_NUMBER2;
|
||||
MPU->RBAR = FLASH_BASE + 0x10C000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_16KB | LL_MPU_REGION_NO_ACCESS;
|
||||
|
||||
// SRAM (0x20000000 - 0x2002FFFF, 192 KiB = 256 KiB except 2/8 at end, read-write, execute never)
|
||||
MPU->RBAR = SRAM_BASE | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER5;
|
||||
MPU->RNR = MPU_REGION_NUMBER3;
|
||||
MPU->RBAR = SRAM_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_SRAM | LL_MPU_REGION_SIZE_256KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk | MPU_SUBREGION_DISABLE(0xC0);
|
||||
|
||||
// Peripherals (0x40000000 - 0x5FFFFFFF, read-write, execute never)
|
||||
// External RAM (0x60000000 - 0x7FFFFFFF, read-write, execute never)
|
||||
MPU->RBAR = PERIPH_BASE | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER6;
|
||||
MPU->RNR = MPU_REGION_NUMBER4;
|
||||
MPU->RBAR = PERIPH_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_PERIPH | LL_MPU_REGION_SIZE_1GB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
|
||||
#ifdef STM32F427xx
|
||||
// CCMRAM (0x10000000 - 0x1000FFFF, read-write, execute never)
|
||||
MPU->RBAR = CCMDATARAM_BASE | MPU_RBAR_VALID_Msk | MPU_REGION_NUMBER7;
|
||||
MPU->RNR = MPU_REGION_NUMBER5;
|
||||
MPU->RBAR = CCMDATARAM_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_SRAM | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
#elif STM32F405xx
|
||||
// no CCMRAM
|
||||
@ -77,5 +78,69 @@ void mpu_config(void)
|
||||
#endif
|
||||
|
||||
// Enable MPU
|
||||
HAL_MPU_Enable(0);
|
||||
HAL_MPU_Enable(LL_MPU_CTRL_HARDFAULT_NMI);
|
||||
}
|
||||
|
||||
|
||||
void mpu_config_firmware(void)
|
||||
{
|
||||
// Disable MPU
|
||||
HAL_MPU_Disable();
|
||||
|
||||
// Note: later entries overwrite previous ones
|
||||
|
||||
/*
|
||||
// Boardloader (0x08000000 - 0x0800FFFF, 64 KiB, read-only, execute never)
|
||||
MPU->RBAR = FLASH_BASE | MPU_REGION_NUMBER0;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_PRIV_RO_URO | MPU_RASR_XN_Msk;
|
||||
*/
|
||||
|
||||
// Bootloader (0x08020000 - 0x0803FFFF, 64 KiB, read-only)
|
||||
MPU->RNR = MPU_REGION_NUMBER0;
|
||||
MPU->RBAR = FLASH_BASE + 0x20000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_PRIV_RO_URO;
|
||||
|
||||
// Storage#1 (0x08010000 - 0x0801FFFF, 64 KiB, read-write, execute never)
|
||||
MPU->RNR = MPU_REGION_NUMBER1;
|
||||
MPU->RBAR = FLASH_BASE + 0x10000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
// Storage#2 (0x08110000 - 0x0811FFFF, 64 KiB, read-write, execute never)
|
||||
MPU->RNR = MPU_REGION_NUMBER2;
|
||||
MPU->RBAR = FLASH_BASE + 0x110000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
|
||||
// Firmware (0x08040000 - 0x080FFFFF, 6 * 128 KiB = 1024 KiB except 2/8 at start = 768 KiB, read-only)
|
||||
MPU->RNR = MPU_REGION_NUMBER3;
|
||||
MPU->RBAR = FLASH_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_1MB | LL_MPU_REGION_PRIV_RO_URO | MPU_SUBREGION_DISABLE(0x03);
|
||||
|
||||
// Firmware extra (0x08120000 - 0x081FFFFF, 7 * 128 KiB = 1024 KiB except 1/8 at start = 896 KiB, read-only)
|
||||
MPU->RNR = MPU_REGION_NUMBER4;
|
||||
MPU->RBAR = FLASH_BASE + 0x100000;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_FLASH | LL_MPU_REGION_SIZE_1MB | LL_MPU_REGION_PRIV_RO_URO | MPU_SUBREGION_DISABLE(0x01);
|
||||
|
||||
// SRAM (0x20000000 - 0x2002FFFF, 192 KiB = 256 KiB except 2/8 at end, read-write, execute never)
|
||||
MPU->RNR = MPU_REGION_NUMBER5;
|
||||
MPU->RBAR = SRAM_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_SRAM | LL_MPU_REGION_SIZE_256KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk | MPU_SUBREGION_DISABLE(0xC0);
|
||||
|
||||
// Peripherals (0x40000000 - 0x5FFFFFFF, read-write, execute never)
|
||||
// External RAM (0x60000000 - 0x7FFFFFFF, read-write, execute never)
|
||||
MPU->RNR = MPU_REGION_NUMBER6;
|
||||
MPU->RBAR = PERIPH_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_PERIPH | LL_MPU_REGION_SIZE_1GB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
|
||||
#ifdef STM32F427xx
|
||||
// CCMRAM (0x10000000 - 0x1000FFFF, read-write, execute never)
|
||||
MPU->RNR = MPU_REGION_NUMBER7;
|
||||
MPU->RBAR = CCMDATARAM_BASE;
|
||||
MPU->RASR = MPU_RASR_ENABLE_Msk | MPU_RASR_ATTR_SRAM | LL_MPU_REGION_SIZE_64KB | LL_MPU_REGION_FULL_ACCESS | MPU_RASR_XN_Msk;
|
||||
#elif STM32F405xx
|
||||
// no CCMRAM
|
||||
#else
|
||||
#error Unsupported MCU
|
||||
#endif
|
||||
|
||||
// Enable MPU
|
||||
HAL_MPU_Enable(LL_MPU_CTRL_HARDFAULT_NMI);
|
||||
}
|
||||
|
@ -20,6 +20,8 @@
|
||||
#ifndef __MPU_H__
|
||||
#define __MPU_H__
|
||||
|
||||
void mpu_config(void);
|
||||
void mpu_config_off(void);
|
||||
void mpu_config_bootloader(void);
|
||||
void mpu_config_firmware(void);
|
||||
|
||||
#endif
|
||||
|
@ -79,7 +79,8 @@ void SysTick_Handler(void)
|
||||
uwTick++;
|
||||
}
|
||||
|
||||
void shutdown(void);
|
||||
// from util.s
|
||||
extern void shutdown(void);
|
||||
|
||||
void PVD_IRQHandler(void)
|
||||
{
|
||||
|
@ -314,6 +314,7 @@ static uint8_t usb_class_deinit(USBD_HandleTypeDef *dev, uint8_t cfg_idx) {
|
||||
#define USB_WEBUSB_URL_SCHEME_HTTPS 1
|
||||
|
||||
static uint8_t usb_class_setup(USBD_HandleTypeDef *dev, USBD_SetupReqTypedef *req) {
|
||||
delay_random();
|
||||
if (((req->bmRequest & USB_REQ_TYPE_MASK) != USB_REQ_TYPE_CLASS) &&
|
||||
((req->bmRequest & USB_REQ_TYPE_MASK) != USB_REQ_TYPE_STANDARD) &&
|
||||
((req->bmRequest & USB_REQ_TYPE_MASK) != USB_REQ_TYPE_VENDOR)) {
|
||||
@ -330,7 +331,7 @@ static uint8_t usb_class_setup(USBD_HandleTypeDef *dev, USBD_SetupReqTypedef *re
|
||||
USB_WEBUSB_URL_SCHEME_HTTPS, // uint8_t bScheme
|
||||
't', 'r', 'e', 'z', 'o', 'r', '.', 'i', 'o', '/', 's', 't', 'a', 'r', 't', // char URL[]
|
||||
};
|
||||
USBD_CtlSendData(dev, UNCONST(webusb_url), MIN(req->wLength, sizeof(webusb_url)));
|
||||
USBD_CtlSendData(dev, UNCONST(webusb_url), MIN_8bits(req->wLength, sizeof(webusb_url)));
|
||||
return USBD_OK;
|
||||
} else {
|
||||
USBD_CtlError(dev, req);
|
||||
@ -354,7 +355,7 @@ static uint8_t usb_class_setup(USBD_HandleTypeDef *dev, USBD_SetupReqTypedef *re
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // subCompatibleId
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // reserved
|
||||
};
|
||||
USBD_CtlSendData(dev, UNCONST(winusb_wcid), MIN(req->wLength, sizeof(winusb_wcid)));
|
||||
USBD_CtlSendData(dev, UNCONST(winusb_wcid), MIN_8bits(req->wLength, sizeof(winusb_wcid)));
|
||||
return USBD_OK;
|
||||
} else {
|
||||
USBD_CtlError(dev, req);
|
||||
@ -380,7 +381,7 @@ static uint8_t usb_class_setup(USBD_HandleTypeDef *dev, USBD_SetupReqTypedef *re
|
||||
0x50, 0x00, 0x00, 0x00, // dwPropertyDataLength
|
||||
'{', 0x00, 'c', 0x00, '6', 0x00, 'c', 0x00, '3', 0x00, '7', 0x00, '4', 0x00, 'a', 0x00, '6', 0x00, '-', 0x00, '2', 0x00, '2', 0x00, '8', 0x00, '5', 0x00, '-', 0x00, '4', 0x00, 'c', 0x00, 'b', 0x00, '8', 0x00, '-', 0x00, 'a', 0x00, 'b', 0x00, '4', 0x00, '3', 0x00, '-', 0x00, '1', 0x00, '7', 0x00, '6', 0x00, '4', 0x00, '7', 0x00, 'c', 0x00, 'e', 0x00, 'a', 0x00, '5', 0x00, '0', 0x00, '3', 0x00, 'd', 0x00, '}', 0x00, 0x00, 0x00, 0x00, 0x00, // propertyData
|
||||
};
|
||||
USBD_CtlSendData(dev, UNCONST(winusb_guid), MIN(req->wLength, sizeof(winusb_guid)));
|
||||
USBD_CtlSendData(dev, UNCONST(winusb_guid), MIN_8bits(req->wLength, sizeof(winusb_guid)));
|
||||
return USBD_OK;
|
||||
} else {
|
||||
USBD_CtlError(dev, req);
|
||||
@ -410,6 +411,7 @@ static uint8_t usb_class_setup(USBD_HandleTypeDef *dev, USBD_SetupReqTypedef *re
|
||||
}
|
||||
|
||||
static uint8_t usb_class_data_in(USBD_HandleTypeDef *dev, uint8_t ep_num) {
|
||||
delay_random();
|
||||
for (int i = 0; i < USBD_MAX_NUM_INTERFACES; i++) {
|
||||
switch (usb_ifaces[i].type) {
|
||||
case USB_IFACE_TYPE_HID:
|
||||
@ -429,6 +431,7 @@ static uint8_t usb_class_data_in(USBD_HandleTypeDef *dev, uint8_t ep_num) {
|
||||
}
|
||||
|
||||
static uint8_t usb_class_data_out(USBD_HandleTypeDef *dev, uint8_t ep_num) {
|
||||
delay_random();
|
||||
for (int i = 0; i < USBD_MAX_NUM_INTERFACES; i++) {
|
||||
switch (usb_ifaces[i].type) {
|
||||
case USB_IFACE_TYPE_HID:
|
||||
@ -448,6 +451,7 @@ static uint8_t usb_class_data_out(USBD_HandleTypeDef *dev, uint8_t ep_num) {
|
||||
}
|
||||
|
||||
static uint8_t usb_class_sof(USBD_HandleTypeDef *dev) {
|
||||
delay_random();
|
||||
for (int i = 0; i < USBD_MAX_NUM_INTERFACES; i++) {
|
||||
switch (usb_ifaces[i].type) {
|
||||
case USB_IFACE_TYPE_VCP:
|
||||
|
@ -254,7 +254,6 @@ static void usb_hid_class_deinit(USBD_HandleTypeDef *dev, usb_hid_state_t *state
|
||||
}
|
||||
|
||||
static int usb_hid_class_setup(USBD_HandleTypeDef *dev, usb_hid_state_t *state, USBD_SetupReqTypedef *req) {
|
||||
|
||||
switch (req->bmRequest & USB_REQ_TYPE_MASK) {
|
||||
|
||||
// Class request
|
||||
@ -302,11 +301,11 @@ static int usb_hid_class_setup(USBD_HandleTypeDef *dev, usb_hid_state_t *state,
|
||||
switch (req->wValue >> 8) {
|
||||
|
||||
case USB_DESC_TYPE_HID:
|
||||
USBD_CtlSendData(dev, UNCONST(&state->desc_block->hid), MIN(req->wLength, sizeof(state->desc_block->hid)));
|
||||
USBD_CtlSendData(dev, UNCONST(&state->desc_block->hid), MIN_8bits(req->wLength, sizeof(state->desc_block->hid)));
|
||||
return USBD_OK;
|
||||
|
||||
case USB_DESC_TYPE_REPORT:
|
||||
USBD_CtlSendData(dev, UNCONST(state->report_desc), MIN(req->wLength, state->report_desc_len));
|
||||
USBD_CtlSendData(dev, UNCONST(state->report_desc), MIN_8bits(req->wLength, state->report_desc_len));
|
||||
return USBD_OK;
|
||||
|
||||
default:
|
||||
|
@ -364,13 +364,13 @@ static int usb_vcp_class_setup(USBD_HandleTypeDef *dev, usb_vcp_state_t *state,
|
||||
|
||||
if ((req->bmRequest & USB_REQ_DIR_MASK) == USB_REQ_DIR_D2H) {
|
||||
if (req->bRequest == USB_CDC_GET_LINE_CODING) {
|
||||
USBD_CtlSendData(dev, UNCONST(&line_coding), MIN(req->wLength, sizeof(line_coding)));
|
||||
USBD_CtlSendData(dev, UNCONST(&line_coding), MIN_8bits(req->wLength, sizeof(line_coding)));
|
||||
} else {
|
||||
USBD_CtlSendData(dev, state->cmd_buffer, MIN(req->wLength, USB_CDC_MAX_CMD_PACKET_LEN));
|
||||
USBD_CtlSendData(dev, state->cmd_buffer, MIN_8bits(req->wLength, USB_CDC_MAX_CMD_PACKET_LEN));
|
||||
}
|
||||
} else { // USB_REQ_DIR_H2D
|
||||
if (req->wLength > 0) {
|
||||
USBD_CtlPrepareRx(dev, state->cmd_buffer, MIN(req->wLength, USB_CDC_MAX_CMD_PACKET_LEN));
|
||||
USBD_CtlPrepareRx(dev, state->cmd_buffer, MIN_8bits(req->wLength, USB_CDC_MAX_CMD_PACKET_LEN));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -263,9 +263,12 @@ typedef struct _USBD_HandleTypeDef
|
||||
|
||||
#define LOBYTE(x) ((uint8_t)(x & 0x00FF))
|
||||
#define HIBYTE(x) ((uint8_t)((x & 0xFF00) >>8))
|
||||
#ifndef MIN
|
||||
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
|
||||
#endif
|
||||
#ifndef MAX
|
||||
#define MAX(a, b) (((a) > (b)) ? (a) : (b))
|
||||
|
||||
#endif
|
||||
|
||||
#if defined ( __GNUC__ )
|
||||
#ifndef __weak
|
||||
|
@ -27,10 +27,10 @@
|
||||
#define STR(s) #s
|
||||
|
||||
#ifndef MIN
|
||||
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
|
||||
#define MIN(a, b) ({ typeof(a) _a = (a); typeof(b) _b = (b); _a < _b ? _a : _b; })
|
||||
#endif
|
||||
#ifndef MAX
|
||||
#define MAX(a, b) (((a) > (b)) ? (a) : (b))
|
||||
#define MAX(a, b) ({ typeof(a) _a = (a); typeof(b) _b = (b); _a > _b ? _a : _b; })
|
||||
#endif
|
||||
|
||||
void __attribute__((noreturn)) __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func);
|
||||
|
@ -62,6 +62,27 @@ static const uint32_t FLASH_SECTOR_TABLE[FLASH_SECTOR_COUNT + 1] = {
|
||||
[24] = 0x08200000, // last element - not a valid sector
|
||||
};
|
||||
|
||||
const uint8_t FIRMWARE_SECTORS[FIRMWARE_SECTORS_COUNT] = {
|
||||
FLASH_SECTOR_FIRMWARE_START,
|
||||
7,
|
||||
8,
|
||||
9,
|
||||
10,
|
||||
FLASH_SECTOR_FIRMWARE_END,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_START,
|
||||
18,
|
||||
19,
|
||||
20,
|
||||
21,
|
||||
22,
|
||||
FLASH_SECTOR_FIRMWARE_EXTRA_END,
|
||||
};
|
||||
|
||||
const uint8_t STORAGE_SECTORS[STORAGE_SECTORS_COUNT] = {
|
||||
FLASH_SECTOR_STORAGE_1,
|
||||
FLASH_SECTOR_STORAGE_2,
|
||||
};
|
||||
|
||||
static uint8_t *FLASH_BUFFER;
|
||||
static uint32_t FLASH_SIZE;
|
||||
|
||||
|
@ -36,6 +36,17 @@ async def request_pin(
|
||||
c.taint()
|
||||
c.render()
|
||||
|
||||
c = dialog.confirm
|
||||
if matrix.pin:
|
||||
if not c.is_enabled():
|
||||
c.enable()
|
||||
c.taint()
|
||||
else:
|
||||
if c.is_enabled():
|
||||
c.disable()
|
||||
c.taint()
|
||||
c.render()
|
||||
|
||||
if label is None:
|
||||
label = "Enter your PIN"
|
||||
sublabel = None
|
||||
@ -59,6 +70,8 @@ async def request_pin(
|
||||
else:
|
||||
result = await dialog
|
||||
if result == CONFIRMED:
|
||||
if not matrix.pin:
|
||||
continue
|
||||
return matrix.pin
|
||||
elif matrix.pin: # reset
|
||||
matrix.change("")
|
||||
|
@ -195,7 +195,7 @@ def init_unlocked():
|
||||
counter = config.get(_APP, _U2F_COUNTER)
|
||||
if counter is not None:
|
||||
config.set_counter(
|
||||
_APP, _U2F_COUNTER, counter, True
|
||||
_APP, _U2F_COUNTER, int.from_bytes(counter, "big"), True
|
||||
) # writable when locked
|
||||
config.delete(_APP, _U2F_COUNTER)
|
||||
config.set(_APP, _VERSION, _STORAGE_VERSION)
|
||||
|
@ -353,7 +353,7 @@ class ConfirmState:
|
||||
return False
|
||||
return True
|
||||
|
||||
def setup(self, action: int, checksum: bytes, app_id: bytes) -> None:
|
||||
def setup(self, action: int, checksum: bytes, app_id: bytes) -> bool:
|
||||
if workflow.workflows:
|
||||
return False
|
||||
|
||||
@ -379,6 +379,10 @@ class ConfirmState:
|
||||
|
||||
@ui.layout
|
||||
async def confirm_layout(self) -> None:
|
||||
workflow.fido_u2f_stop_signal.reset()
|
||||
await loop.spawn(self.confirm_layout_inner(), workflow.fido_u2f_stop_signal)
|
||||
|
||||
async def confirm_layout_inner(self) -> None:
|
||||
from trezor.ui.confirm import ConfirmDialog, CONFIRMED
|
||||
from trezor.ui.text import Text
|
||||
|
||||
|
@ -17,6 +17,8 @@ async def change_pin(ctx, msg):
|
||||
# get current pin, return failure if invalid
|
||||
if config.has_pin():
|
||||
curpin = await request_pin_ack(ctx, "Enter old PIN", config.get_pin_rem())
|
||||
# if removing, defer check to change_pin()
|
||||
if not msg.remove:
|
||||
if not config.check_pin(pin_to_int(curpin)):
|
||||
raise wire.PinInvalid("PIN invalid")
|
||||
else:
|
||||
|
@ -57,6 +57,8 @@ async def recovery_device(ctx, msg):
|
||||
# ask for pin repeatedly
|
||||
if msg.pin_protection:
|
||||
newpin = await request_pin_confirm(ctx, cancellable=False)
|
||||
else:
|
||||
newpin = ""
|
||||
|
||||
# dry run
|
||||
if msg.dry_run:
|
||||
@ -72,7 +74,7 @@ async def recovery_device(ctx, msg):
|
||||
)
|
||||
|
||||
# save into storage
|
||||
if msg.pin_protection:
|
||||
if newpin:
|
||||
config.change_pin(pin_to_int(""), pin_to_int(newpin))
|
||||
storage.set_u2f_counter(msg.u2f_counter)
|
||||
storage.load_settings(label=msg.label, use_passphrase=msg.passphrase_protection)
|
||||
|
@ -73,6 +73,7 @@ async def reset_device(ctx, msg):
|
||||
await show_wrong_entry(ctx)
|
||||
|
||||
# write PIN into storage
|
||||
if newpin:
|
||||
if not config.change_pin(pin_to_int(""), pin_to_int(newpin)):
|
||||
raise wire.ProcessError("Could not change PIN")
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
from trezor import ui, wire
|
||||
from trezor import wire
|
||||
from trezor.messages.MessageType import TxAck
|
||||
from trezor.messages.RequestType import TXFINISHED
|
||||
from trezor.messages.TxRequest import TxRequest
|
||||
@ -16,7 +16,6 @@ from apps.wallet.sign_tx import (
|
||||
)
|
||||
|
||||
|
||||
@ui.layout
|
||||
async def sign_tx(ctx, msg, keychain):
|
||||
signer = signing.sign_tx(msg, keychain)
|
||||
|
||||
|
@ -185,6 +185,9 @@ class signal(Syscall):
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
self.reset()
|
||||
|
||||
def reset(self):
|
||||
self.value = _NO_VALUE
|
||||
self.task = None
|
||||
|
||||
|
@ -5,11 +5,11 @@ def pin_to_int(pin: str) -> int:
|
||||
return int("1" + pin)
|
||||
|
||||
|
||||
def show_pin_timeout(seconds: int, progress: int) -> bool:
|
||||
def show_pin_timeout(seconds: int, progress: int, message: str) -> bool:
|
||||
if progress == 0:
|
||||
ui.display.bar(0, 0, ui.WIDTH, ui.HEIGHT, ui.BG)
|
||||
ui.display.text_center(
|
||||
ui.WIDTH // 2, 37, "Verifying PIN", ui.BOLD, ui.FG, ui.BG, ui.WIDTH
|
||||
ui.WIDTH // 2, 37, message, ui.BOLD, ui.FG, ui.BG, ui.WIDTH
|
||||
)
|
||||
ui.display.loader(progress, 0, ui.FG, ui.BG)
|
||||
if seconds == 0:
|
||||
|
@ -36,6 +36,9 @@ class Button(Widget):
|
||||
self.state = BTN_DISABLED
|
||||
self.tainted = True
|
||||
|
||||
def is_enabled(self):
|
||||
return self.state != BTN_DISABLED
|
||||
|
||||
def render(self):
|
||||
if not self.tainted:
|
||||
return
|
||||
|
@ -5,6 +5,9 @@ layouts = []
|
||||
default = None
|
||||
default_layout = None
|
||||
|
||||
# HACK: workaround way to stop the u2f layout from the outside
|
||||
fido_u2f_stop_signal = loop.signal()
|
||||
|
||||
|
||||
def onstart(w):
|
||||
workflows.append(w)
|
||||
@ -44,6 +47,7 @@ def restartdefault():
|
||||
def onlayoutstart(l):
|
||||
closedefault()
|
||||
layouts.append(l)
|
||||
fido_u2f_stop_signal.send(None)
|
||||
|
||||
|
||||
def onlayoutclose(l):
|
||||
|
2
vendor/trezor-crypto
vendored
2
vendor/trezor-crypto
vendored
@ -1 +1 @@
|
||||
Subproject commit 21391dc5be9917bc32a518cf98376f79103727af
|
||||
Subproject commit 4211ce389f6795d844809b0ba66a84082038ca04
|
2
vendor/trezor-storage
vendored
2
vendor/trezor-storage
vendored
@ -1 +1 @@
|
||||
Subproject commit e55737c4b1648c619d654eb25fa06fe381c5a1d4
|
||||
Subproject commit 511fc205b284605651348512c5c5c2c95a642fa1
|
Loading…
Reference in New Issue
Block a user