arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-18 05:28:40 +00:00
Code Issues Releases Wiki Activity

core: use wire.PinCancelled/PinInvalid instead of custom versions

Browse Source 
also refactor show_pin_invalid and its usages so that it raises directly

note that we are now using PinCancelled instead of ActionCancelled where
appropriate
This commit is contained in:
matejcik 2020-04-21 14:31:24 +02:00 committed by matejcik
parent eabfcab9b9
commit 8ca7ffc3b8
7 changed files with 33 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
core/src/apps/common/request_pin.py
View File

@ -10,20 +10,12 @@ from trezor.ui.text import Text
from apps.common.sdcard import SdCardUnavailable, request_sd_salt from apps.common.sdcard import SdCardUnavailable, request_sd_salt
if False: if False:
from typing import Any, Optional, Tuple from typing import Any, NoReturn, Optional, Tuple
if __debug__: if __debug__:
from apps.debug import input_signal from apps.debug import input_signal
class PinCancelled(Exception):
pass
class PinInvalid(Exception):
pass
async def request_pin( async def request_pin(
prompt: str = "Enter your PIN", prompt: str = "Enter your PIN",
attempts_remaining: int = None, attempts_remaining: int = None,
@ -44,19 +36,16 @@ async def request_pin(
else: else:
pin = await dialog pin = await dialog
if pin is CANCELLED: if pin is CANCELLED:
raise PinCancelled raise wire.PinCancelled
assert isinstance(pin, str) assert isinstance(pin, str)
return pin return pin
async def request_pin_ack(ctx: wire.Context, *args: Any, **kwargs: Any) -> str: async def request_pin_ack(ctx: wire.Context, *args: Any, **kwargs: Any) -> str:
try: await ctx.call(ButtonRequest(code=ButtonRequestType.Other), ButtonAck)
await ctx.call(ButtonRequest(code=ButtonRequestType.Other), ButtonAck) pin = await ctx.wait(request_pin(*args, **kwargs))
pin = await ctx.wait(request_pin(*args, **kwargs)) assert isinstance(pin, str)
assert isinstance(pin, str) return pin
return pin
except PinCancelled:
raise wire.ActionCancelled("Cancelled")
async def request_pin_confirm(ctx: wire.Context, *args: Any, **kwargs: Any) -> str: async def request_pin_confirm(ctx: wire.Context, *args: Any, **kwargs: Any) -> str:
@ -103,7 +92,7 @@ async def verify_user_pin(
try: try:
salt = await request_sd_salt() salt = await request_sd_salt()
except SdCardUnavailable: except SdCardUnavailable:
raise PinCancelled raise wire.PinCancelled("SD salt is unavailable")
if config.unlock(pin_to_int(pin), salt): if config.unlock(pin_to_int(pin), salt):
return return
elif not config.has_pin(): elif not config.has_pin():
@ -116,20 +105,22 @@ async def verify_user_pin(
if config.unlock(pin_to_int(pin), salt): if config.unlock(pin_to_int(pin), salt):
return return
raise PinInvalid raise wire.PinInvalid
async def show_pin_invalid(ctx: wire.Context) -> None: async def error_pin_invalid(ctx: wire.Context) -> NoReturn:
from apps.common.confirm import confirm from apps.common.confirm import confirm
text = Text("Wrong PIN", ui.ICON_WRONG, ui.RED) text = Text("Wrong PIN", ui.ICON_WRONG, ui.RED)
text.normal("The PIN you entered is", "invalid.") text.normal("The PIN you entered is", "invalid.")
await confirm(ctx, text, confirm=None, cancel="Close") await confirm(ctx, text, confirm=None, cancel="Close")
raise wire.PinInvalid
async def show_pin_matches_wipe_code(ctx: wire.Context) -> None: async def error_pin_matches_wipe_code(ctx: wire.Context) -> NoReturn:
from apps.common.confirm import confirm from apps.common.confirm import confirm
text = Text("Invalid PIN", ui.ICON_WRONG, ui.RED) text = Text("Invalid PIN", ui.ICON_WRONG, ui.RED)
text.normal("The new PIN must be", "different from your", "wipe code.") text.normal("The new PIN must be", "different from your", "wipe code.")
await confirm(ctx, text, confirm=None, cancel="Close") await confirm(ctx, text, confirm=None, cancel="Close")
raise wire.PinInvalid

12
core/src/apps/management/change_pin.py
View File

@ -7,10 +7,10 @@ from trezor.ui.text import Text
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.layout import show_success from apps.common.layout import show_success
from apps.common.request_pin import ( from apps.common.request_pin import (
error_pin_invalid,
error_pin_matches_wipe_code,
request_pin_and_sd_salt, request_pin_and_sd_salt,
request_pin_confirm, request_pin_confirm,
show_pin_invalid,
show_pin_matches_wipe_code,
) )
if False: if False:
@ -30,8 +30,7 @@ async def change_pin(ctx: wire.Context, msg: ChangePin) -> Success:
# if changing pin, pre-check the entered pin before getting new pin # if changing pin, pre-check the entered pin before getting new pin
if curpin and not msg.remove: if curpin and not msg.remove:
if not config.check_pin(pin_to_int(curpin), salt): if not config.check_pin(pin_to_int(curpin), salt):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
# get new pin # get new pin
if not msg.remove: if not msg.remove:
@ -42,10 +41,9 @@ async def change_pin(ctx: wire.Context, msg: ChangePin) -> Success:
# write into storage # write into storage
if not config.change_pin(pin_to_int(curpin), pin_to_int(newpin), salt, salt): if not config.change_pin(pin_to_int(curpin), pin_to_int(newpin), salt, salt):
if newpin: if newpin:
await show_pin_matches_wipe_code(ctx) await error_pin_matches_wipe_code(ctx)
else: else:
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
if newpin: if newpin:
if curpin: if curpin:

8
core/src/apps/management/change_wipe_code.py
View File

@ -8,9 +8,9 @@ from trezor.ui.text import Text
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.layout import show_success from apps.common.layout import show_success
from apps.common.request_pin import ( from apps.common.request_pin import (
error_pin_invalid,
request_pin_ack, request_pin_ack,
request_pin_and_sd_salt, request_pin_and_sd_salt,
show_pin_invalid,
) )
if False: if False:
@ -31,8 +31,7 @@ async def change_wipe_code(ctx: wire.Context, msg: ChangeWipeCode) -> Success:
if not msg.remove: if not msg.remove:
# Pre-check the entered PIN. # Pre-check the entered PIN.
if config.has_pin() and not config.check_pin(pin_to_int(pin), salt): if config.has_pin() and not config.check_pin(pin_to_int(pin), salt):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
# Get new wipe code. # Get new wipe code.
wipe_code = await _request_wipe_code_confirm(ctx, pin) wipe_code = await _request_wipe_code_confirm(ctx, pin)
@ -41,8 +40,7 @@ async def change_wipe_code(ctx: wire.Context, msg: ChangeWipeCode) -> Success:
# Write into storage. # Write into storage.
if not config.change_wipe_code(pin_to_int(pin), salt, pin_to_int(wipe_code)): if not config.change_wipe_code(pin_to_int(pin), salt, pin_to_int(wipe_code)):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
if wipe_code: if wipe_code:
if has_wipe_code: if has_wipe_code:

5
core/src/apps/management/recovery_device/__init__.py
View File

@ -9,9 +9,9 @@ from trezor.ui.text import Text
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.request_pin import ( from apps.common.request_pin import (
error_pin_invalid,
request_pin_and_sd_salt, request_pin_and_sd_salt,
request_pin_confirm, request_pin_confirm,
show_pin_invalid,
) )
from apps.management.recovery_device.homescreen import ( from apps.management.recovery_device.homescreen import (
recovery_homescreen, recovery_homescreen,
@ -46,8 +46,7 @@ async def recovery_device(ctx: wire.Context, msg: RecoveryDevice) -> Success:
if msg.dry_run: if msg.dry_run:
curpin, salt = await request_pin_and_sd_salt(ctx, "Enter PIN") curpin, salt = await request_pin_and_sd_salt(ctx, "Enter PIN")
if not config.check_pin(pin_to_int(curpin), salt): if not config.check_pin(pin_to_int(curpin), salt):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
if not msg.dry_run: if not msg.dry_run:
# set up pin if requested # set up pin if requested

11
core/src/apps/management/sd_protect.py
View File

@ -10,9 +10,9 @@ from trezor.ui.text import Text
from apps.common.confirm import require_confirm from apps.common.confirm import require_confirm
from apps.common.layout import show_success from apps.common.layout import show_success
from apps.common.request_pin import ( from apps.common.request_pin import (
error_pin_invalid,
request_pin_ack, request_pin_ack,
request_pin_and_sd_salt, request_pin_and_sd_salt,
show_pin_invalid,
) )
from apps.common.sdcard import ensure_sdcard, sd_problem_dialog from apps.common.sdcard import ensure_sdcard, sd_problem_dialog
@ -83,8 +83,7 @@ async def sd_protect_enable(ctx: wire.Context, msg: SdProtect) -> Success:
# SD-protection. If it fails for any reason, we suppress the # SD-protection. If it fails for any reason, we suppress the
# exception, because primarily we need to raise wire.PinInvalid. # exception, because primarily we need to raise wire.PinInvalid.
pass pass
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
storage.device.set_sd_salt_auth_key(salt_auth_key) storage.device.set_sd_salt_auth_key(salt_auth_key)
@ -107,8 +106,7 @@ async def sd_protect_disable(ctx: wire.Context, msg: SdProtect) -> Success:
# Check PIN and remove salt. # Check PIN and remove salt.
if not config.change_pin(pin_to_int(pin), pin_to_int(pin), salt, None): if not config.change_pin(pin_to_int(pin), pin_to_int(pin), salt, None):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
storage.device.set_sd_salt_auth_key(None) storage.device.set_sd_salt_auth_key(None)
@ -143,8 +141,7 @@ async def sd_protect_refresh(ctx: wire.Context, msg: SdProtect) -> Success:
await _set_salt(ctx, new_salt, new_salt_tag, stage=True) await _set_salt(ctx, new_salt, new_salt_tag, stage=True)
if not config.change_pin(pin_to_int(pin), pin_to_int(pin), old_salt, new_salt): if not config.change_pin(pin_to_int(pin), pin_to_int(pin), old_salt, new_salt):
await show_pin_invalid(ctx) await error_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
storage.device.set_sd_salt_auth_key(new_auth_key) storage.device.set_sd_salt_auth_key(new_auth_key)

3
core/src/apps/webauthn/fido2.py
View File

@ -576,7 +576,8 @@ class KeepaliveCallback:
async def verify_user(keepalive_callback: KeepaliveCallback) -> bool: async def verify_user(keepalive_callback: KeepaliveCallback) -> bool:
from apps.common.request_pin import verify_user_pin, PinCancelled, PinInvalid from trezor.wire import PinCancelled, PinInvalid
from apps.common.request_pin import verify_user_pin
import trezor.pin import trezor.pin
try: try:

11
core/src/boot.py
View File

@ -1,10 +1,10 @@
import storage import storage
import storage.device import storage.device
import storage.sd_salt import storage.sd_salt
from trezor import config, log, loop, res, ui, utils from trezor import config, log, loop, res, ui, utils, wire
from trezor.pin import show_pin_timeout from trezor.pin import show_pin_timeout
from apps.common.request_pin import PinCancelled, verify_user_pin from apps.common.request_pin import verify_user_pin
async def bootscreen() -> None: async def bootscreen() -> None:
@ -16,12 +16,11 @@ async def bootscreen() -> None:
await verify_user_pin() await verify_user_pin()
storage.init_unlocked() storage.init_unlocked()
return return
except PinCancelled as e: except wire.PinCancelled:
# verify_user_pin will convert a SdCardUnavailable (in case of sd salt) # verify_user_pin will convert a SdCardUnavailable (in case of sd salt)
# to PinCancelled exception. # to PinCancelled exception.
# log the exception and retry loop # Ignore exception, retry loop.
if __debug__: pass
log.exception(__name__, e)
except BaseException as e: except BaseException as e:
# other exceptions here are unexpected and should halt the device # other exceptions here are unexpected and should halt the device
if __debug__: if __debug__: