mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-12 08:20:56 +00:00
core: Allow PIN entry even when SD protect is enabled and the card is not present.
This commit is contained in:
parent
bfd834d1de
commit
8ee0026637
@ -80,33 +80,41 @@ async def pin_mismatch() -> None:
|
|||||||
async def request_pin_and_sd_salt(
|
async def request_pin_and_sd_salt(
|
||||||
ctx: wire.Context, prompt: str = "Enter your PIN", allow_cancel: bool = True
|
ctx: wire.Context, prompt: str = "Enter your PIN", allow_cancel: bool = True
|
||||||
) -> Tuple[str, Optional[bytearray]]:
|
) -> Tuple[str, Optional[bytearray]]:
|
||||||
salt = await request_sd_salt(ctx)
|
|
||||||
|
|
||||||
if config.has_pin():
|
if config.has_pin():
|
||||||
pin = await request_pin_ack(ctx, prompt, config.get_pin_rem(), allow_cancel)
|
pin = await request_pin_ack(ctx, prompt, config.get_pin_rem(), allow_cancel)
|
||||||
|
config.ensure_not_wipe_code(pin_to_int(pin))
|
||||||
else:
|
else:
|
||||||
pin = ""
|
pin = ""
|
||||||
|
|
||||||
|
salt = await request_sd_salt(ctx)
|
||||||
|
|
||||||
return pin, salt
|
return pin, salt
|
||||||
|
|
||||||
|
|
||||||
async def verify_user_pin(
|
async def verify_user_pin(
|
||||||
prompt: str = "Enter your PIN", allow_cancel: bool = True, retry: bool = True
|
prompt: str = "Enter your PIN", allow_cancel: bool = True, retry: bool = True
|
||||||
) -> None:
|
) -> None:
|
||||||
|
if config.has_pin():
|
||||||
|
pin = await request_pin(prompt, config.get_pin_rem(), allow_cancel)
|
||||||
|
config.ensure_not_wipe_code(pin_to_int(pin))
|
||||||
|
else:
|
||||||
|
pin = ""
|
||||||
|
|
||||||
try:
|
try:
|
||||||
salt = await request_sd_salt()
|
salt = await request_sd_salt()
|
||||||
except SdCardUnavailable:
|
except SdCardUnavailable:
|
||||||
raise PinCancelled
|
raise PinCancelled
|
||||||
|
if config.unlock(pin_to_int(pin), salt):
|
||||||
if not config.has_pin() and not config.check_pin(pin_to_int(""), salt):
|
return
|
||||||
|
elif not config.has_pin():
|
||||||
raise RuntimeError
|
raise RuntimeError
|
||||||
|
|
||||||
while retry:
|
while retry:
|
||||||
pin = await request_pin(prompt, config.get_pin_rem(), allow_cancel)
|
pin = await request_pin(
|
||||||
if config.check_pin(pin_to_int(pin), salt):
|
"Wrong PIN, enter again", config.get_pin_rem(), allow_cancel
|
||||||
|
)
|
||||||
|
if config.unlock(pin_to_int(pin), salt):
|
||||||
return
|
return
|
||||||
else:
|
|
||||||
prompt = "Wrong PIN, enter again"
|
|
||||||
|
|
||||||
raise PinInvalid
|
raise PinInvalid
|
||||||
|
|
||||||
|
@ -2,36 +2,21 @@ import storage
|
|||||||
import storage.device
|
import storage.device
|
||||||
import storage.sd_salt
|
import storage.sd_salt
|
||||||
from trezor import config, log, loop, res, ui, utils
|
from trezor import config, log, loop, res, ui, utils
|
||||||
from trezor.pin import pin_to_int, show_pin_timeout
|
from trezor.pin import show_pin_timeout
|
||||||
|
|
||||||
from apps.common.request_pin import PinCancelled, request_pin
|
from apps.common.request_pin import PinCancelled, verify_user_pin
|
||||||
from apps.common.sdcard import SdCardUnavailable, request_sd_salt
|
|
||||||
|
|
||||||
|
|
||||||
async def bootscreen() -> None:
|
async def bootscreen() -> None:
|
||||||
ui.display.orientation(storage.device.get_rotation())
|
ui.display.orientation(storage.device.get_rotation())
|
||||||
|
|
||||||
while True:
|
while True:
|
||||||
try:
|
try:
|
||||||
if storage.sd_salt.is_enabled() or config.has_pin():
|
if storage.sd_salt.is_enabled() or config.has_pin():
|
||||||
await lockscreen()
|
await lockscreen()
|
||||||
|
await verify_user_pin()
|
||||||
salt = await request_sd_salt()
|
|
||||||
|
|
||||||
if not config.has_pin():
|
|
||||||
config.unlock(pin_to_int(""), salt)
|
|
||||||
storage.init_unlocked()
|
storage.init_unlocked()
|
||||||
return
|
return
|
||||||
|
except (OSError, PinCancelled) as e:
|
||||||
label = "Enter your PIN"
|
|
||||||
while True:
|
|
||||||
pin = await request_pin(label, config.get_pin_rem())
|
|
||||||
if config.unlock(pin_to_int(pin), salt):
|
|
||||||
storage.init_unlocked()
|
|
||||||
return
|
|
||||||
else:
|
|
||||||
label = "Wrong PIN, enter again"
|
|
||||||
except (OSError, PinCancelled, SdCardUnavailable) as e:
|
|
||||||
if __debug__:
|
if __debug__:
|
||||||
log.exception(__name__, e)
|
log.exception(__name__, e)
|
||||||
except BaseException as e:
|
except BaseException as e:
|
||||||
|
@ -97,6 +97,10 @@ def test_sd_protect_unlock(client):
|
|||||||
assert "Change PIN" in client.debug.wait_layout().text
|
assert "Change PIN" in client.debug.wait_layout().text
|
||||||
client.debug.press_yes()
|
client.debug.press_yes()
|
||||||
|
|
||||||
|
yield # enter current PIN
|
||||||
|
assert "PinDialog" == client.debug.wait_layout().text
|
||||||
|
client.debug.input("1234")
|
||||||
|
|
||||||
yield # SD card problem
|
yield # SD card problem
|
||||||
assert "SD card problem" in client.debug.wait_layout().text
|
assert "SD card problem" in client.debug.wait_layout().text
|
||||||
client.debug.press_yes() # retry
|
client.debug.press_yes() # retry
|
||||||
|
@ -384,7 +384,7 @@
|
|||||||
"test_reset_backup.py::test_skip_backup_msg[2-backup_flow_slip39_advanced]": "25a4e8a2ca91518b481538c7c9e70e1769f1aa26c85455bfaadf33c47ae185c2",
|
"test_reset_backup.py::test_skip_backup_msg[2-backup_flow_slip39_advanced]": "25a4e8a2ca91518b481538c7c9e70e1769f1aa26c85455bfaadf33c47ae185c2",
|
||||||
"test_sdcard.py::test_sd_format": "6bb7486932a5d38cdbb9b1368ee92aca3fad384115c744feadfade80c1605dd8",
|
"test_sdcard.py::test_sd_format": "6bb7486932a5d38cdbb9b1368ee92aca3fad384115c744feadfade80c1605dd8",
|
||||||
"test_sdcard.py::test_sd_no_format": "f47e897caee95cf98c1b4506732825f853c4b8afcdc2713e38e3b4055973c9ac",
|
"test_sdcard.py::test_sd_no_format": "f47e897caee95cf98c1b4506732825f853c4b8afcdc2713e38e3b4055973c9ac",
|
||||||
"test_sdcard.py::test_sd_protect_unlock": "ff6ab20979234230a6f4d67d7ff3a7ed3ddc536e1a8b8ad6a2c693b48e0006a9",
|
"test_sdcard.py::test_sd_protect_unlock": "23fdb2acb8d19edcca95d90512d53aea6c9d42d8bfb8712af5f7f0ef9fbed72d",
|
||||||
"test_u2f_counter.py::test_u2f_counter": "7d96a4d262b9d8a2c1158ac1e5f0f7b2c3ed5f2ba9d6235a014320313f9488fe",
|
"test_u2f_counter.py::test_u2f_counter": "7d96a4d262b9d8a2c1158ac1e5f0f7b2c3ed5f2ba9d6235a014320313f9488fe",
|
||||||
"test_zerosig.py-test_one_zero_signature": "4099761c664ac57e9506abeb6a52cf898297c0dd592e2a394d008c5db7e62356",
|
"test_zerosig.py-test_one_zero_signature": "4099761c664ac57e9506abeb6a52cf898297c0dd592e2a394d008c5db7e62356",
|
||||||
"test_zerosig.py-test_two_zero_signature": "46e0f1749af632a75a6c6ccc2deb4591a925428db000c52008ecb940ec673a6f"
|
"test_zerosig.py-test_two_zero_signature": "46e0f1749af632a75a6c6ccc2deb4591a925428db000c52008ecb940ec673a6f"
|
||||||
|
Loading…
Reference in New Issue
Block a user