Don't ask for passphrase with u2f.

firmware/fsm.c

@@ -96,7 +96,7 @@ const CoinType *fsm_getCoin(const char *name)
 const HDNode *fsm_getDerivedNode(const char *curve, uint32_t *address_n, size_t address_n_count)
 {
 	static HDNode node;
-	if (!storage_getRootNode(&node, curve)) {
+	if (!storage_getRootNode(&node, curve, true)) {
 		fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized or passphrase request cancelled or unsupported curve");
 		layoutHome();
 		return 0;

firmware/storage.c

@@ -72,7 +72,7 @@ _Static_assert(FLASH_STORAGE_START + FLASH_STORAGE_REALLEN <= FLASH_STORAGE_PINA
 _Static_assert((sizeof(storage_uuid) & 3) == 0, "storage uuid unaligned");
 _Static_assert((sizeof(storage) & 3) == 0, "storage unaligned");
 
-static bool sessionSeedCached;
+static bool sessionSeedCached, sessionSeedUsesPassphrase;
 
 static uint8_t sessionSeed[64];
 
@@ -290,27 +290,29 @@ void get_root_node_callback(uint32_t iter, uint32_t total)
 	layoutProgress("Waking up", 1000 * iter / total);
 }
 
-const uint8_t *storage_getSeed(void)
+const uint8_t *storage_getSeed(bool usePassphrase)
 {
 	// root node is properly cached
-	if (sessionSeedCached) {
+	if (usePassphrase == sessionSeedUsesPassphrase
+		&& sessionSeedCached) {
 		return sessionSeed;
 	}
 
 	// if storage has mnemonic, convert it to node and use it
 	if (storage.has_mnemonic) {
-		if (!protectPassphrase()) {
+		if (usePassphrase && !protectPassphrase()) {
 			return NULL;
 		}
-		mnemonic_to_seed(storage.mnemonic, sessionPassphrase, sessionSeed, get_root_node_callback); // BIP-0039
+		mnemonic_to_seed(storage.mnemonic, usePassphrase ? sessionPassphrase : "", sessionSeed, get_root_node_callback); // BIP-0039
 		sessionSeedCached = true;
+		sessionSeedUsesPassphrase = usePassphrase;
 		return sessionSeed;
 	}
 
 	return NULL;
 }
 
-bool storage_getRootNode(HDNode *node, const char *curve)
+bool storage_getRootNode(HDNode *node, const char *curve, bool usePassphrase)
 {
 	// if storage has node, decrypt and use it
 	if (storage.has_node && strcmp(curve, SECP256K1_NAME) == 0) {
@@ -339,7 +341,7 @@ bool storage_getRootNode(HDNode *node, const char *curve)
 		return true;
 	}
 
-	const uint8_t *seed = storage_getSeed();
+	const uint8_t *seed = storage_getSeed(usePassphrase);
 	if (seed == NULL) {
 		return false;
 	}

firmware/storage.h

@@ -33,9 +33,9 @@ void session_clear(bool clear_pin);
 
 void storage_loadDevice(LoadDevice *msg);
 
-const uint8_t *storage_getSeed(void);
+const uint8_t *storage_getSeed(bool usePassphrase);
 
-bool storage_getRootNode(HDNode *node, const char *curve);
+bool storage_getRootNode(HDNode *node, const char *curve, bool usePassphrase);
 
 const char *storage_getLabel(void);
 void storage_setLabel(const char *label);

firmware/u2f.c

@@ -473,7 +473,7 @@ static const char *getReadableAppId(const uint8_t appid[U2F_APPID_SIZE]) {
 const HDNode *getDerivedNode(uint32_t *address_n, size_t address_n_count)
 {
 	static HDNode node;
-	if (!storage_getRootNode(&node, NIST256P1_NAME)) {
+	if (!storage_getRootNode(&node, NIST256P1_NAME, false)) {
 		layoutHome();
 		debugLog(0, "", "ERR: Device not init");
 		return 0;