diff --git a/firmware/fsm.c b/firmware/fsm.c index 97cb933bed..8a99f0bcb3 100644 --- a/firmware/fsm.c +++ b/firmware/fsm.c @@ -96,7 +96,7 @@ const CoinType *fsm_getCoin(const char *name) const HDNode *fsm_getDerivedNode(const char *curve, uint32_t *address_n, size_t address_n_count) { static HDNode node; - if (!storage_getRootNode(&node, curve)) { + if (!storage_getRootNode(&node, curve, true)) { fsm_sendFailure(FailureType_Failure_NotInitialized, "Device not initialized or passphrase request cancelled or unsupported curve"); layoutHome(); return 0; diff --git a/firmware/storage.c b/firmware/storage.c index 1d8fb9730f..245ea83916 100644 --- a/firmware/storage.c +++ b/firmware/storage.c @@ -72,7 +72,7 @@ _Static_assert(FLASH_STORAGE_START + FLASH_STORAGE_REALLEN <= FLASH_STORAGE_PINA _Static_assert((sizeof(storage_uuid) & 3) == 0, "storage uuid unaligned"); _Static_assert((sizeof(storage) & 3) == 0, "storage unaligned"); -static bool sessionSeedCached; +static bool sessionSeedCached, sessionSeedUsesPassphrase; static uint8_t sessionSeed[64]; @@ -290,27 +290,29 @@ void get_root_node_callback(uint32_t iter, uint32_t total) layoutProgress("Waking up", 1000 * iter / total); } -const uint8_t *storage_getSeed(void) +const uint8_t *storage_getSeed(bool usePassphrase) { // root node is properly cached - if (sessionSeedCached) { + if (usePassphrase == sessionSeedUsesPassphrase + && sessionSeedCached) { return sessionSeed; } // if storage has mnemonic, convert it to node and use it if (storage.has_mnemonic) { - if (!protectPassphrase()) { + if (usePassphrase && !protectPassphrase()) { return NULL; } - mnemonic_to_seed(storage.mnemonic, sessionPassphrase, sessionSeed, get_root_node_callback); // BIP-0039 + mnemonic_to_seed(storage.mnemonic, usePassphrase ? sessionPassphrase : "", sessionSeed, get_root_node_callback); // BIP-0039 sessionSeedCached = true; + sessionSeedUsesPassphrase = usePassphrase; return sessionSeed; } return NULL; } -bool storage_getRootNode(HDNode *node, const char *curve) +bool storage_getRootNode(HDNode *node, const char *curve, bool usePassphrase) { // if storage has node, decrypt and use it if (storage.has_node && strcmp(curve, SECP256K1_NAME) == 0) { @@ -339,7 +341,7 @@ bool storage_getRootNode(HDNode *node, const char *curve) return true; } - const uint8_t *seed = storage_getSeed(); + const uint8_t *seed = storage_getSeed(usePassphrase); if (seed == NULL) { return false; } diff --git a/firmware/storage.h b/firmware/storage.h index 304ebf842b..c69d7f0154 100644 --- a/firmware/storage.h +++ b/firmware/storage.h @@ -33,9 +33,9 @@ void session_clear(bool clear_pin); void storage_loadDevice(LoadDevice *msg); -const uint8_t *storage_getSeed(void); +const uint8_t *storage_getSeed(bool usePassphrase); -bool storage_getRootNode(HDNode *node, const char *curve); +bool storage_getRootNode(HDNode *node, const char *curve, bool usePassphrase); const char *storage_getLabel(void); void storage_setLabel(const char *label); diff --git a/firmware/u2f.c b/firmware/u2f.c index 2ba366a699..b2216870c9 100644 --- a/firmware/u2f.c +++ b/firmware/u2f.c @@ -473,7 +473,7 @@ static const char *getReadableAppId(const uint8_t appid[U2F_APPID_SIZE]) { const HDNode *getDerivedNode(uint32_t *address_n, size_t address_n_count) { static HDNode node; - if (!storage_getRootNode(&node, NIST256P1_NAME)) { + if (!storage_getRootNode(&node, NIST256P1_NAME, false)) { layoutHome(); debugLog(0, "", "ERR: Device not init"); return 0;