From ba9eee3b8f52d042ace018de83ab8b99e1dcc114 Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Fri, 4 Oct 2019 13:54:43 +0200 Subject: [PATCH] core, legacy: Don't allow change_pin if device is not initialized. --- core/src/apps/cardano/seed.py | 2 +- core/src/apps/common/seed.py | 2 +- core/src/apps/management/backup_device.py | 2 +- core/src/apps/management/change_pin.py | 4 ++++ core/src/apps/management/recovery_device/__init__.py | 2 +- core/src/apps/management/reset_device/__init__.py | 10 +++------- core/src/apps/management/sd_protect.py | 2 +- legacy/firmware/fsm_msg_common.h | 2 ++ 8 files changed, 14 insertions(+), 12 deletions(-) diff --git a/core/src/apps/cardano/seed.py b/core/src/apps/cardano/seed.py index 5ed54bd2a6..8099eefc5d 100644 --- a/core/src/apps/cardano/seed.py +++ b/core/src/apps/cardano/seed.py @@ -39,7 +39,7 @@ async def _get_passphrase(ctx: wire.Context) -> bytes: async def get_keychain(ctx: wire.Context) -> Keychain: if not storage.is_initialized(): - raise wire.ProcessError("Device is not initialized") + raise wire.NotInitialized("Device is not initialized") if mnemonic.is_bip39(): # derive the root node from mnemonic and passphrase diff --git a/core/src/apps/common/seed.py b/core/src/apps/common/seed.py index 82adf40eac..d77d1ad4ec 100644 --- a/core/src/apps/common/seed.py +++ b/core/src/apps/common/seed.py @@ -108,7 +108,7 @@ class Keychain: async def get_keychain(ctx: wire.Context, namespaces: list) -> Keychain: if not storage.is_initialized(): - raise wire.ProcessError("Device is not initialized") + raise wire.NotInitialized("Device is not initialized") seed = cache.get_seed() if seed is None: passphrase = cache.get_passphrase() diff --git a/core/src/apps/management/backup_device.py b/core/src/apps/management/backup_device.py index 25f6933044..59ba2a920c 100644 --- a/core/src/apps/management/backup_device.py +++ b/core/src/apps/management/backup_device.py @@ -7,7 +7,7 @@ from apps.management.reset_device import backup_seed, layout async def backup_device(ctx, msg): if not storage.is_initialized(): - raise wire.ProcessError("Device is not initialized") + raise wire.NotInitialized("Device is not initialized") if not storage.device.needs_backup(): raise wire.ProcessError("Seed already backed up") diff --git a/core/src/apps/management/change_pin.py b/core/src/apps/management/change_pin.py index 9ed2fa736b..b46853837e 100644 --- a/core/src/apps/management/change_pin.py +++ b/core/src/apps/management/change_pin.py @@ -10,12 +10,16 @@ from apps.common.request_pin import ( request_pin_confirm, show_pin_invalid, ) +from apps.common.storage import is_initialized if False: from trezor.messages.ChangePin import ChangePin async def change_pin(ctx: wire.Context, msg: ChangePin) -> Success: + if not is_initialized(): + raise wire.NotInitialized("Device is not initialized") + # confirm that user wants to change the pin await require_confirm_change_pin(ctx, msg) diff --git a/core/src/apps/management/recovery_device/__init__.py b/core/src/apps/management/recovery_device/__init__.py index ee18d230a9..bacd712b2a 100644 --- a/core/src/apps/management/recovery_device/__init__.py +++ b/core/src/apps/management/recovery_device/__init__.py @@ -60,7 +60,7 @@ def _check_state(msg: RecoveryDevice) -> None: if not msg.dry_run and storage.is_initialized(): raise wire.UnexpectedMessage("Already initialized") if msg.dry_run and not storage.is_initialized(): - raise wire.UnexpectedMessage("Device is not initialized") + raise wire.NotInitialized("Device is not initialized") if storage.recovery.is_in_progress(): raise RuntimeError( diff --git a/core/src/apps/management/reset_device/__init__.py b/core/src/apps/management/reset_device/__init__.py index f4c1517df6..02a59f0cce 100644 --- a/core/src/apps/management/reset_device/__init__.py +++ b/core/src/apps/management/reset_device/__init__.py @@ -27,11 +27,11 @@ async def reset_device(ctx: wire.Context, msg: ResetDevice) -> Success: # make sure user knows they're setting up a new wallet await layout.show_reset_device_warning(ctx, msg.backup_type) - # request new PIN + # request and set new PIN if msg.pin_protection: newpin = await request_pin_confirm(ctx) - else: - newpin = "" + if not config.change_pin(pin_to_int(""), pin_to_int(newpin), None, None): + raise wire.ProcessError("Failed to set PIN") # generate and display internal entropy int_entropy = random.bytes(32) @@ -70,10 +70,6 @@ async def reset_device(ctx: wire.Context, msg: ResetDevice) -> Success: if perform_backup: await backup_seed(ctx, msg.backup_type, secret) - # write PIN into storage - if not config.change_pin(pin_to_int(""), pin_to_int(newpin), None, None): - raise wire.ProcessError("Could not change PIN") - # write settings and master secret into storage storage.device.load_settings( label=msg.label, use_passphrase=msg.passphrase_protection diff --git a/core/src/apps/management/sd_protect.py b/core/src/apps/management/sd_protect.py index 4e81978a68..fce5608daa 100644 --- a/core/src/apps/management/sd_protect.py +++ b/core/src/apps/management/sd_protect.py @@ -30,7 +30,7 @@ if False: async def sd_protect(ctx: wire.Context, msg: SdProtect) -> Success: if not is_initialized(): - raise wire.ProcessError("Device is not initialized") + raise wire.NotInitialized("Device is not initialized") if msg.operation == SdProtectOperationType.ENABLE: return await sd_protect_enable(ctx, msg) diff --git a/legacy/firmware/fsm_msg_common.h b/legacy/firmware/fsm_msg_common.h index bb12db1b0a..852b42193f 100644 --- a/legacy/firmware/fsm_msg_common.h +++ b/legacy/firmware/fsm_msg_common.h @@ -136,6 +136,8 @@ void fsm_msgPing(const Ping *msg) { } void fsm_msgChangePin(const ChangePin *msg) { + CHECK_INITIALIZED + bool removal = msg->has_remove && msg->remove; if (removal) { if (config_hasPin()) {