chore(storage): make device secret and credential key counter persist reset

[no changelog]

core/src/storage/__init__.py

@@ -40,12 +40,23 @@ def init_unlocked() -> None:
 
 def reset(excluded: Tuple[bytes, bytes] | None) -> None:
     """
-    Wipes storage but keeps the device id unchanged.
+    Wipes storage but keeps the device id, device secret, and credential counter unchanged.
     """
+    from trezor import utils
+
     device_id = device.get_device_id()
+
+    if utils.USE_THP:
+        device_secret = device.get_device_secret()
+        credential_counter = device.get_cred_auth_key_counter()
     wipe(clear_cache=False)
     wipe_cache(excluded)
     common.set(common.APP_DEVICE, device.DEVICE_ID, device_id.encode(), public=True)
+    if utils.USE_THP:
+        common.set(common.APP_DEVICE, device.DEVICE_SECRET, device_secret, True)
+        common.set(
+            common.APP_DEVICE, device.CRED_AUTH_KEY_COUNTER, credential_counter, True
+        )
 
 
 def _migrate_from_version_01() -> None:

core/src/storage/device.py

@@ -36,8 +36,8 @@ _SAFETY_CHECK_LEVEL        = const(0x14)  # int
 _EXPERIMENTAL_FEATURES     = const(0x15)  # bool (0x01 or empty)
 _HIDE_PASSPHRASE_FROM_HOST = const(0x16)  # bool (0x01 or empty)
 if utils.USE_THP:
-    _DEVICE_SECRET         = const(0x17)  # bytes
+    DEVICE_SECRET         = const(0x17)  # bytes
-    _CRED_AUTH_KEY_COUNTER = const(0x18)  # bytes
+    CRED_AUTH_KEY_COUNTER = const(0x18)  # bytes
 # unused from python:
 # _BRIGHTNESS                = const(0x19)  # int
 _DISABLE_HAPTIC_FEEDBACK   = const(0x20)  # bool (0x01 or empty)
@@ -364,22 +364,22 @@ if utils.USE_THP:
         """
         Device secret is used to derive keys that are independent of the seed.
         """
-        device_secret = common.get(_NAMESPACE, _DEVICE_SECRET, True)
+        device_secret = common.get(_NAMESPACE, DEVICE_SECRET, True)
         if not device_secret:
             from trezor.crypto import random
 
             device_secret = random.bytes(16, True)
-            common.set(_NAMESPACE, _DEVICE_SECRET, device_secret, True)
+            common.set(_NAMESPACE, DEVICE_SECRET, device_secret, True)
         return device_secret
 
     def get_cred_auth_key_counter() -> bytes:
-        return common.get(_NAMESPACE, _CRED_AUTH_KEY_COUNTER, True) or bytes(4)
+        return common.get(_NAMESPACE, CRED_AUTH_KEY_COUNTER, True) or bytes(4)
 
     def increment_cred_auth_key_counter() -> None:
         counter = int.from_bytes(get_cred_auth_key_counter(), "big")
         utils.ensure(counter < 0xFFFFFFFF, "Overflow of cred_auth_key_counter")
         common.set(
-            _NAMESPACE, _CRED_AUTH_KEY_COUNTER, (counter + 1).to_bytes(4, "big"), True
+            _NAMESPACE, CRED_AUTH_KEY_COUNTER, (counter + 1).to_bytes(4, "big"), True
         )
 
 

core/tests/test_storage.py

@@ -40,9 +40,9 @@ class TestConfig(unittest.TestCase):
 
         def test_cred_auth_key_counter_overflow(self):
             from storage import common
-            from storage.device import _CRED_AUTH_KEY_COUNTER, _NAMESPACE
+            from storage.device import _NAMESPACE, CRED_AUTH_KEY_COUNTER
 
-            common.set(_NAMESPACE, _CRED_AUTH_KEY_COUNTER, b"\xff\xff\xff\xfe", True)
+            common.set(_NAMESPACE, CRED_AUTH_KEY_COUNTER, b"\xff\xff\xff\xfe", True)
             device.increment_cred_auth_key_counter()
             self.assertEqual(device.get_cred_auth_key_counter(), b"\xff\xff\xff\xff")
             with self.assertRaises(AssertionError) as e: