mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-26 01:18:28 +00:00
storage: Add storage_ensure_not_wipe_code().
This commit is contained in:
parent
e51ed5bf05
commit
bfd834d1de
@ -173,6 +173,18 @@ STATIC mp_obj_t mod_trezorconfig_change_pin(size_t n_args,
|
|||||||
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorconfig_change_pin_obj, 4,
|
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorconfig_change_pin_obj, 4,
|
||||||
4, mod_trezorconfig_change_pin);
|
4, mod_trezorconfig_change_pin);
|
||||||
|
|
||||||
|
/// def ensure_not_wipe_code(pin: int) -> None:
|
||||||
|
/// """
|
||||||
|
/// Wipes the device if the entered PIN is the wipe code.
|
||||||
|
/// """
|
||||||
|
STATIC mp_obj_t mod_trezorconfig_ensure_not_wipe_code(mp_obj_t pin) {
|
||||||
|
uint32_t pin_i = trezor_obj_get_uint(pin);
|
||||||
|
storage_ensure_not_wipe_code(pin_i);
|
||||||
|
return mp_const_none;
|
||||||
|
}
|
||||||
|
STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorconfig_ensure_not_wipe_code_obj,
|
||||||
|
mod_trezorconfig_ensure_not_wipe_code);
|
||||||
|
|
||||||
/// def has_wipe_code() -> bool:
|
/// def has_wipe_code() -> bool:
|
||||||
/// """
|
/// """
|
||||||
/// Returns True if storage has a configured wipe code, False otherwise.
|
/// Returns True if storage has a configured wipe code, False otherwise.
|
||||||
@ -367,6 +379,8 @@ STATIC const mp_rom_map_elem_t mp_module_trezorconfig_globals_table[] = {
|
|||||||
MP_ROM_PTR(&mod_trezorconfig_get_pin_rem_obj)},
|
MP_ROM_PTR(&mod_trezorconfig_get_pin_rem_obj)},
|
||||||
{MP_ROM_QSTR(MP_QSTR_change_pin),
|
{MP_ROM_QSTR(MP_QSTR_change_pin),
|
||||||
MP_ROM_PTR(&mod_trezorconfig_change_pin_obj)},
|
MP_ROM_PTR(&mod_trezorconfig_change_pin_obj)},
|
||||||
|
{MP_ROM_QSTR(MP_QSTR_ensure_not_wipe_code),
|
||||||
|
MP_ROM_PTR(&mod_trezorconfig_ensure_not_wipe_code_obj)},
|
||||||
{MP_ROM_QSTR(MP_QSTR_has_wipe_code),
|
{MP_ROM_QSTR(MP_QSTR_has_wipe_code),
|
||||||
MP_ROM_PTR(&mod_trezorconfig_has_wipe_code_obj)},
|
MP_ROM_PTR(&mod_trezorconfig_has_wipe_code_obj)},
|
||||||
{MP_ROM_QSTR(MP_QSTR_change_wipe_code),
|
{MP_ROM_QSTR(MP_QSTR_change_wipe_code),
|
||||||
|
@ -60,6 +60,13 @@ def change_pin(
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
# extmod/modtrezorconfig/modtrezorconfig.c
|
||||||
|
def ensure_not_wipe_code(pin: int) -> None:
|
||||||
|
"""
|
||||||
|
Wipes the device if the entered PIN is the wipe code.
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
# extmod/modtrezorconfig/modtrezorconfig.c
|
# extmod/modtrezorconfig/modtrezorconfig.c
|
||||||
def has_wipe_code() -> bool:
|
def has_wipe_code() -> bool:
|
||||||
"""
|
"""
|
||||||
|
@ -950,12 +950,7 @@ static secbool unlock(uint32_t pin, const uint8_t *ext_salt) {
|
|||||||
return secfalse;
|
return secfalse;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check whether the user entered the wipe code.
|
storage_ensure_not_wipe_code(pin);
|
||||||
if (sectrue != is_not_wipe_code(pin)) {
|
|
||||||
storage_wipe();
|
|
||||||
error_shutdown("You have entered the", "wipe code. All private",
|
|
||||||
"data has been erased.", NULL);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Get the pin failure counter
|
// Get the pin failure counter
|
||||||
uint32_t ctr = 0;
|
uint32_t ctr = 0;
|
||||||
@ -1339,6 +1334,14 @@ secbool storage_change_pin(uint32_t oldpin, uint32_t newpin,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void storage_ensure_not_wipe_code(uint32_t pin) {
|
||||||
|
if (sectrue != is_not_wipe_code(pin)) {
|
||||||
|
storage_wipe();
|
||||||
|
error_shutdown("You have entered the", "wipe code. All private",
|
||||||
|
"data has been erased.", NULL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
secbool storage_has_wipe_code(void) {
|
secbool storage_has_wipe_code(void) {
|
||||||
if (sectrue != initialized || sectrue != unlocked) {
|
if (sectrue != initialized || sectrue != unlocked) {
|
||||||
return secfalse;
|
return secfalse;
|
||||||
|
@ -52,6 +52,7 @@ uint32_t storage_get_pin_rem(void);
|
|||||||
secbool storage_change_pin(uint32_t oldpin, uint32_t newpin,
|
secbool storage_change_pin(uint32_t oldpin, uint32_t newpin,
|
||||||
const uint8_t *old_ext_salt,
|
const uint8_t *old_ext_salt,
|
||||||
const uint8_t *new_ext_salt);
|
const uint8_t *new_ext_salt);
|
||||||
|
void storage_ensure_not_wipe_code(uint32_t pin);
|
||||||
secbool storage_has_wipe_code(void);
|
secbool storage_has_wipe_code(void);
|
||||||
secbool storage_change_wipe_code(uint32_t pin, const uint8_t *ext_salt,
|
secbool storage_change_wipe_code(uint32_t pin, const uint8_t *ext_salt,
|
||||||
uint32_t wipe_code);
|
uint32_t wipe_code);
|
||||||
|
Loading…
Reference in New Issue
Block a user