feat(legacy): Support 50 digit PIN and wipe code.

pull/1546/head
Andrew Kozlik 4 years ago committed by Andrew Kozlik
parent 3084d1196d
commit cbb0d82999

@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
### Changed
- Allow decreasing the output value in RBF transactions. [#1491]
- Support long PIN of up to 50 digits. [#1167]
### Deprecated
@ -373,6 +374,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
[#1098]: https://github.com/trezor/trezor-firmware/issues/1098
[#1105]: https://github.com/trezor/trezor-firmware/issues/1105
[#1165]: https://github.com/trezor/trezor-firmware/pull/1165
[#1167]: https://github.com/trezor/trezor-firmware/issues/1167
[#1188]: https://github.com/trezor/trezor-firmware/issues/1188
[#1351]: https://github.com/trezor/trezor-firmware/issues/1351
[#1363]: https://github.com/trezor/trezor-firmware/pull/1363

@ -85,9 +85,6 @@ static const uint32_t META_MAGIC_V10 = 0xFFFFFFFF;
#define MAX_SESSIONS_COUNT 10
// The PIN value corresponding to an empty PIN.
static const uint32_t PIN_EMPTY = 1;
static uint32_t config_uuid[UUID_SIZE / sizeof(uint32_t)];
_Static_assert(sizeof(config_uuid) == UUID_SIZE, "config_uuid has wrong size");
@ -151,23 +148,6 @@ static const uint32_t CONFIG_VERSION = 11;
static const uint8_t FALSE_BYTE = '\x00';
static const uint8_t TRUE_BYTE = '\x01';
static uint32_t pin_to_int(const char *pin) {
uint32_t val = 1;
size_t i = 0;
for (i = 0; i < MAX_PIN_LEN && pin[i] != '\0'; ++i) {
if (pin[i] < '0' || pin[i] > '9') {
return 0;
}
val = 10 * val + pin[i] - '0';
}
if (pin[i] != '\0') {
return 0;
}
return val;
}
static secbool config_set_bool(uint16_t key, bool value) {
if (value) {
return storage_set(key, &TRUE_BYTE, sizeof(TRUE_BYTE));
@ -334,9 +314,10 @@ static secbool config_upgrade_v10(void) {
}
storage_init(NULL, HW_ENTROPY_DATA, HW_ENTROPY_LEN);
storage_unlock(PIN_EMPTY, NULL);
storage_unlock(PIN_EMPTY, PIN_EMPTY_LEN, NULL);
if (config.has_pin) {
storage_change_pin(PIN_EMPTY, pin_to_int(config.pin), NULL, NULL);
storage_change_pin(PIN_EMPTY, PIN_EMPTY_LEN, (const uint8_t *)config.pin,
strnlen(config.pin, MAX_PIN_LEN), NULL, NULL);
}
while (pin_wait != 0) {
@ -410,7 +391,7 @@ void config_init(void) {
// Auto-unlock storage if no PIN is set.
if (storage_is_unlocked() == secfalse && storage_has_pin() == secfalse) {
storage_unlock(PIN_EMPTY, NULL);
storage_unlock(PIN_EMPTY, PIN_EMPTY_LEN, NULL);
}
uint16_t len = 0;
@ -782,7 +763,8 @@ bool config_containsMnemonic(const char *mnemonic) {
*/
bool config_unlock(const char *pin) {
char oldTiny = usbTiny(1);
secbool ret = storage_unlock(pin_to_int(pin), NULL);
secbool ret =
storage_unlock((const uint8_t *)pin, strnlen(pin, MAX_PIN_LEN), NULL);
usbTiny(oldTiny);
return sectrue == ret;
}
@ -790,19 +772,15 @@ bool config_unlock(const char *pin) {
bool config_hasPin(void) { return sectrue == storage_has_pin(); }
bool config_changePin(const char *old_pin, const char *new_pin) {
uint32_t new_pin_int = pin_to_int(new_pin);
if (new_pin_int == 0) {
return false;
}
char oldTiny = usbTiny(1);
secbool ret =
storage_change_pin(pin_to_int(old_pin), new_pin_int, NULL, NULL);
secbool ret = storage_change_pin(
(const uint8_t *)old_pin, strnlen(old_pin, MAX_PIN_LEN),
(const uint8_t *)new_pin, strnlen(new_pin, MAX_PIN_LEN), NULL, NULL);
usbTiny(oldTiny);
#if DEBUG_LINK
if (sectrue == ret) {
if (new_pin_int != PIN_EMPTY) {
if (new_pin[0] != '\0') {
storage_set(KEY_DEBUG_LINK_PIN, new_pin, strnlen(new_pin, MAX_PIN_LEN));
} else {
storage_delete(KEY_DEBUG_LINK_PIN);
@ -810,8 +788,6 @@ bool config_changePin(const char *old_pin, const char *new_pin) {
}
#endif
memzero(&new_pin_int, sizeof(new_pin_int));
return sectrue == ret;
}
@ -824,16 +800,11 @@ bool config_getPin(char *dest, uint16_t dest_size) {
bool config_hasWipeCode(void) { return sectrue == storage_has_wipe_code(); }
bool config_changeWipeCode(const char *pin, const char *wipe_code) {
uint32_t wipe_code_int = pin_to_int(wipe_code);
if (wipe_code_int == 0) {
return false;
}
char oldTiny = usbTiny(1);
secbool ret = storage_change_wipe_code(pin_to_int(pin), NULL, wipe_code_int);
secbool ret = storage_change_wipe_code(
(const uint8_t *)pin, strnlen(pin, MAX_PIN_LEN), NULL,
(const uint8_t *)wipe_code, strnlen(wipe_code, MAX_PIN_LEN));
usbTiny(oldTiny);
memzero(&wipe_code_int, sizeof(wipe_code_int));
return sectrue == ret;
}
@ -982,7 +953,7 @@ void config_wipe(void) {
char oldTiny = usbTiny(1);
storage_wipe();
if (storage_is_unlocked() != sectrue) {
storage_unlock(PIN_EMPTY, NULL);
storage_unlock(PIN_EMPTY, PIN_EMPTY_LEN, NULL);
}
usbTiny(oldTiny);
random_buffer((uint8_t *)config_uuid, sizeof(config_uuid));

@ -79,7 +79,7 @@ typedef struct _Storage {
extern Storage configUpdate;
#define MAX_PIN_LEN 9
#define MAX_PIN_LEN 50
#define MAX_LABEL_LEN 32
#define MAX_LANGUAGE_LEN 16
#define MAX_MNEMONIC_LEN 240

@ -2,7 +2,7 @@ Success.message max_size:256
Failure.message max_size:256
PinMatrixAck.pin max_size:10
PinMatrixAck.pin max_size:51
PassphraseAck.passphrase max_size:51

@ -3,7 +3,7 @@ DebugLinkDecision.x type:FT_IGNORE
DebugLinkDecision.y type:FT_IGNORE
DebugLinkState.layout max_size:1024
DebugLinkState.pin max_size:10
DebugLinkState.pin max_size:51
DebugLinkState.matrix max_size:10
DebugLinkState.mnemonic_secret max_size:240
DebugLinkState.reset_word max_size:12

@ -19,7 +19,7 @@ ApplySettings.homescreen max_size:1024
Ping.message max_size:256
LoadDevice.mnemonics max_count:16 max_size:241
LoadDevice.pin max_size:10
LoadDevice.pin max_size:51
LoadDevice.language max_size:17
LoadDevice.label max_size:33

@ -36,6 +36,6 @@
/*
* Current storage version.
*/
#define NORCOW_VERSION ((uint32_t)0x00000002)
#define NORCOW_VERSION ((uint32_t)0x00000003)
#endif

Loading…
Cancel
Save