1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-27 00:28:10 +00:00

core/webauthn: Use popups for webauthn error messages instead of confirmation dialogs to simplify device testing.

This commit is contained in:
Andrew Kozlik 2019-10-04 17:30:22 +02:00
parent 8ce8916beb
commit e385eae433

View File

@ -7,6 +7,7 @@ from trezor import config, io, log, loop, ui, utils, workflow
from trezor.crypto import aes, der, hashlib, hmac, random from trezor.crypto import aes, der, hashlib, hmac, random
from trezor.crypto.curve import nist256p1 from trezor.crypto.curve import nist256p1
from trezor.ui.confirm import CONFIRMED, Confirm, ConfirmPageable, Pageable from trezor.ui.confirm import CONFIRMED, Confirm, ConfirmPageable, Pageable
from trezor.ui.popup import Popup
from trezor.ui.text import Text from trezor.ui.text import Text
from apps.common import cbor, storage from apps.common import cbor, storage
@ -116,6 +117,7 @@ _KEEPALIVE_INTERVAL_MS = const(80) # interval between keepalive commands
_CTAP_HID_TIMEOUT_MS = const(500) _CTAP_HID_TIMEOUT_MS = const(500)
_U2F_CONFIRM_TIMEOUT_MS = const(10 * 1000) _U2F_CONFIRM_TIMEOUT_MS = const(10 * 1000)
_FIDO2_CONFIRM_TIMEOUT_MS = const(60 * 1000) _FIDO2_CONFIRM_TIMEOUT_MS = const(60 * 1000)
_POPUP_TIMEOUT_MS = const(4 * 1000) if not __debug__ else const(0)
# CBOR object signing and encryption algorithms and keys # CBOR object signing and encryption algorithms and keys
_COSE_ALG_KEY = const(3) _COSE_ALG_KEY = const(3)
@ -612,10 +614,12 @@ class U2fConfirmRegister(U2fState):
async def confirm_dialog(self) -> bool: async def confirm_dialog(self) -> bool:
if self._cred.rp_id_hash == _BOGUS_APPID: if self._cred.rp_id_hash == _BOGUS_APPID:
text = Text("U2F", ui.ICON_WRONG, ui.RED) text = Text("U2F", ui.ICON_WRONG, ui.RED)
text.bold("Not registered.")
text.br_half()
text.normal( text.normal(
"Another U2F device", "was used to register", "in this application." "Another U2F device", "was used to register", "in this application."
) )
return await confirm(text, confirm=None, cancel="Close") return await Popup(text, _POPUP_TIMEOUT_MS)
else: else:
content = ConfirmContent(self) content = ConfirmContent(self)
return await confirm(content) return await confirm(content)
@ -739,8 +743,10 @@ class Fido2ConfirmExcluded(Fido2ConfirmMakeCredential):
await send_cmd(cmd, self.iface) await send_cmd(cmd, self.iface)
text = Text("FIDO2 Register", ui.ICON_WRONG, ui.RED) text = Text("FIDO2 Register", ui.ICON_WRONG, ui.RED)
text.bold("Already registered.")
text.br_half()
text.normal("This device is already", "registered with", self._cred.rp_id + ".") text.normal("This device is already", "registered with", self._cred.rp_id + ".")
await confirm(text, confirm=None, cancel="Close") await Popup(text, _POPUP_TIMEOUT_MS)
class Fido2ConfirmGetAssertion(Fido2State, ConfirmInfo, Pageable): class Fido2ConfirmGetAssertion(Fido2State, ConfirmInfo, Pageable):
@ -819,8 +825,10 @@ class Fido2ConfirmNoPin(State):
async def confirm_dialog(self) -> bool: async def confirm_dialog(self) -> bool:
text = Text("FIDO2 Verify User", ui.ICON_WRONG, ui.RED) text = Text("FIDO2 Verify User", ui.ICON_WRONG, ui.RED)
text.normal("Unable to verify user.", "Please enable PIN", "protection.") text.bold("Unable to verify user.")
return await confirm(text, confirm=None, cancel="Close") text.br_half()
text.normal("Please enable PIN", "protection.")
return await Popup(text, _POPUP_TIMEOUT_MS)
class Fido2ConfirmNoCredentials(Fido2ConfirmGetAssertion): class Fido2ConfirmNoCredentials(Fido2ConfirmGetAssertion):
@ -836,10 +844,12 @@ class Fido2ConfirmNoCredentials(Fido2ConfirmGetAssertion):
await send_cmd(cmd, self.iface) await send_cmd(cmd, self.iface)
text = Text("FIDO2 Authenticate", ui.ICON_WRONG, ui.RED) text = Text("FIDO2 Authenticate", ui.ICON_WRONG, ui.RED)
text.bold("Not registered.")
text.br_half()
text.normal( text.normal(
"This device is not", "registered with", self._creds[0].app_name() + "." "This device is not", "registered with", self._creds[0].app_name() + "."
) )
await confirm(text, confirm=None, cancel="Close") await Popup(text, _POPUP_TIMEOUT_MS)
class Fido2ConfirmReset(Fido2State): class Fido2ConfirmReset(Fido2State):