feat(core): send failure message as response when ThpCreateNewSession has on_device=true and passphrase

core/src/apps/common/seed.py

@@ -6,6 +6,7 @@ from trezor import log, utils
 from trezor.crypto import hmac
 from trezor.wire import context
 from trezor.wire.context import get_context
+from trezor.wire.errors import DataError
 
 from apps.common import cache
 
@@ -72,7 +73,7 @@ if not utils.BITCOIN_ONLY:
     async def derive_and_store_roots(ctx: Context, msg: ThpCreateNewSession) -> None:
 
         if msg.passphrase is not None and msg.on_device:
-            raise Exception("Passphrase provided when it shouldn't be!")
+            raise DataError("Passphrase provided when it shouldn't be!")
 
         from trezor import wire
 

core/src/apps/thp/create_session.py

@@ -1,7 +1,9 @@
 from typing import TYPE_CHECKING
 
 from trezor import log, loop
-from trezor.messages import ThpCreateNewSession, ThpNewSession
+from trezor.enums import FailureType
+from trezor.messages import Failure, ThpCreateNewSession, ThpNewSession
+from trezor.wire.errors import DataError
 from trezor.wire.thp import SessionState
 
 if TYPE_CHECKING:
@@ -10,13 +12,17 @@ if TYPE_CHECKING:
 
 async def create_new_session(
     channel: ChannelContext, message: ThpCreateNewSession
-) -> ThpNewSession:
+) -> ThpNewSession | Failure:
     from trezor.wire.thp.session_manager import create_new_session
 
     from apps.common.seed import derive_and_store_roots
 
     session = create_new_session(channel)
-    await derive_and_store_roots(session, message)
+    try:
+        await derive_and_store_roots(session, message)
+    except DataError as e:
+        return Failure(code=FailureType.DataError, message=e.message)
+    # TODO handle other errors
 
     session.set_session_state(SessionState.ALLOCATED)
     channel.sessions[session.session_id] = session