mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 07:28:10 +00:00
trezorctl: Add sd-protect command.
This commit is contained in:
parent
06fc676cc9
commit
f867b43251
@ -24,7 +24,7 @@ Use the following command to see all options:
|
|||||||
cardano-get-address Get Cardano address.
|
cardano-get-address Get Cardano address.
|
||||||
cardano-get-public-key Get Cardano public key.
|
cardano-get-public-key Get Cardano public key.
|
||||||
cardano-sign-tx Sign Cardano transaction.
|
cardano-sign-tx Sign Cardano transaction.
|
||||||
change-pin Change new PIN or remove existing.
|
change-pin Set, change or remove PIN.
|
||||||
clear-session Clear session (remove cached PIN, passphrase, etc.).
|
clear-session Clear session (remove cached PIN, passphrase, etc.).
|
||||||
cosi-commit Ask device to commit to CoSi signing.
|
cosi-commit Ask device to commit to CoSi signing.
|
||||||
cosi-sign Ask device to sign using CoSi.
|
cosi-sign Ask device to sign using CoSi.
|
||||||
@ -66,6 +66,7 @@ Use the following command to see all options:
|
|||||||
reset-device Perform device setup and generate new seed.
|
reset-device Perform device setup and generate new seed.
|
||||||
ripple-get-address Get Ripple address
|
ripple-get-address Get Ripple address
|
||||||
ripple-sign-tx Sign Ripple transaction
|
ripple-sign-tx Sign Ripple transaction
|
||||||
|
sd-protect Secure the device with SD card protection.
|
||||||
self-test Perform a self-test.
|
self-test Perform a self-test.
|
||||||
set-auto-lock-delay Set auto-lock delay (in seconds).
|
set-auto-lock-delay Set auto-lock delay (in seconds).
|
||||||
set-flags Set device flags.
|
set-flags Set device flags.
|
||||||
|
@ -123,6 +123,14 @@ CHOICE_RESET_DEVICE_TYPE = ChoiceType(
|
|||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
CHOICE_SD_PROTECT_OPERATION_TYPE = ChoiceType(
|
||||||
|
{
|
||||||
|
"enable": proto.SdProtectOperationType.ENABLE,
|
||||||
|
"disable": proto.SdProtectOperationType.DISABLE,
|
||||||
|
"refresh": proto.SdProtectOperationType.REFRESH,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class UnderscoreAgnosticGroup(click.Group):
|
class UnderscoreAgnosticGroup(click.Group):
|
||||||
"""Command group that normalizes dashes and underscores.
|
"""Command group that normalizes dashes and underscores.
|
||||||
@ -261,13 +269,35 @@ def get_features(connect):
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
@cli.command(help="Change new PIN or remove existing.")
|
@cli.command(help="Set, change or remove PIN.")
|
||||||
@click.option("-r", "--remove", is_flag=True)
|
@click.option("-r", "--remove", is_flag=True)
|
||||||
@click.pass_obj
|
@click.pass_obj
|
||||||
def change_pin(connect, remove):
|
def change_pin(connect, remove):
|
||||||
return device.change_pin(connect(), remove)
|
return device.change_pin(connect(), remove)
|
||||||
|
|
||||||
|
|
||||||
|
@cli.command()
|
||||||
|
@click.argument("operation", type=CHOICE_SD_PROTECT_OPERATION_TYPE)
|
||||||
|
@click.pass_obj
|
||||||
|
def sd_protect(connect, operation):
|
||||||
|
"""Secure the device with SD card protection.
|
||||||
|
|
||||||
|
When SD card protection is enabled, a randomly generated secret is stored
|
||||||
|
on the SD card. During every PIN checking and unlocking operation this
|
||||||
|
secret is combined with the entered PIN value to decrypt data stored on
|
||||||
|
the device. The SD card will thus be needed every time you unlock the
|
||||||
|
device. The options are:
|
||||||
|
|
||||||
|
\b
|
||||||
|
enable - Generate SD card secret and use it to protect the PIN and storage.
|
||||||
|
disable - Remove SD card secret protection.
|
||||||
|
refresh - Replace the current SD card secret with a new one.
|
||||||
|
"""
|
||||||
|
if connect().features.model == "1":
|
||||||
|
raise click.BadUsage("Trezor One does not support SD card protection.")
|
||||||
|
return device.sd_protect(connect(), operation)
|
||||||
|
|
||||||
|
|
||||||
@cli.command(help="Enable passphrase.")
|
@cli.command(help="Enable passphrase.")
|
||||||
@click.pass_obj
|
@click.pass_obj
|
||||||
def enable_passphrase(connect):
|
def enable_passphrase(connect):
|
||||||
|
@ -90,6 +90,12 @@ def change_pin(client, remove=False):
|
|||||||
return ret
|
return ret
|
||||||
|
|
||||||
|
|
||||||
|
@expect(proto.Success, field="message")
|
||||||
|
def sd_protect(client, operation):
|
||||||
|
ret = client.call(proto.SdProtect(operation=operation))
|
||||||
|
return ret
|
||||||
|
|
||||||
|
|
||||||
@expect(proto.Success, field="message")
|
@expect(proto.Success, field="message")
|
||||||
def set_u2f_counter(client, u2f_counter):
|
def set_u2f_counter(client, u2f_counter):
|
||||||
ret = client.call(proto.SetU2FCounter(u2f_counter=u2f_counter))
|
ret = client.call(proto.SetU2FCounter(u2f_counter=u2f_counter))
|
||||||
|
Loading…
Reference in New Issue
Block a user