src/apps/common/storage: allow U2F counter to be written even when storage is locked

5 years ago · fd6eb333a6
parent 6afd9b1d09
commit fd6eb333a6
2 changed files with 6 additions and 5 deletions
--- a/src/apps/common/storage.py
+++ b/src/apps/common/storage.py
@ -175,11 +175,11 @@ def set_autolock_delay_ms(delay_ms: int) -> None:


 def next_u2f_counter() -> int:
-    return config.next_counter(_APP, _U2F_COUNTER)
+    return config.next_counter(_APP, _U2F_COUNTER, True)  # writable when locked


 def set_u2f_counter(cntr: int) -> None:
-    config.set_counter(_APP, _U2F_COUNTER, cntr)
+    config.set_counter(_APP, _U2F_COUNTER, cntr, True)  # writable when locked


 def wipe():
@ -191,9 +191,11 @@ def init_unlocked():
    # Check for storage version upgrade.
    version = config.get(_APP, _VERSION)
    if version == b"\x01":
-        # Make the U2F counter public.
+        # Make the U2F counter public and writable even when storage is locked.
        counter = config.get(_APP, _U2F_COUNTER)
        if counter is not None:
-            config.set_counter(_APP, _U2F_COUNTER, counter)
+            config.set_counter(
+                _APP, _U2F_COUNTER, counter, True
+            )  # writable when locked
            config.delete(_APP, _U2F_COUNTER)
        config.set(_APP, _VERSION, _STORAGE_VERSION)
--- a/tests/test_apps.common.storage.py
+++ b/tests/test_apps.common.storage.py
@ -9,7 +9,6 @@ class TestConfig(unittest.TestCase):
    def test_counter(self):
        config.init()
        config.wipe()
-        self.assertEqual(config.unlock(pin_to_int('')), True)
        for i in range(150):
            self.assertEqual(storage.next_u2f_counter(), i)
        storage.set_u2f_counter(350)