all: rename protobuf unsafe_prompts to safety_checks

2024-11-21 23:18:13 +00:00 · 2020-07-24 16:04:03 +02:00 · 2020-07-24 16:04:03 +02:00 · fdcb64ac24
commit fdcb64ac24
parent 19ad1dae8b
12 changed files with 61 additions and 26 deletions
--- a/common/protob/messages-management.proto
+++ b/common/protob/messages-management.proto
@ -125,7 +125,12 @@ message ApplySettings {
    optional uint32 auto_lock_delay_ms = 6;
    optional uint32 display_rotation = 7;  // in degrees from North
    optional bool passphrase_always_on_device = 8;  // do not prompt for passphrase, enforce device entry
-    optional bool unsafe_prompts = 9;  // allow or disallow unsafe prompts
+    optional SafetyCheckLevel safety_checks = 9;  // Safety check level, set to Prompt to limit path namespace enforcement
+
+    enum SafetyCheckLevel {
+        Strict = 0;
+        Prompt = 1;
+    }
 }

 /**
--- a/core/CHANGELOG.md
+++ b/core/CHANGELOG.md
@ -15,7 +15,7 @@ _Most likely to be released on August 5th._
 - Support EXTERNAL transaction inputs with a SLIP-0019 proof of ownership.  [#1052]
 - Support pre-signed EXTERNAL transaction inputs.
 - Support multiple change-outputs.  [#1098]
- New option `unsafe-prompts` allows overriding "forbidden key path" errors.  [#1126]
+- New option `safety-checks` allows overriding "forbidden key path" errors.  [#1126]

 ### Changed
 - `Features.pin_cached` renamed to `unlocked`.
--- a/core/src/apps/management/apply_settings.py
+++ b/core/src/apps/management/apply_settings.py
@ -1,6 +1,6 @@
 import storage.device
 from trezor import ui, wire, workflow
-from trezor.messages import ButtonRequestType
+from trezor.messages import ButtonRequestType, SafetyCheckLevel
 from trezor.messages.Success import Success
 from trezor.strings import format_duration_ms
 from trezor.ui.text import Text
@ -9,7 +9,7 @@ from apps.base import lock_device
 from apps.common.confirm import require_confirm, require_hold_to_confirm

 if False:
-    from trezor.messages.ApplySettings import ApplySettings
+    from trezor.messages.ApplySettings import ApplySettings, EnumTypeSafetyCheckLevel


 async def apply_settings(ctx: wire.Context, msg: ApplySettings):
@ -22,7 +22,7 @@ async def apply_settings(ctx: wire.Context, msg: ApplySettings):
        and msg.passphrase_always_on_device is None
        and msg.display_rotation is None
        and msg.auto_lock_delay_ms is None
-        and msg.unsafe_prompts is None
+        and msg.safety_checks is None
    ):
        raise wire.ProcessError("No setting provided")

@ -61,9 +61,11 @@ async def apply_settings(ctx: wire.Context, msg: ApplySettings):
        # use the value that was stored, not the one that was supplied by the user
        workflow.idle_timer.set(storage.device.get_autolock_delay_ms(), lock_device)

-    if msg.unsafe_prompts is not None:
-        await require_confirm_unsafe_prompts(ctx, msg.unsafe_prompts)
-        storage.device.set_unsafe_prompts_allowed(msg.unsafe_prompts)
+    if msg.safety_checks is not None:
+        await require_confirm_safety_checks(ctx, msg.safety_checks)
+        storage.device.set_unsafe_prompts_allowed(
+            msg.safety_checks == SafetyCheckLevel.Prompt
+        )

    if msg.display_rotation is not None:
        await require_confirm_change_display_rotation(ctx, msg.display_rotation)
@ -132,8 +134,8 @@ async def require_confirm_change_autolock_delay(ctx, delay_ms):
    await require_confirm(ctx, text, ButtonRequestType.ProtectCall)


-async def require_confirm_unsafe_prompts(ctx, allow: bool) -> None:
-    if allow:
+async def require_confirm_safety_checks(ctx, level: EnumTypeSafetyCheckLevel) -> None:
+    if level == SafetyCheckLevel.Prompt:
        text = Text("Unsafe prompts", ui.ICON_WIPE)
        text.normal(
            "Trezor will allow you to", "confirm actions which", "might be dangerous."
@ -141,7 +143,9 @@ async def require_confirm_unsafe_prompts(ctx, allow: bool) -> None:
        text.br_half()
        text.bold("Allow unsafe prompts?")
        await require_hold_to_confirm(ctx, text, ButtonRequestType.ProtectCall)
-    else:
+    elif level == SafetyCheckLevel.Strict:
        text = Text("Unsafe prompts", ui.ICON_CONFIG)
        text.normal("Do you really want to", "disable unsafe prompts?")
        await require_confirm(ctx, text, ButtonRequestType.ProtectCall)
+    else:
+        raise ValueError  # enum value out of range
--- a/core/src/trezor/messages/ApplySettings.py
+++ b/core/src/trezor/messages/ApplySettings.py
@ -6,6 +6,7 @@ if __debug__:
    try:
        from typing import Dict, List  # noqa: F401
        from typing_extensions import Literal  # noqa: F401
+        EnumTypeSafetyCheckLevel = Literal[0, 1]
    except ImportError:
        pass

@ -22,7 +23,7 @@ class ApplySettings(p.MessageType):
        auto_lock_delay_ms: int = None,
        display_rotation: int = None,
        passphrase_always_on_device: bool = None,
-        unsafe_prompts: bool = None,
+        safety_checks: EnumTypeSafetyCheckLevel = None,
    ) -> None:
        self.language = language
        self.label = label
@ -31,7 +32,7 @@ class ApplySettings(p.MessageType):
        self.auto_lock_delay_ms = auto_lock_delay_ms
        self.display_rotation = display_rotation
        self.passphrase_always_on_device = passphrase_always_on_device
-        self.unsafe_prompts = unsafe_prompts
+        self.safety_checks = safety_checks

    @classmethod
    def get_fields(cls) -> Dict:
@ -43,5 +44,5 @@ class ApplySettings(p.MessageType):
            6: ('auto_lock_delay_ms', p.UVarintType, 0),
            7: ('display_rotation', p.UVarintType, 0),
            8: ('passphrase_always_on_device', p.BoolType, 0),
-            9: ('unsafe_prompts', p.BoolType, 0),
+            9: ('safety_checks', p.EnumType("SafetyCheckLevel", (0, 1)), 0),
        }
--- a/core/src/trezor/messages/SafetyCheckLevel.py
+++ b/core/src/trezor/messages/SafetyCheckLevel.py
@ -0,0 +1,7 @@
+# Automatically generated by pb2py
+# fmt: off
+if False:
+    from typing_extensions import Literal
+
+Strict = 0  # type: Literal[0]
+Prompt = 1  # type: Literal[1]
--- a/python/src/trezorlib/cli/settings.py
+++ b/python/src/trezorlib/cli/settings.py
@ -16,7 +16,7 @@

 import click

-from .. import device
+from .. import device, messages
 from . import ChoiceType, with_client

 ROTATION = {"north": 0, "east": 90, "south": 180, "west": 270}
@ -142,8 +142,13 @@ def unsafe_prompts(client, allow):
    to confirm possibly dangerous actions instead of rejecting them outright.
    Use with caution.
    """
-    allowed = allow == "on"
-    return device.apply_settings(client, unsafe_prompts=allowed)
+    # TODO change this to ChoiceType
+    if allow == "on":
+        level = messages.SafetyCheckLevel.Prompt
+    else:
+        level = messages.SafetyCheckLevel.Strict
+
+    return device.apply_settings(client, safety_checks=level)


 #
--- a/python/src/trezorlib/device.py
+++ b/python/src/trezorlib/device.py
@ -34,7 +34,7 @@ def apply_settings(
    passphrase_always_on_device=None,
    auto_lock_delay_ms=None,
    display_rotation=None,
-    unsafe_prompts=None,
+    safety_checks=None,
 ):
    settings = messages.ApplySettings(
        label=label,
@ -44,7 +44,7 @@ def apply_settings(
        passphrase_always_on_device=passphrase_always_on_device,
        auto_lock_delay_ms=auto_lock_delay_ms,
        display_rotation=display_rotation,
-        unsafe_prompts=unsafe_prompts,
+        safety_checks=safety_checks,
    )

    out = client.call(settings)
--- a/python/src/trezorlib/messages/ApplySettings.py
+++ b/python/src/trezorlib/messages/ApplySettings.py
@ -6,6 +6,7 @@ if __debug__:
    try:
        from typing import Dict, List  # noqa: F401
        from typing_extensions import Literal  # noqa: F401
+        EnumTypeSafetyCheckLevel = Literal[0, 1]
    except ImportError:
        pass

@ -22,7 +23,7 @@ class ApplySettings(p.MessageType):
        auto_lock_delay_ms: int = None,
        display_rotation: int = None,
        passphrase_always_on_device: bool = None,
-        unsafe_prompts: bool = None,
+        safety_checks: EnumTypeSafetyCheckLevel = None,
    ) -> None:
        self.language = language
        self.label = label
@ -31,7 +32,7 @@ class ApplySettings(p.MessageType):
        self.auto_lock_delay_ms = auto_lock_delay_ms
        self.display_rotation = display_rotation
        self.passphrase_always_on_device = passphrase_always_on_device
-        self.unsafe_prompts = unsafe_prompts
+        self.safety_checks = safety_checks

    @classmethod
    def get_fields(cls) -> Dict:
@ -43,5 +44,5 @@ class ApplySettings(p.MessageType):
            6: ('auto_lock_delay_ms', p.UVarintType, 0),
            7: ('display_rotation', p.UVarintType, 0),
            8: ('passphrase_always_on_device', p.BoolType, 0),
-            9: ('unsafe_prompts', p.BoolType, 0),
+            9: ('safety_checks', p.EnumType("SafetyCheckLevel", (0, 1)), 0),
        }
--- a/python/src/trezorlib/messages/SafetyCheckLevel.py
+++ b/python/src/trezorlib/messages/SafetyCheckLevel.py
@ -0,0 +1,7 @@
+# Automatically generated by pb2py
+# fmt: off
+if False:
+    from typing_extensions import Literal
+
+Strict = 0  # type: Literal[0]
+Prompt = 1  # type: Literal[1]
--- a/python/src/trezorlib/messages/init.py
+++ b/python/src/trezorlib/messages/init.py
@ -293,6 +293,7 @@ from . import OutputScriptType
 from . import PinMatrixRequestType
 from . import RecoveryDeviceType
 from . import RequestType
+from . import SafetyCheckLevel
 from . import SdProtectOperationType
 from . import TezosBallotType
 from . import TezosContractType
--- a/tests/device_tests/test_msg_applysettings.py
+++ b/tests/device_tests/test_msg_applysettings.py
@ -125,7 +125,7 @@ class TestMsgApplysettings:

    @pytest.mark.skip_t1
    @pytest.mark.setup_client(pin=None)
-    def test_unsafe_prompts(self, client):
+    def test_safety_checks(self, client):
        BAD_ADDRESS = parse_path("m/0")

        with pytest.raises(
@ -136,7 +136,9 @@ class TestMsgApplysettings:

        with client:
            client.set_expected_responses(EXPECTED_RESPONSES_NOPIN)
-            device.apply_settings(client, unsafe_prompts=True)
+            device.apply_settings(
+                client, safety_checks=messages.SafetyCheckLevel.Prompt
+            )

        with client:
            client.set_expected_responses(
@ -146,7 +148,9 @@ class TestMsgApplysettings:

        with client:
            client.set_expected_responses(EXPECTED_RESPONSES_NOPIN)
-            device.apply_settings(client, unsafe_prompts=False)
+            device.apply_settings(
+                client, safety_checks=messages.SafetyCheckLevel.Strict
+            )

        with pytest.raises(
            exceptions.TrezorFailure, match="Forbidden key path"
--- a/tests/ui_tests/fixtures.json
+++ b/tests/ui_tests/fixtures.json
@ -14,7 +14,7 @@
 "test_msg_applysettings.py-test_apply_settings": "2cc8bf660f3be815d19a4bf1265936162a58386fbe632ca4be01541245b79134",
 "test_msg_applysettings.py-test_apply_settings_passphrase": "5c1ed9a0be3d14475102d447da0b5d51bbb6dfaaeceff5ea9179064609db7870",
 "test_msg_applysettings.py-test_apply_settings_passphrase_on_device": "3e6527e227bdde54f51bc9c417b176d0d87fdb6c40c4761368f50eb201b4beed",
-"test_msg_applysettings.py-test_unsafe_prompts": "19bd500c3b791d51bbd1140085f306a838194593697529263f362acb0b1ab445",
+"test_msg_applysettings.py-test_safety_checks": "19bd500c3b791d51bbd1140085f306a838194593697529263f362acb0b1ab445",
 "test_msg_backup_device.py::test_backup_bip39": "2b63928444b8188eb2241fc03a3b9bc81191cfa9bbf3ef5431894c04ee0ed01f",
 "test_msg_backup_device.py::test_backup_slip39_advanced": "31900e0e8ad694ce894eee1ce289b425558c1fcd7bcb6128a19c049af436d35f",
 "test_msg_backup_device.py::test_backup_slip39_basic": "be4d88d882851ce1ddc45165c35952b23121ddca1a811c7fd7c7ef9d31989e8c",