From fdcb64ac2475b2fb738c75e97e6d110673e5b791 Mon Sep 17 00:00:00 2001 From: matejcik Date: Fri, 24 Jul 2020 16:04:03 +0200 Subject: [PATCH] all: rename protobuf `unsafe_prompts` to `safety_checks` --- common/protob/messages-management.proto | 7 +++++- core/CHANGELOG.md | 2 +- core/src/apps/management/apply_settings.py | 22 +++++++++++-------- core/src/trezor/messages/ApplySettings.py | 7 +++--- core/src/trezor/messages/SafetyCheckLevel.py | 7 ++++++ python/src/trezorlib/cli/settings.py | 11 +++++++--- python/src/trezorlib/device.py | 4 ++-- .../src/trezorlib/messages/ApplySettings.py | 7 +++--- .../trezorlib/messages/SafetyCheckLevel.py | 7 ++++++ python/src/trezorlib/messages/__init__.py | 1 + tests/device_tests/test_msg_applysettings.py | 10 ++++++--- tests/ui_tests/fixtures.json | 2 +- 12 files changed, 61 insertions(+), 26 deletions(-) create mode 100644 core/src/trezor/messages/SafetyCheckLevel.py create mode 100644 python/src/trezorlib/messages/SafetyCheckLevel.py diff --git a/common/protob/messages-management.proto b/common/protob/messages-management.proto index 73e557edf0..ef9b8ef16a 100644 --- a/common/protob/messages-management.proto +++ b/common/protob/messages-management.proto @@ -125,7 +125,12 @@ message ApplySettings { optional uint32 auto_lock_delay_ms = 6; optional uint32 display_rotation = 7; // in degrees from North optional bool passphrase_always_on_device = 8; // do not prompt for passphrase, enforce device entry - optional bool unsafe_prompts = 9; // allow or disallow unsafe prompts + optional SafetyCheckLevel safety_checks = 9; // Safety check level, set to Prompt to limit path namespace enforcement + + enum SafetyCheckLevel { + Strict = 0; + Prompt = 1; + } } /** diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index 7678e7a39a..7df5bc53c5 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -15,7 +15,7 @@ _Most likely to be released on August 5th._ - Support EXTERNAL transaction inputs with a SLIP-0019 proof of ownership. [#1052] - Support pre-signed EXTERNAL transaction inputs. - Support multiple change-outputs. [#1098] -- New option `unsafe-prompts` allows overriding "forbidden key path" errors. [#1126] +- New option `safety-checks` allows overriding "forbidden key path" errors. [#1126] ### Changed - `Features.pin_cached` renamed to `unlocked`. diff --git a/core/src/apps/management/apply_settings.py b/core/src/apps/management/apply_settings.py index 6aa14ae8d2..4bb80d951d 100644 --- a/core/src/apps/management/apply_settings.py +++ b/core/src/apps/management/apply_settings.py @@ -1,6 +1,6 @@ import storage.device from trezor import ui, wire, workflow -from trezor.messages import ButtonRequestType +from trezor.messages import ButtonRequestType, SafetyCheckLevel from trezor.messages.Success import Success from trezor.strings import format_duration_ms from trezor.ui.text import Text @@ -9,7 +9,7 @@ from apps.base import lock_device from apps.common.confirm import require_confirm, require_hold_to_confirm if False: - from trezor.messages.ApplySettings import ApplySettings + from trezor.messages.ApplySettings import ApplySettings, EnumTypeSafetyCheckLevel async def apply_settings(ctx: wire.Context, msg: ApplySettings): @@ -22,7 +22,7 @@ async def apply_settings(ctx: wire.Context, msg: ApplySettings): and msg.passphrase_always_on_device is None and msg.display_rotation is None and msg.auto_lock_delay_ms is None - and msg.unsafe_prompts is None + and msg.safety_checks is None ): raise wire.ProcessError("No setting provided") @@ -61,9 +61,11 @@ async def apply_settings(ctx: wire.Context, msg: ApplySettings): # use the value that was stored, not the one that was supplied by the user workflow.idle_timer.set(storage.device.get_autolock_delay_ms(), lock_device) - if msg.unsafe_prompts is not None: - await require_confirm_unsafe_prompts(ctx, msg.unsafe_prompts) - storage.device.set_unsafe_prompts_allowed(msg.unsafe_prompts) + if msg.safety_checks is not None: + await require_confirm_safety_checks(ctx, msg.safety_checks) + storage.device.set_unsafe_prompts_allowed( + msg.safety_checks == SafetyCheckLevel.Prompt + ) if msg.display_rotation is not None: await require_confirm_change_display_rotation(ctx, msg.display_rotation) @@ -132,8 +134,8 @@ async def require_confirm_change_autolock_delay(ctx, delay_ms): await require_confirm(ctx, text, ButtonRequestType.ProtectCall) -async def require_confirm_unsafe_prompts(ctx, allow: bool) -> None: - if allow: +async def require_confirm_safety_checks(ctx, level: EnumTypeSafetyCheckLevel) -> None: + if level == SafetyCheckLevel.Prompt: text = Text("Unsafe prompts", ui.ICON_WIPE) text.normal( "Trezor will allow you to", "confirm actions which", "might be dangerous." @@ -141,7 +143,9 @@ async def require_confirm_unsafe_prompts(ctx, allow: bool) -> None: text.br_half() text.bold("Allow unsafe prompts?") await require_hold_to_confirm(ctx, text, ButtonRequestType.ProtectCall) - else: + elif level == SafetyCheckLevel.Strict: text = Text("Unsafe prompts", ui.ICON_CONFIG) text.normal("Do you really want to", "disable unsafe prompts?") await require_confirm(ctx, text, ButtonRequestType.ProtectCall) + else: + raise ValueError # enum value out of range diff --git a/core/src/trezor/messages/ApplySettings.py b/core/src/trezor/messages/ApplySettings.py index 1b7aecafdb..b268cc89aa 100644 --- a/core/src/trezor/messages/ApplySettings.py +++ b/core/src/trezor/messages/ApplySettings.py @@ -6,6 +6,7 @@ if __debug__: try: from typing import Dict, List # noqa: F401 from typing_extensions import Literal # noqa: F401 + EnumTypeSafetyCheckLevel = Literal[0, 1] except ImportError: pass @@ -22,7 +23,7 @@ class ApplySettings(p.MessageType): auto_lock_delay_ms: int = None, display_rotation: int = None, passphrase_always_on_device: bool = None, - unsafe_prompts: bool = None, + safety_checks: EnumTypeSafetyCheckLevel = None, ) -> None: self.language = language self.label = label @@ -31,7 +32,7 @@ class ApplySettings(p.MessageType): self.auto_lock_delay_ms = auto_lock_delay_ms self.display_rotation = display_rotation self.passphrase_always_on_device = passphrase_always_on_device - self.unsafe_prompts = unsafe_prompts + self.safety_checks = safety_checks @classmethod def get_fields(cls) -> Dict: @@ -43,5 +44,5 @@ class ApplySettings(p.MessageType): 6: ('auto_lock_delay_ms', p.UVarintType, 0), 7: ('display_rotation', p.UVarintType, 0), 8: ('passphrase_always_on_device', p.BoolType, 0), - 9: ('unsafe_prompts', p.BoolType, 0), + 9: ('safety_checks', p.EnumType("SafetyCheckLevel", (0, 1)), 0), } diff --git a/core/src/trezor/messages/SafetyCheckLevel.py b/core/src/trezor/messages/SafetyCheckLevel.py new file mode 100644 index 0000000000..51b55fa696 --- /dev/null +++ b/core/src/trezor/messages/SafetyCheckLevel.py @@ -0,0 +1,7 @@ +# Automatically generated by pb2py +# fmt: off +if False: + from typing_extensions import Literal + +Strict = 0 # type: Literal[0] +Prompt = 1 # type: Literal[1] diff --git a/python/src/trezorlib/cli/settings.py b/python/src/trezorlib/cli/settings.py index 759cf9cbd9..0a9a715f64 100644 --- a/python/src/trezorlib/cli/settings.py +++ b/python/src/trezorlib/cli/settings.py @@ -16,7 +16,7 @@ import click -from .. import device +from .. import device, messages from . import ChoiceType, with_client ROTATION = {"north": 0, "east": 90, "south": 180, "west": 270} @@ -142,8 +142,13 @@ def unsafe_prompts(client, allow): to confirm possibly dangerous actions instead of rejecting them outright. Use with caution. """ - allowed = allow == "on" - return device.apply_settings(client, unsafe_prompts=allowed) + # TODO change this to ChoiceType + if allow == "on": + level = messages.SafetyCheckLevel.Prompt + else: + level = messages.SafetyCheckLevel.Strict + + return device.apply_settings(client, safety_checks=level) # diff --git a/python/src/trezorlib/device.py b/python/src/trezorlib/device.py index 7095163753..ea07f9e8e2 100644 --- a/python/src/trezorlib/device.py +++ b/python/src/trezorlib/device.py @@ -34,7 +34,7 @@ def apply_settings( passphrase_always_on_device=None, auto_lock_delay_ms=None, display_rotation=None, - unsafe_prompts=None, + safety_checks=None, ): settings = messages.ApplySettings( label=label, @@ -44,7 +44,7 @@ def apply_settings( passphrase_always_on_device=passphrase_always_on_device, auto_lock_delay_ms=auto_lock_delay_ms, display_rotation=display_rotation, - unsafe_prompts=unsafe_prompts, + safety_checks=safety_checks, ) out = client.call(settings) diff --git a/python/src/trezorlib/messages/ApplySettings.py b/python/src/trezorlib/messages/ApplySettings.py index 0f25641880..62f26cdff9 100644 --- a/python/src/trezorlib/messages/ApplySettings.py +++ b/python/src/trezorlib/messages/ApplySettings.py @@ -6,6 +6,7 @@ if __debug__: try: from typing import Dict, List # noqa: F401 from typing_extensions import Literal # noqa: F401 + EnumTypeSafetyCheckLevel = Literal[0, 1] except ImportError: pass @@ -22,7 +23,7 @@ class ApplySettings(p.MessageType): auto_lock_delay_ms: int = None, display_rotation: int = None, passphrase_always_on_device: bool = None, - unsafe_prompts: bool = None, + safety_checks: EnumTypeSafetyCheckLevel = None, ) -> None: self.language = language self.label = label @@ -31,7 +32,7 @@ class ApplySettings(p.MessageType): self.auto_lock_delay_ms = auto_lock_delay_ms self.display_rotation = display_rotation self.passphrase_always_on_device = passphrase_always_on_device - self.unsafe_prompts = unsafe_prompts + self.safety_checks = safety_checks @classmethod def get_fields(cls) -> Dict: @@ -43,5 +44,5 @@ class ApplySettings(p.MessageType): 6: ('auto_lock_delay_ms', p.UVarintType, 0), 7: ('display_rotation', p.UVarintType, 0), 8: ('passphrase_always_on_device', p.BoolType, 0), - 9: ('unsafe_prompts', p.BoolType, 0), + 9: ('safety_checks', p.EnumType("SafetyCheckLevel", (0, 1)), 0), } diff --git a/python/src/trezorlib/messages/SafetyCheckLevel.py b/python/src/trezorlib/messages/SafetyCheckLevel.py new file mode 100644 index 0000000000..51b55fa696 --- /dev/null +++ b/python/src/trezorlib/messages/SafetyCheckLevel.py @@ -0,0 +1,7 @@ +# Automatically generated by pb2py +# fmt: off +if False: + from typing_extensions import Literal + +Strict = 0 # type: Literal[0] +Prompt = 1 # type: Literal[1] diff --git a/python/src/trezorlib/messages/__init__.py b/python/src/trezorlib/messages/__init__.py index f5c29ed2cd..b664538a0a 100644 --- a/python/src/trezorlib/messages/__init__.py +++ b/python/src/trezorlib/messages/__init__.py @@ -293,6 +293,7 @@ from . import OutputScriptType from . import PinMatrixRequestType from . import RecoveryDeviceType from . import RequestType +from . import SafetyCheckLevel from . import SdProtectOperationType from . import TezosBallotType from . import TezosContractType diff --git a/tests/device_tests/test_msg_applysettings.py b/tests/device_tests/test_msg_applysettings.py index 9d18a49ca5..e04ce3c410 100644 --- a/tests/device_tests/test_msg_applysettings.py +++ b/tests/device_tests/test_msg_applysettings.py @@ -125,7 +125,7 @@ class TestMsgApplysettings: @pytest.mark.skip_t1 @pytest.mark.setup_client(pin=None) - def test_unsafe_prompts(self, client): + def test_safety_checks(self, client): BAD_ADDRESS = parse_path("m/0") with pytest.raises( @@ -136,7 +136,9 @@ class TestMsgApplysettings: with client: client.set_expected_responses(EXPECTED_RESPONSES_NOPIN) - device.apply_settings(client, unsafe_prompts=True) + device.apply_settings( + client, safety_checks=messages.SafetyCheckLevel.Prompt + ) with client: client.set_expected_responses( @@ -146,7 +148,9 @@ class TestMsgApplysettings: with client: client.set_expected_responses(EXPECTED_RESPONSES_NOPIN) - device.apply_settings(client, unsafe_prompts=False) + device.apply_settings( + client, safety_checks=messages.SafetyCheckLevel.Strict + ) with pytest.raises( exceptions.TrezorFailure, match="Forbidden key path" diff --git a/tests/ui_tests/fixtures.json b/tests/ui_tests/fixtures.json index f3b8468960..93998a30e7 100644 --- a/tests/ui_tests/fixtures.json +++ b/tests/ui_tests/fixtures.json @@ -14,7 +14,7 @@ "test_msg_applysettings.py-test_apply_settings": "2cc8bf660f3be815d19a4bf1265936162a58386fbe632ca4be01541245b79134", "test_msg_applysettings.py-test_apply_settings_passphrase": "5c1ed9a0be3d14475102d447da0b5d51bbb6dfaaeceff5ea9179064609db7870", "test_msg_applysettings.py-test_apply_settings_passphrase_on_device": "3e6527e227bdde54f51bc9c417b176d0d87fdb6c40c4761368f50eb201b4beed", -"test_msg_applysettings.py-test_unsafe_prompts": "19bd500c3b791d51bbd1140085f306a838194593697529263f362acb0b1ab445", +"test_msg_applysettings.py-test_safety_checks": "19bd500c3b791d51bbd1140085f306a838194593697529263f362acb0b1ab445", "test_msg_backup_device.py::test_backup_bip39": "2b63928444b8188eb2241fc03a3b9bc81191cfa9bbf3ef5431894c04ee0ed01f", "test_msg_backup_device.py::test_backup_slip39_advanced": "31900e0e8ad694ce894eee1ce289b425558c1fcd7bcb6128a19c049af436d35f", "test_msg_backup_device.py::test_backup_slip39_basic": "be4d88d882851ce1ddc45165c35952b23121ddca1a811c7fd7c7ef9d31989e8c",