def fetch_storage_locker(self):
# USB request to read the storage locker (aka. long secret from 608a)
# - limited by counter, because typically only needed at startup
# - please keep in mind the desktop needs this secret, and probably blabs it
# - our memory also is contaminated with this secret, and no easy way to clean
assert self.allow_sl, 'not allowed'
assert self.sl_reads < self.allow_sl, 'consumed'
self.sl_reads += 1
from main import pa
raw = pa.ls_fetch()
ll, = ustruct.unpack_from('H', raw)
assert 0 <= ll <= AE_LONG_SECRET_LEN - 2
return raw[2:2 + ll]
def render_backup_contents():
# simple text format:
# key = value
# or #comments
# but value is JSON
from main import settings, pa
rv = StringIO()
def COMMENT(val=None):
if val:
rv.write('\n# %s\n' % val)
else:
rv.write('\n')
def ADD(key, val):
rv.write('%s = %s\n' % (key, ujson.dumps(val)))
rv.write('# Coldcard backup file! DO NOT CHANGE.\n')
chain = chains.current_chain()
COMMENT('Private key details: ' + chain.name)
with stash.SensitiveValues(for_backup=True) as sv:
if sv.mode == 'words':
ADD('mnemonic', tcc.bip39.from_data(sv.raw))
if sv.mode == 'master':
ADD('bip32_master_key', b2a_hex(sv.raw))
ADD('chain', chain.ctype)
ADD('xprv', chain.serialize_private(sv.node))
ADD('xpub', chain.serialize_public(sv.node))
# BTW: everything is really a duplicate of this value
ADD('raw_secret', b2a_hex(sv.secret).rstrip(b'0'))
if pa.has_duress_pin():
COMMENT('Duress Wallet (informational)')
dpk = sv.duress_root()
ADD('duress_xprv', chain.serialize_private(dpk))
ADD('duress_xpub', chain.serialize_public(dpk))
if version.has_608:
# save the so-called long-secret
ADD('long_secret', b2a_hex(pa.ls_fetch()))
COMMENT('Firmware version (informational)')
date, vers, timestamp = version.get_mpy_version()[0:3]
ADD('fw_date', date)
ADD('fw_version', vers)
ADD('fw_timestamp', timestamp)
ADD('serial', version.serial_number())
COMMENT('User preferences')
# user preferences
for k, v in settings.current.items():
if k[0] == '_': continue # debug stuff in simulator
if k == 'xpub': continue # redundant, and wrong if bip39pw
if k == 'xfp': continue # redundant, and wrong if bip39pw
ADD('setting.' + k, v)
if version.has_fatram:
import hsm
if hsm.hsm_policy_available():
ADD('hsm_policy', hsm.capture_backup())
rv.write('\n# EOF\n')
return rv.getvalue()
async def test_7z():
# test full 7z round-trip
# Altho cleartext mode is not for real, if the code is written, I must test it.
from backups import write_complete_backup, restore_complete_doit
from sffile import SFFile
import tcc, version, uos
from main import settings, sf, numpad, pa
if version.has_fatram:
import hsm
had_policy = hsm.hsm_policy_available()
else:
had_policy = False
today = tcc.random.uniform(1000000)
import machine
machine.reset = lambda: None
for chain in ['BTC', 'XTN']:
for words in ([], ['abc', 'def']):
settings.set('check', today)
settings.set('chain', chain)
if version.has_608:
ls = b'%416d' % today
pa.ls_change(ls)
ll, sha = await write_complete_backup(words, None, True)
result = SFFile(0, ll).read()
if words:
#open('debug.7z', 'wb').write(result)
assert ll > 800
assert len(sha) == 32
assert result[0:6] == b"7z\xbc\xaf'\x1c"
assert tcc.sha256(result).digest() == sha
assert len(set(result)) >= 240 # encrypted
else:
sr = str(result, 'ascii')
print("Backup contents:\n" + sr)
assert sr[0] == '#', result
assert 'Coldcard' in sr
assert len(set(sr)) < 100 # cleartext, english
assert ('chain = "%s"' % chain) in result
# test restore
# - cant wipe flash, since the backup file is there
# - cant wipe all settings becuase PIN and stuff is simulated there
del settings.current['check']
if had_policy:
from hsm import POLICY_FNAME
uos.unlink(POLICY_FNAME)
assert not hsm.hsm_policy_available()
with SFFile(0, ll) as fd:
numpad.inject('y') # for 'success' message
await restore_complete_doit(fd, words)
assert settings.get('check') == today, \
(settings.get('check'), '!=', today)
assert settings.get('chain') == chain, \
(settings.get('chain'), '!=', chain)
if version.has_608:
assert pa.ls_fetch() == ls
if had_policy:
assert had_policy == hsm.hsm_policy_available()
today += 3
import ux
ux.restore_menu()