async def load_device(ctx, msg):
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
if msg.node is not None:
raise wire.FailureError(ProcessError,
'LoadDevice.node is not supported')
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.FailureError(ProcessError, 'Mnemonic is not valid')
await require_confirm(
ctx,
Text('Loading seed', ui.ICON_DEFAULT, ui.BOLD, 'Loading private seed',
'is not recommended.', ui.NORMAL, 'Continue only if you',
'know what you are doing!'))
storage.load_mnemonic(mnemonic=msg.mnemonic, needs_backup=True)
storage.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(''), pin_to_int(msg.pin), None)
return Success(message='Device loaded')
async def recovery_device(ctx, msg):
"""
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
"""
if not msg.dry_run and storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
text = Text("Device recovery", ui.ICON_RECOVERY)
text.normal("Do you really want to", "recover the device?", "")
await require_confirm(ctx, text, code=ProtectCall)
if msg.dry_run and config.has_pin():
curpin = await request_pin_ack(ctx, "Enter PIN", config.get_pin_rem())
if not config.check_pin(pin_to_int(curpin)):
raise wire.PinInvalid("PIN invalid")
# ask for the number of words
wordcount = await request_wordcount(ctx)
# ask for mnemonic words one by one
mnemonic = await request_mnemonic(ctx, wordcount)
# check mnemonic validity
if msg.enforce_wordlist or msg.dry_run:
if not bip39.check(mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
# ask for pin repeatedly
if msg.pin_protection:
newpin = await request_pin_confirm(ctx, cancellable=False)
# dry run
if msg.dry_run:
digest_input = sha256(mnemonic).digest()
digest_stored = sha256(storage.get_mnemonic()).digest()
if consteq(digest_stored, digest_input):
return Success(
message="The seed is valid and matches the one in the device")
else:
raise wire.ProcessError(
"The seed is valid but does not match the one in the device")
# save into storage
if msg.pin_protection:
config.change_pin(pin_to_int(""), pin_to_int(newpin))
storage.set_u2f_counter(msg.u2f_counter)
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic=mnemonic,
needs_backup=False,
no_backup=False)
return Success(message="Device recovered")
def test_check_ok(self):
v = [
'abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about',
'legal winner thank year wave sausage worth useful legal winner thank yellow',
'letter advice cage absurd amount doctor acoustic avoid letter advice cage above',
'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo wrong',
'abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon agent',
'legal winner thank year wave sausage worth useful legal winner thank year wave sausage worth useful legal will',
'letter advice cage absurd amount doctor acoustic avoid letter advice cage absurd amount doctor acoustic avoid letter always',
'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo when',
'abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon art',
'legal winner thank year wave sausage worth useful legal winner thank year wave sausage worth useful legal winner thank year wave sausage worth title',
'letter advice cage absurd amount doctor acoustic avoid letter advice cage absurd amount doctor acoustic avoid letter advice cage absurd amount doctor acoustic bless',
'zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote',
'jelly better achieve collect unaware mountain thought cargo oxygen act hood bridge',
'renew stay biology evidence goat welcome casual join adapt armor shuffle fault little machine walk stumble urge swap',
'dignity pass list indicate nasty swamp pool script soccer toe leaf photo multiply desk host tomato cradle drill spread actor shine dismiss champion exotic',
'afford alter spike radar gate glance object seek swamp infant panel yellow',
'indicate race push merry suffer human cruise dwarf pole review arch keep canvas theme poem divorce alter left',
'clutch control vehicle tonight unusual clog visa ice plunge glimpse recipe series open hour vintage deposit universe tip job dress radar refuse motion taste',
'turtle front uncle idea crush write shrug there lottery flower risk shell',
'kiss carry display unusual confirm curtain upgrade antique rotate hello void custom frequent obey nut hole price segment',
'exile ask congress lamp submit jacket era scheme attend cousin alcohol catch course end lucky hurt sentence oven short ball bird grab wing top',
'board flee heavy tunnel powder denial science ski answer betray cargo cat',
'board blade invite damage undo sun mimic interest slam gaze truly inherit resist great inject rocket museum chief',
'beyond stage sleep clip because twist token leaf atom beauty genius food business side grid unable middle armed observe pair crouch tonight away coconut',
]
for m in v:
self.assertEqual(bip39.check(m), True)
async def load_device(ctx, msg):
word_count = _validate(msg)
is_slip39 = backup_types.is_slip39_word_count(word_count)
if not is_slip39 and not msg.skip_checksum and not bip39.check(
msg.mnemonics[0]):
raise wire.ProcessError("Mnemonic is not valid")
await _warn(ctx)
if not is_slip39: # BIP-39
secret = msg.mnemonics[0].encode()
backup_type = BackupType.Bip39
else:
identifier, iteration_exponent, secret, group_count = slip39.combine_mnemonics(
msg.mnemonics)
if group_count == 1:
backup_type = BackupType.Slip39_Basic
elif group_count > 1:
backup_type = BackupType.Slip39_Advanced
else:
raise RuntimeError("Invalid group count")
storage.device.set_slip39_identifier(identifier)
storage.device.set_slip39_iteration_exponent(iteration_exponent)
storage.device.store_mnemonic_secret(secret,
backup_type,
needs_backup=True,
no_backup=False)
storage.device.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin), None, None)
return Success(message="Device loaded")
async def layout_load_device(session_id, msg):
from trezor.crypto import bip39
from trezor.messages.Success import Success
from trezor.messages.FailureType import UnexpectedMessage, Other
from trezor.ui.text import Text
from ..common.confirm import require_confirm
from ..common import storage
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
if msg.node is not None:
raise wire.FailureError(Other, 'LoadDevice.node is not supported')
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.FailureError(Other, 'Mnemonic is not valid')
await require_confirm(
session_id,
Text('Loading seed', ui.ICON_RESET, ui.BOLD, 'Loading private seed',
'is not recommended.', ui.NORMAL, 'Continue only if you',
'know what you are doing!'))
storage.load_mnemonic(msg.mnemonic)
storage.load_settings(pin=msg.pin,
passphrase_protection=msg.passphrase_protection,
language=msg.language,
label=msg.label)
return Success(message='Device loaded')
async def load_device(ctx, msg):
if storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
if msg.node is not None:
raise wire.ProcessError("LoadDevice.node is not supported")
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
text = Text("Loading seed")
text.bold("Loading private seed", "is not recommended.")
text.normal("Continue only if you", "know what you are doing!")
await require_confirm(ctx, text)
storage.load_mnemonic(mnemonic=msg.mnemonic,
needs_backup=True,
no_backup=False)
storage.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin))
return Success(message="Device loaded")
def process_bip39(words: str) -> bytes:
"""
Receives single mnemonic and processes it. Returns what is then stored
in the storage, which is the mnemonic itself for BIP-39.
"""
if not bip39.check(words):
raise MnemonicError
return words.encode()
async def load_device(ctx, msg):
if storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
if msg.node is not None:
raise wire.ProcessError("LoadDevice.node is not supported")
if not msg.mnemonics:
raise wire.ProcessError("No mnemonic provided")
word_count = len(msg.mnemonics[0].split(" "))
for m in msg.mnemonics[1:]:
if word_count != len(m.split(" ")):
raise wire.ProcessError(
"All shares are required to have the same number of words")
mnemonic_type = mnemonic.type_from_word_count(word_count)
if (mnemonic_type == mnemonic.TYPE_BIP39 and not msg.skip_checksum
and not bip39.check(msg.mnemonics[0])):
raise wire.ProcessError("Mnemonic is not valid")
text = Text("Loading seed")
text.bold("Loading private seed", "is not recommended.")
text.normal("Continue only if you", "know what you are doing!")
await require_confirm(ctx, text)
if mnemonic_type == mnemonic.TYPE_BIP39:
secret = msg.mnemonics[0].encode()
elif mnemonic_type == mnemonic.TYPE_SLIP39:
identifier, iteration_exponent, secret = slip39.combine_mnemonics(
msg.mnemonics)
storage.device.set_slip39_identifier(identifier)
storage.device.set_slip39_iteration_exponent(iteration_exponent)
else:
raise RuntimeError("Unknown mnemonic type")
storage.device.store_mnemonic_secret(secret,
mnemonic_type,
needs_backup=True,
no_backup=False)
storage.device.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin))
return Success(message="Device loaded")
async def recovery_device(ctx, msg):
"""
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
"""
if not msg.dry_run and storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
# ask for the number of words
wordcount = await request_wordcount(ctx)
# ask for mnemonic words one by one
mnemonic = await request_mnemonic(ctx, wordcount)
# check mnemonic validity
if msg.enforce_wordlist or msg.dry_run:
if not bip39.check(mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
# ask for pin repeatedly
if msg.pin_protection:
newpin = await request_pin_confirm(ctx, cancellable=False)
# save into storage
if not msg.dry_run:
if msg.pin_protection:
config.change_pin(pin_to_int(""), pin_to_int(newpin), None)
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic=mnemonic,
needs_backup=False,
no_backup=False)
return Success(message="Device recovered")
else:
if storage.get_mnemonic() == mnemonic:
return Success(
message="The seed is valid and matches the one in the device")
else:
raise wire.ProcessError(
"The seed is valid but does not match the one in the device")
async def load_device(ctx, msg):
word_count = _validate(msg)
is_slip39 = backup_types.is_slip39_word_count(word_count)
if not is_slip39 and not msg.skip_checksum and not bip39.check(
msg.mnemonics[0]):
raise wire.ProcessError("Mnemonic is not valid")
await _warn(ctx)
if not is_slip39: # BIP-39
secret = msg.mnemonics[0].encode()
backup_type = BackupType.Bip39
else:
identifier, iteration_exponent, secret = slip39.recover_ems(
msg.mnemonics)
# this must succeed if the recover_ems call succeeded
share = slip39.decode_mnemonic(msg.mnemonics[0])
if share.group_count == 1:
backup_type = BackupType.Slip39_Basic
elif share.group_count > 1:
backup_type = BackupType.Slip39_Advanced
else:
raise wire.ProcessError("Invalid group count")
storage.device.set_slip39_identifier(identifier)
storage.device.set_slip39_iteration_exponent(iteration_exponent)
storage.device.store_mnemonic_secret(
secret,
backup_type,
needs_backup=msg.needs_backup is True,
no_backup=msg.no_backup is True,
)
storage.device.set_passphrase_enabled(msg.passphrase_protection)
storage.device.set_label(msg.label or "")
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin), None, None)
return Success(message="Device loaded")
async def recovery_device(ctx, msg):
'''
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
'''
from trezor import config
from trezor.crypto import bip39
from trezor.messages.FailureType import UnexpectedMessage, ProcessError
from trezor.messages.Success import Success
from trezor.ui.text import Text
from apps.common import storage
from apps.common.request_pin import request_pin
from apps.common.request_words import request_words
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
wordcount = await request_words(
ctx, Text('Device recovery', ui.ICON_RECOVERY, 'Number of words?'))
mnemonic = await request_mnemonic(wordcount, 'Type %s. word')
if msg.enforce_wordlist and not bip39.check(mnemonic):
raise wire.FailureError(ProcessError, 'Mnemonic is not valid')
if msg.pin_protection:
curpin = ''
newpin = await request_pin(ctx)
config.change_pin(curpin, newpin)
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic)
return Success()
async def recovery_device(ctx, msg):
'''
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
'''
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
# ask for the number of words
wordcount = await request_wordcount(ctx)
# ask for mnemonic words one by one
mnemonic = await request_mnemonic(ctx, wordcount)
# check mnemonic validity
if msg.enforce_wordlist:
if not bip39.check(mnemonic):
raise wire.FailureError(ProcessError, 'Mnemonic is not valid')
# ask for pin repeatedly
if msg.pin_protection:
newpin = await request_pin_confirm(ctx, cancellable=False)
# save into storage
if not msg.dry_run:
if msg.pin_protection:
config.change_pin(pin_to_int(''), pin_to_int(newpin), None)
storage.load_settings(
label=msg.label, use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(
mnemonic=mnemonic, needs_backup=False)
return Success()
def check(secret: bytes):
return bip39.check(secret)
def check(secret: bytes) -> bool:
return bip39.check(secret)
