async def set_sd_salt(ctx: Optional[wire.Context], salt: bytes, salt_tag: bytes, filename: str = "salt") -> None: device_dir = "/trezor/device_%s" % storage.device.get_device_id() salt_path = "%s/%s" % (device_dir, filename) sd = io.SDCard() fs = io.FatFS() if not sd.power(True): await insert_card_dialog(ctx) raise SdProtectCancelled try: fs.mount() try: fs.mkdir("/trezor") except OSError: # Directory already exists. pass try: fs.mkdir(device_dir) except OSError: # Directory already exists. pass with fs.open(salt_path, "w") as f: f.write(salt) f.write(salt_tag) finally: fs.unmount() sd.power(False)
def load_sd_salt() -> Optional[bytearray]: salt_auth_key = storage.device.get_sd_salt_auth_key() if salt_auth_key is None: return None salt_path = _get_salt_path() new_salt_path = _get_salt_path(new=True) fs = io.FatFS() salt = _load_salt(fs, salt_auth_key, salt_path) if salt is not None: return salt # Check if there is a new salt. salt = _load_salt(fs, salt_auth_key, new_salt_path) if salt is None: # No valid salt file on this SD card. raise WrongSdCard # Normal salt file does not exist, but new salt file exists. That means that # SD salt regeneration was interrupted earlier. Bring into consistent state. # TODO Possibly overwrite salt file with random data. try: fs.unlink(salt_path) except OSError: pass # fs.rename can fail with a write error, which falls through as an OSError. # This should be handled in calling code, by allowing the user to retry. fs.rename(new_salt_path, salt_path) return salt
async def set_sd_salt( ctx: Optional[wire.Context], salt: bytes, salt_tag: bytes, new: bool = False ) -> None: salt_path = _get_salt_path(new) while True: sd = io.SDCard() while not sd.power(True): await _insert_card_dialog(ctx) try: fs = io.FatFS() fs.mount() fs.mkdir("/trezor", True) fs.mkdir(_get_device_dir(), True) with fs.open(salt_path, "w") as f: f.write(salt) f.write(salt_tag) break except Exception: fs.unmount() sd.power(False) await _write_failed_dialog(ctx) fs.unmount() sd.power(False)
def set_sd_salt(salt: bytes, salt_tag: bytes, stage: bool = False) -> None: salt_path = _get_salt_path(stage) fs = io.FatFS() fs.mkdir("/trezor", True) fs.mkdir(_get_device_dir(), True) with fs.open(salt_path, "w") as f: f.write(salt) f.write(salt_tag)
def commit_sd_salt() -> None: salt_path = _get_salt_path(new=False) new_salt_path = _get_salt_path(new=True) fs = io.FatFS() try: fs.unlink(salt_path) except OSError: pass fs.rename(new_salt_path, salt_path)
async def remove_sd_salt(ctx: Optional[wire.Context]) -> None: salt_path = _get_salt_path() sd = io.SDCard() fs = io.FatFS() if not sd.power(True): raise OSError try: fs.mount() # TODO Possibly overwrite salt file with random data. fs.unlink(salt_path) finally: fs.unmount() sd.power(False)
async def remove_sd_salt(ctx: Optional[wire.Context]) -> None: salt_path = _get_salt_path() sd = io.SDCard() fs = io.FatFS() if not sd.power(True): await _insert_card_dialog(ctx) raise SdProtectCancelled try: fs.mount() # TODO Possibly overwrite salt file with random data. fs.unlink(salt_path) finally: fs.unmount() sd.power(False)
async def remove_sd_salt(ctx: Optional[wire.Context]) -> None: device_dir = "/trezor/device_%s" % storage.device.get_device_id() salt_path = "%s/salt" % device_dir sd = io.SDCard() fs = io.FatFS() if not sd.power(True): await insert_card_dialog(ctx) raise SdProtectCancelled try: fs.mount() # TODO Possibly overwrite salt file with random data. fs.unlink(salt_path) finally: fs.unmount() sd.power(False)
async def request_sd_salt( ctx: Optional[wire.Context], salt_auth_key: bytes ) -> bytearray: salt_path = _get_salt_path() new_salt_path = _get_salt_path(True) while True: sd = io.SDCard() fs = io.FatFS() while not sd.power(True): await _insert_card_dialog(ctx) try: fs.mount() salt = _load_salt(fs, salt_auth_key, salt_path) if salt is not None: return salt # Check if there is a new salt. salt = _load_salt(fs, salt_auth_key, new_salt_path) if salt is not None: # SD salt regeneration was interrupted earlier. Bring into consistent state. # TODO Possibly overwrite salt file with random data. try: fs.unlink(salt_path) except OSError: pass try: fs.rename(new_salt_path, salt_path) except OSError: error_dialog = _write_failed_dialog(ctx) else: return salt else: # No valid salt file on this SD card. error_dialog = _wrong_card_dialog(ctx) finally: fs.unmount() sd.power(False) await error_dialog
async def commit_sd_salt(ctx: Optional[wire.Context]) -> None: salt_path = _get_salt_path() new_salt_path = _get_salt_path(True) sd = io.SDCard() fs = io.FatFS() if not sd.power(True): raise OSError try: fs.mount() # TODO Possibly overwrite salt file with random data. try: fs.unlink(salt_path) except OSError: pass fs.rename(new_salt_path, salt_path) finally: fs.unmount() sd.power(False)
def wrapped_func(*args, **kwargs): # type: ignore global _ensure_filesystem_nesting_counter sd = io.SDCard() if _ensure_filesystem_nesting_counter == 0: if not sd.power(True): raise OSError try: _ensure_filesystem_nesting_counter += 1 fs = io.FatFS() fs.mount() # XXX do we need to differentiate failure types? # If yes, can the problem be derived from the type of OSError raised? return func(*args, **kwargs) finally: _ensure_filesystem_nesting_counter -= 1 assert _ensure_filesystem_nesting_counter >= 0 if _ensure_filesystem_nesting_counter == 0: fs.unmount() sd.power(False)
async def set_sd_salt(ctx: Optional[wire.Context], salt: bytes, salt_tag: bytes, new: bool = False) -> None: salt_path = _get_salt_path(new) sd = io.SDCard() if not sd.power(True): await _insert_card_dialog(ctx) raise SdProtectCancelled fs = io.FatFS() try: fs.mount() fs.mkdir("/trezor", True) fs.mkdir(_get_device_dir(), True) with fs.open(salt_path, "w") as f: f.write(salt) f.write(salt_tag) finally: fs.unmount() sd.power(False)
ui.display.text_center(ui.WIDTH // 2, 128, "Locked", ui.BOLD, ui.TITLE_GREY, ui.BG) ui.display.text_center(ui.WIDTH // 2 + 10, 220, "Tap to unlock", ui.BOLD, ui.TITLE_GREY, ui.BG) ui.display.icon(45, 202, res.load(ui.ICON_CLICK), ui.TITLE_GREY, ui.BG) ui.backlight_fade(ui.BACKLIGHT_NORMAL) await ui.click() if utils.EMULATOR: # Ensure the emulated SD card is FAT32 formatted. sd = io.SDCard() sd.power(True) fs = io.FatFS() try: fs.mount() except OSError: fs.mkfs() else: fs.unmount() sd.power(False) ui.display.backlight(ui.BACKLIGHT_NONE) ui.backlight_fade(ui.BACKLIGHT_NORMAL) config.init(show_pin_timeout) loop.schedule(bootscreen()) loop.run()
async def request_sd_salt(ctx: Optional[wire.Context], salt_auth_key: bytes) -> bytearray: salt_path = _get_salt_path() new_salt_path = _get_salt_path(True) sd = io.SDCard() fs = io.FatFS() if not sd.power(True): await _insert_card_dialog(ctx) raise SdProtectCancelled try: fs.mount() # Load salt if it exists. try: with fs.open(salt_path, "r") as f: salt = bytearray( SD_SALT_LEN_BYTES) # type: Optional[bytearray] salt_tag = bytearray(SD_SALT_AUTH_TAG_LEN_BYTES) f.read(salt) f.read(salt_tag) except OSError: salt = None if salt is not None and consteq( hmac.new(salt_auth_key, salt, sha256).digest()[:SD_SALT_AUTH_TAG_LEN_BYTES], salt_tag, ): return salt # Load salt.new if it exists. try: with fs.open(new_salt_path, "r") as f: new_salt = bytearray( SD_SALT_LEN_BYTES) # type: Optional[bytearray] new_salt_tag = bytearray(SD_SALT_AUTH_TAG_LEN_BYTES) f.read(new_salt) f.read(new_salt_tag) except OSError: new_salt = None if new_salt is not None and consteq( hmac.new(salt_auth_key, new_salt, sha256).digest()[:SD_SALT_AUTH_TAG_LEN_BYTES], new_salt_tag, ): # SD salt regeneration was interrupted earlier. Bring into consistent state. # TODO Possibly overwrite salt file with random data. try: fs.unlink(salt_path) except OSError: pass fs.rename(new_salt_path, salt_path) return new_salt finally: fs.unmount() sd.power(False) await _wrong_card_dialog(ctx) raise SdProtectCancelled
def setUp(self): self.sd = io.SDCard() self.sd.power(True) self.fs = io.FatFS() self.fs.mkfs() self.fs.mount()
def remove_sd_salt() -> None: salt_path = _get_salt_path() fs = io.FatFS() # TODO Possibly overwrite salt file with random data. fs.unlink(salt_path)