def test_verify_path(self):
schemas = (
PathSchema("m/44'/coin_type'", slip44_id=134),
PathSchema("m/44'/coin_type'", slip44_id=11),
)
keychain = Keychain(b"", "secp256k1", schemas)
correct = (
[H_(44), H_(134)],
[H_(44), H_(11)],
)
for path in correct:
keychain.verify_path(path)
fails = (
[H_(44), 134], # path does not match
[44, 134], # path does not match (non-hardened items)
[H_(44), H_(13)], # invalid second item
)
for f in fails:
with self.assertRaises(wire.DataError):
keychain.verify_path(f)
# turn off restrictions
safety_checks.apply_setting(SafetyCheckLevel.PromptTemporarily)
for path in correct + fails:
keychain.verify_path(path)
def test_verify_path(self):
n = [
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
]
keychain = Keychain(b"", "secp256k1", n)
correct = (
[44 | HARDENED, 134 | HARDENED],
[44 | HARDENED, 11 | HARDENED],
[44 | HARDENED, 11 | HARDENED, 12],
)
for path in correct:
keychain.verify_path(path)
fails = (
[44 | HARDENED, 134], # path does not match
[44, 134], # path does not match (non-hardened items)
[44 | HARDENED, 13 | HARDENED], # invalid second item
)
for f in fails:
with self.assertRaises(wire.DataError):
keychain.verify_path(f)
# turn off restrictions
safety_checks.apply_setting(SafetyCheckLevel.PromptTemporarily)
for path in correct + fails:
keychain.verify_path(path)
# turn on restrictions
safety_checks.apply_setting(SafetyCheckLevel.Strict)
async def apply_settings(ctx: wire.Context, msg: ApplySettings):
if not storage.device.is_initialized():
raise wire.NotInitialized("Device is not initialized")
if (msg.homescreen is None and msg.label is None
and msg.use_passphrase is None
and msg.passphrase_always_on_device is None
and msg.display_rotation is None and msg.auto_lock_delay_ms is None
and msg.safety_checks is None):
raise wire.ProcessError("No setting provided")
if msg.homescreen is not None:
validate_homescreen(msg.homescreen)
await require_confirm_change_homescreen(ctx)
try:
storage.device.set_homescreen(msg.homescreen)
except ValueError:
raise wire.DataError("Invalid homescreen")
if msg.label is not None:
await require_confirm_change_label(ctx, msg.label)
storage.device.set_label(msg.label)
if msg.use_passphrase is not None:
await require_confirm_change_passphrase(ctx, msg.use_passphrase)
storage.device.set_passphrase_enabled(msg.use_passphrase)
if msg.passphrase_always_on_device is not None:
if not storage.device.is_passphrase_enabled():
raise wire.DataError("Passphrase is not enabled")
await require_confirm_change_passphrase_source(
ctx, msg.passphrase_always_on_device)
storage.device.set_passphrase_always_on_device(
msg.passphrase_always_on_device)
if msg.auto_lock_delay_ms is not None:
if msg.auto_lock_delay_ms < storage.device.AUTOLOCK_DELAY_MINIMUM:
raise wire.ProcessError("Auto-lock delay too short")
if msg.auto_lock_delay_ms > storage.device.AUTOLOCK_DELAY_MAXIMUM:
raise wire.ProcessError("Auto-lock delay too long")
await require_confirm_change_autolock_delay(ctx,
msg.auto_lock_delay_ms)
storage.device.set_autolock_delay_ms(msg.auto_lock_delay_ms)
# use the value that was stored, not the one that was supplied by the user
workflow.idle_timer.set(storage.device.get_autolock_delay_ms(),
lock_device)
if msg.safety_checks is not None:
await require_confirm_safety_checks(ctx, msg.safety_checks)
safety_checks.apply_setting(msg.safety_checks)
if msg.display_rotation is not None:
await require_confirm_change_display_rotation(ctx,
msg.display_rotation)
storage.device.set_rotation(msg.display_rotation)
ui.display.orientation(storage.device.get_rotation())
return Success(message="Settings applied")
async def apply_settings(ctx: wire.Context, msg: ApplySettings) -> Success:
if not storage.device.is_initialized():
raise wire.NotInitialized("Device is not initialized")
if (
msg.homescreen is None
and msg.label is None
and msg.use_passphrase is None
and msg.passphrase_always_on_device is None
and msg.display_rotation is None
and msg.auto_lock_delay_ms is None
and msg.safety_checks is None
and msg.experimental_features is None
):
raise wire.ProcessError("No setting provided")
if msg.homescreen is not None:
validate_homescreen(msg.homescreen)
await require_confirm_change_homescreen(ctx)
try:
storage.device.set_homescreen(msg.homescreen)
except ValueError:
raise wire.DataError("Invalid homescreen")
if msg.label is not None:
if len(msg.label) > storage.device.LABEL_MAXLENGTH:
raise wire.DataError("Label too long")
await require_confirm_change_label(ctx, msg.label)
storage.device.set_label(msg.label)
if msg.use_passphrase is not None:
await require_confirm_change_passphrase(ctx, msg.use_passphrase)
storage.device.set_passphrase_enabled(msg.use_passphrase)
if msg.passphrase_always_on_device is not None:
if not storage.device.is_passphrase_enabled():
raise wire.DataError("Passphrase is not enabled")
await require_confirm_change_passphrase_source(
ctx, msg.passphrase_always_on_device
)
storage.device.set_passphrase_always_on_device(msg.passphrase_always_on_device)
if msg.auto_lock_delay_ms is not None:
if msg.auto_lock_delay_ms < storage.device.AUTOLOCK_DELAY_MINIMUM:
raise wire.ProcessError("Auto-lock delay too short")
if msg.auto_lock_delay_ms > storage.device.AUTOLOCK_DELAY_MAXIMUM:
raise wire.ProcessError("Auto-lock delay too long")
await require_confirm_change_autolock_delay(ctx, msg.auto_lock_delay_ms)
storage.device.set_autolock_delay_ms(msg.auto_lock_delay_ms)
if msg.safety_checks is not None:
await require_confirm_safety_checks(ctx, msg.safety_checks)
safety_checks.apply_setting(msg.safety_checks)
if msg.display_rotation is not None:
await require_confirm_change_display_rotation(ctx, msg.display_rotation)
storage.device.set_rotation(msg.display_rotation)
if msg.experimental_features is not None:
await require_confirm_experimental_features(ctx, msg.experimental_features)
storage.device.set_experimental_features(msg.experimental_features)
reload_settings_from_storage()
return Success(message="Settings applied")
