async def sd_protect_disable(ctx: wire.Context, msg: SdProtect) -> Success:
if device.get_sd_salt_auth_key() is None:
raise wire.ProcessError("SD card protection not enabled")
# Confirm that user wants to proceed with the operation.
await require_confirm_sd_protect(ctx, msg)
# Get the current PIN and salt from the SD card.
pin, salt = await request_pin_and_sd_salt(ctx, "Enter PIN")
# Check PIN and remove salt.
if not config.change_pin(pin_to_int(pin), pin_to_int(pin), salt, None):
await show_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
device.set_sd_salt_auth_key(None)
try:
# Clean up.
await remove_sd_salt(ctx)
except Exception:
# The cleanup is not necessary for the correct functioning of
# SD-protection. If it fails for any reason, we suppress the exception,
# because overall SD-protection was successfully disabled.
pass
await show_success(ctx,
("You have successfully", "disabled SD protection."))
return Success(message="SD card protection disabled")
async def sd_protect_disable(ctx: wire.Context, msg: SdProtect) -> Success:
if not storage.sd_salt.is_enabled():
raise wire.ProcessError("SD card protection not enabled")
# Note that the SD card doesn't need to be present in order to disable SD
# protection. The cleanup will not happen in such case, but that does not matter.
# Confirm that user wants to proceed with the operation.
await require_confirm_sd_protect(ctx, msg)
# Get the current PIN and salt from the SD card.
pin, salt = await request_pin_and_sd_salt(ctx, "Enter PIN")
# Check PIN and remove salt.
if not config.change_pin(pin_to_int(pin), pin_to_int(pin), salt, None):
await error_pin_invalid(ctx)
storage.device.set_sd_salt_auth_key(None)
try:
# Clean up.
storage.sd_salt.remove_sd_salt()
except Exception:
# The cleanup is not necessary for the correct functioning of
# SD-protection. If it fails for any reason, we suppress the exception,
# because overall SD-protection was successfully disabled.
pass
await show_success(ctx, ("You have successfully", "disabled SD protection."))
return Success(message="SD card protection disabled")
async def load_device(ctx, msg):
# TODO implement SLIP-39
if storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
if msg.node is not None:
raise wire.ProcessError("LoadDevice.node is not supported")
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
text = Text("Loading seed")
text.bold("Loading private seed", "is not recommended.")
text.normal("Continue only if you", "know what you are doing!")
await require_confirm(ctx, text)
secret = bip39.process_all([msg.mnemonic])
storage.device.store_mnemonic_secret(
secret=secret,
mnemonic_type=bip39.get_type(),
needs_backup=True,
no_backup=False,
)
storage.device.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin))
return Success(message="Device loaded")
async def load_device(ctx, msg):
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
if msg.node is not None:
raise wire.FailureError(ProcessError,
'LoadDevice.node is not supported')
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.FailureError(ProcessError, 'Mnemonic is not valid')
await require_confirm(
ctx,
Text('Loading seed', ui.ICON_DEFAULT, ui.BOLD, 'Loading private seed',
'is not recommended.', ui.NORMAL, 'Continue only if you',
'know what you are doing!'))
storage.load_mnemonic(mnemonic=msg.mnemonic, needs_backup=True)
storage.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(''), pin_to_int(msg.pin), None)
return Success(message='Device loaded')
async def load_device(ctx, msg):
word_count = _validate(msg)
is_slip39 = backup_types.is_slip39_word_count(word_count)
if not is_slip39 and not msg.skip_checksum and not bip39.check(
msg.mnemonics[0]):
raise wire.ProcessError("Mnemonic is not valid")
await _warn(ctx)
if not is_slip39: # BIP-39
secret = msg.mnemonics[0].encode()
backup_type = BackupType.Bip39
else:
identifier, iteration_exponent, secret, group_count = slip39.combine_mnemonics(
msg.mnemonics)
if group_count == 1:
backup_type = BackupType.Slip39_Basic
elif group_count > 1:
backup_type = BackupType.Slip39_Advanced
else:
raise RuntimeError("Invalid group count")
storage.device.set_slip39_identifier(identifier)
storage.device.set_slip39_iteration_exponent(iteration_exponent)
storage.device.store_mnemonic_secret(secret,
backup_type,
needs_backup=True,
no_backup=False)
storage.device.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin), None, None)
return Success(message="Device loaded")
async def bootscreen() -> None:
ui.display.orientation(storage_device.get_rotation())
salt_auth_key = storage_device.get_sd_salt_auth_key()
while True:
try:
if salt_auth_key is not None or config.has_pin():
await lockscreen()
if salt_auth_key is not None:
salt = await request_sd_salt(None, salt_auth_key
) # type: Optional[bytearray]
else:
salt = None
if not config.has_pin():
config.unlock(pin_to_int(""), salt)
storage.init_unlocked()
return
label = "Enter your PIN"
while True:
pin = await request_pin(label, config.get_pin_rem())
if config.unlock(pin_to_int(pin), salt):
storage.init_unlocked()
return
else:
label = "Wrong PIN, enter again"
except (OSError, PinCancelled, SdProtectCancelled) as e:
if __debug__:
log.exception(__name__, e)
except BaseException as e:
utils.halt(e.__class__.__name__)
async def change_pin(ctx, msg):
# confirm that user wants to change the pin
await require_confirm_change_pin(ctx, msg)
# get current pin, return failure if invalid
if config.has_pin():
curpin = await request_pin_ack(ctx)
if not config.check_pin(pin_to_int(curpin), show_pin_timeout):
raise wire.PinInvalid('PIN invalid')
else:
curpin = ''
# get new pin
if not msg.remove:
newpin = await request_pin_confirm(ctx)
else:
newpin = ''
# write into storage
if not config.change_pin(pin_to_int(curpin), pin_to_int(newpin),
show_pin_timeout):
raise wire.PinInvalid('PIN invalid')
if newpin:
return Success(message='PIN changed')
else:
return Success(message='PIN removed')
async def reset_device(ctx, msg):
if __debug__:
global internal_entropy
# validate parameters and device state
if msg.strength not in (128, 192, 256):
raise wire.FailureError(
FailureType.ProcessError,
'Invalid strength (has to be 128, 192 or 256 bits)')
if storage.is_initialized():
raise wire.FailureError(
FailureType.UnexpectedMessage,
'Already initialized')
if msg.pin_protection:
# request new PIN
newpin = await request_pin_confirm(ctx)
else:
# new PIN is empty
newpin = ''
# generate and display internal entropy
internal_entropy = random.bytes(32)
if msg.display_random:
await show_entropy(ctx, internal_entropy)
# request external entropy and compute mnemonic
ack = await ctx.call(EntropyRequest(), wire_types.EntropyAck)
mnemonic = generate_mnemonic(
msg.strength, internal_entropy, ack.entropy)
if msg.skip_backup:
# let user backup the mnemonic later
pass
else:
# warn user about mnemonic safety
await show_warning(ctx)
while True:
# show mnemonic and require confirmation of a random word
await show_mnemonic(ctx, mnemonic)
if await check_mnemonic(ctx, mnemonic):
break
await show_wrong_entry(ctx)
# write PIN into storage
if not config.change_pin(pin_to_int(''), pin_to_int(newpin), None):
raise wire.FailureError(
FailureType.ProcessError, 'Could not change PIN')
# write settings and mnemonic into storage
storage.load_settings(
label=msg.label, use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(
mnemonic=mnemonic, needs_backup=msg.skip_backup)
# show success message
if not msg.skip_backup:
await show_success(ctx)
return Success(message='Initialized')
async def change_pin(ctx, msg):
# confirm that user wants to change the pin
await require_confirm_change_pin(ctx, msg)
# get current pin, return failure if invalid
if config.has_pin():
curpin = await request_pin_ack(ctx, "Enter old PIN",
config.get_pin_rem())
# if removing, defer check to change_pin()
if not msg.remove:
if not config.check_pin(pin_to_int(curpin)):
raise wire.PinInvalid("PIN invalid")
else:
curpin = ""
# get new pin
if not msg.remove:
newpin = await request_pin_confirm(ctx)
else:
newpin = ""
# write into storage
if not config.change_pin(pin_to_int(curpin), pin_to_int(newpin)):
raise wire.PinInvalid("PIN invalid")
if newpin:
return Success(message="PIN changed")
else:
return Success(message="PIN removed")
async def verify_user_pin(prompt: str = "Enter your PIN",
allow_cancel: bool = True,
retry: bool = True) -> None:
if config.has_pin():
pin = await request_pin(prompt, config.get_pin_rem(), allow_cancel)
config.ensure_not_wipe_code(pin_to_int(pin))
else:
pin = ""
try:
salt = await request_sd_salt()
except SdCardUnavailable:
raise PinCancelled
if config.unlock(pin_to_int(pin), salt):
return
elif not config.has_pin():
raise RuntimeError
while retry:
pin = await request_pin("Wrong PIN, enter again", config.get_pin_rem(),
allow_cancel)
if config.unlock(pin_to_int(pin), salt):
return
raise PinInvalid
async def layout_load_device(ctx, msg):
from trezor.crypto import bip39
from trezor.messages.Success import Success
from trezor.messages.FailureType import UnexpectedMessage, ProcessError
from trezor.ui.text import Text
from ..common.confirm import require_confirm
from ..common import storage
if storage.is_initialized():
raise wire.FailureError(UnexpectedMessage, 'Already initialized')
if msg.node is not None:
raise wire.FailureError(ProcessError,
'LoadDevice.node is not supported')
if not msg.skip_checksum and not bip39.check(msg.mnemonic):
raise wire.FailureError(ProcessError, 'Mnemonic is not valid')
await require_confirm(
ctx,
Text('Loading seed', ui.ICON_RESET, ui.BOLD, 'Loading private seed',
'is not recommended.', ui.NORMAL, 'Continue only if you',
'know what you are doing!'))
storage.load_mnemonic(msg.mnemonic)
storage.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(''), pin_to_int(msg.pin), None)
return Success(message='Device loaded')
async def recovery_device(ctx, msg):
"""
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
"""
if not msg.dry_run and storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
text = Text("Device recovery", ui.ICON_RECOVERY)
text.normal("Do you really want to", "recover the device?", "")
await require_confirm(ctx, text, code=ProtectCall)
if msg.dry_run and config.has_pin():
curpin = await request_pin_ack(ctx, "Enter PIN", config.get_pin_rem())
if not config.check_pin(pin_to_int(curpin)):
raise wire.PinInvalid("PIN invalid")
# ask for the number of words
wordcount = await request_wordcount(ctx)
# ask for mnemonic words one by one
mnemonic = await request_mnemonic(ctx, wordcount)
# check mnemonic validity
if msg.enforce_wordlist or msg.dry_run:
if not bip39.check(mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
# ask for pin repeatedly
if msg.pin_protection:
newpin = await request_pin_confirm(ctx, cancellable=False)
# dry run
if msg.dry_run:
digest_input = sha256(mnemonic).digest()
digest_stored = sha256(storage.get_mnemonic()).digest()
if consteq(digest_stored, digest_input):
return Success(
message="The seed is valid and matches the one in the device")
else:
raise wire.ProcessError(
"The seed is valid but does not match the one in the device")
# save into storage
if msg.pin_protection:
config.change_pin(pin_to_int(""), pin_to_int(newpin))
storage.set_u2f_counter(msg.u2f_counter)
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic=mnemonic,
needs_backup=False,
no_backup=False)
return Success(message="Device recovered")
async def bootscreen() -> None:
ui.display.orientation(storage.device.get_rotation())
while True:
try:
if storage.sd_salt.is_enabled() or config.has_pin():
await lockscreen()
salt = await request_sd_salt()
if not config.has_pin():
config.unlock(pin_to_int(""), salt)
storage.init_unlocked()
return
label = "Enter your PIN"
while True:
pin = await request_pin(label, config.get_pin_rem())
if config.unlock(pin_to_int(pin), salt):
storage.init_unlocked()
return
else:
label = "Wrong PIN, enter again"
except (OSError, PinCancelled, SdCardUnavailable) as e:
if __debug__:
log.exception(__name__, e)
except BaseException as e:
if __debug__:
log.exception(__name__, e)
utils.halt(e.__class__.__name__)
async def sd_protect_refresh(ctx: wire.Context, msg: SdProtect) -> Success:
if not storage.sd_salt.is_enabled():
raise wire.ProcessError("SD card protection not enabled")
# Confirm that user wants to proceed with the operation.
await require_confirm_sd_protect(ctx, msg)
# Make sure SD card is present.
await ensure_sdcard(ctx)
# Get the current PIN and salt from the SD card.
pin, old_salt = await request_pin_and_sd_salt(ctx, "Enter PIN")
# Check PIN and change salt.
new_salt, new_auth_key, new_salt_tag = _make_salt()
await _set_salt(ctx, new_salt, new_salt_tag, stage=True)
if not config.change_pin(pin_to_int(pin), pin_to_int(pin), old_salt, new_salt):
await error_pin_invalid(ctx)
storage.device.set_sd_salt_auth_key(new_auth_key)
try:
# Clean up.
storage.sd_salt.commit_sd_salt()
except Exception:
# If the cleanup fails, then request_sd_salt() will bring the SD card
# into a consistent state. We suppress the exception, because overall
# SD-protection was successfully refreshed.
pass
await show_success(ctx, ("You have successfully", "refreshed SD protection."))
return Success(message="SD card protection refreshed")
async def sd_protect_enable(ctx: wire.Context, msg: SdProtect) -> Success:
if storage.sd_salt.is_enabled():
raise wire.ProcessError("SD card protection already enabled")
# Confirm that user wants to proceed with the operation.
await require_confirm_sd_protect(ctx, msg)
# Make sure SD card is present.
await ensure_sdcard(ctx)
# Get the current PIN.
if config.has_pin():
pin = pin_to_int(await request_pin(ctx, "Enter PIN", config.get_pin_rem()))
else:
pin = pin_to_int("")
# Check PIN and prepare salt file.
salt, salt_auth_key, salt_tag = _make_salt()
await _set_salt(ctx, salt, salt_tag)
if not config.change_pin(pin, pin, None, salt):
# Wrong PIN. Clean up the prepared salt file.
try:
storage.sd_salt.remove_sd_salt()
except Exception:
# The cleanup is not necessary for the correct functioning of
# SD-protection. If it fails for any reason, we suppress the
# exception, because primarily we need to raise wire.PinInvalid.
pass
await error_pin_invalid(ctx)
storage.device.set_sd_salt_auth_key(salt_auth_key)
await show_success(ctx, ("You have successfully", "enabled SD protection."))
return Success(message="SD card protection enabled")
async def reset_device(ctx, msg):
# validate parameters and device state
if msg.strength not in (128, 192, 256):
raise wire.ProcessError(
"Invalid strength (has to be 128, 192 or 256 bits)")
if msg.display_random and (msg.skip_backup or msg.no_backup):
raise wire.ProcessError(
"Can't show internal entropy when backup is skipped")
if storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
# request new PIN
if msg.pin_protection:
newpin = await request_pin_confirm(ctx)
else:
newpin = ""
# generate and display internal entropy
internal_ent = random.bytes(32)
if __debug__:
debug.reset_internal_entropy = internal_ent
if msg.display_random:
await show_entropy(ctx, internal_ent)
# request external entropy and compute mnemonic
ent_ack = await ctx.call(EntropyRequest(), MessageType.EntropyAck)
mnemonic = generate_mnemonic(msg.strength, internal_ent, ent_ack.entropy)
if not msg.skip_backup and not msg.no_backup:
# require confirmation of the mnemonic safety
await show_warning(ctx)
# show mnemonic and require confirmation of a random word
while True:
await show_mnemonic(ctx, mnemonic)
if await check_mnemonic(ctx, mnemonic):
break
await show_wrong_entry(ctx)
# write PIN into storage
if not config.change_pin(pin_to_int(""), pin_to_int(newpin), None):
raise wire.ProcessError("Could not change PIN")
# write settings and mnemonic into storage
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic=mnemonic,
needs_backup=msg.skip_backup,
no_backup=msg.no_backup)
# show success message. if we skipped backup, it's possible that homescreen
# is still running, uninterrupted. restart it to pick up new label.
if not msg.skip_backup and not msg.no_backup:
await show_success(ctx)
else:
workflow.restartdefault()
return Success(message="Initialized")
async def bootscreen():
while True:
try:
if not config.has_pin():
config.unlock(pin_to_int(''), show_pin_timeout)
return
await lockscreen()
while True:
pin = await request_pin()
if config.unlock(pin_to_int(pin), show_pin_timeout):
return
except:
pass
async def bootscreen():
while True:
try:
if not config.has_pin():
config.unlock(pin_to_int(''), show_pin_timeout)
return
await lockscreen()
label = None
while True:
pin = await request_pin(label)
if config.unlock(pin_to_int(pin), show_pin_timeout):
return
else:
label = 'Wrong PIN, enter again'
except: # noqa: E722
pass
def test_lock(self):
for _ in range(128):
config.init()
config.wipe()
self.assertEqual(config.unlock(pin_to_int(''), None), True)
appid, key = random_entry()
value = random.bytes(16)
config.set(appid, key, value)
config.init()
self.assertEqual(config.get(appid, key), bytes())
with self.assertRaises(RuntimeError):
config.set(appid, key, bytes())
config.init()
config.wipe()
self.assertEqual(
config.change_pin(pin_to_int(''), pin_to_int('000'), None), False)
def test_public(self):
config.init()
config.wipe()
self.assertEqual(config.unlock(pin_to_int('')), True)
appid, key = random_entry()
value32 = random.bytes(32)
config.set(appid, key, value32)
value16 = random.bytes(16)
config.set(appid, key, value16, True)
v1 = config.get(appid, key)
v2 = config.get(appid, key, True)
self.assertNotEqual(v1, v2)
self.assertEqual(v1, value32)
self.assertEqual(v2, value16)
config.init()
v1 = config.get(appid, key)
v2 = config.get(appid, key, True)
self.assertNotEqual(v1, v2)
self.assertEqual(v1, None)
self.assertEqual(v2, value16)
async def get_owner_key(ctx, msg):
if not config.has_pin():
return Failure(message='PIN is not set')
label = "Enter your PIN"
while True:
try:
pin = await ctx.wait(request_pin(label))
if config.unlock(pin_to_int(pin)):
break
else:
label = "Wrong PIN, enter again"
except PinCancelled:
raise wire.ActionCancelled("Cancelled")
export_warning_msg = 'Exposing the key to a third party allows them to see your balance.'
await beam_confirm_message(ctx, 'Owner key', export_warning_msg, False)
wait_warning_msg = 'Please wait few seconds until exporting is done'
await beam_confirm_message(ctx, 'Owner key', wait_warning_msg, False)
pin = pin.encode()
owner_key = generate_owner_key(pin)
if msg.show_display:
await beam_confirm_message(ctx, 'Owner key', owner_key, True)
return BeamOwnerKey(key=owner_key)
async def load_device(ctx, msg):
if storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
if msg.node is not None:
raise wire.ProcessError("LoadDevice.node is not supported")
if not msg.mnemonics:
raise wire.ProcessError("No mnemonic provided")
word_count = len(msg.mnemonics[0].split(" "))
for m in msg.mnemonics[1:]:
if word_count != len(m.split(" ")):
raise wire.ProcessError(
"All shares are required to have the same number of words")
mnemonic_type = mnemonic.type_from_word_count(word_count)
if (mnemonic_type == mnemonic.TYPE_BIP39 and not msg.skip_checksum
and not bip39.check(msg.mnemonics[0])):
raise wire.ProcessError("Mnemonic is not valid")
text = Text("Loading seed")
text.bold("Loading private seed", "is not recommended.")
text.normal("Continue only if you", "know what you are doing!")
await require_confirm(ctx, text)
if mnemonic_type == mnemonic.TYPE_BIP39:
secret = msg.mnemonics[0].encode()
elif mnemonic_type == mnemonic.TYPE_SLIP39:
identifier, iteration_exponent, secret = slip39.combine_mnemonics(
msg.mnemonics)
storage.device.set_slip39_identifier(identifier)
storage.device.set_slip39_iteration_exponent(iteration_exponent)
else:
raise RuntimeError("Unknown mnemonic type")
storage.device.store_mnemonic_secret(secret,
mnemonic_type,
needs_backup=True,
no_backup=False)
storage.device.load_settings(use_passphrase=msg.passphrase_protection,
label=msg.label)
if msg.pin:
config.change_pin(pin_to_int(""), pin_to_int(msg.pin))
return Success(message="Device loaded")
async def recovery_device(ctx: wire.Context, msg: RecoveryDevice) -> Success:
"""
Recover BIP39/SLIP39 seed into empty device.
Recovery is also possible with replugged Trezor. We call this process Persistance.
User starts the process here using the RecoveryDevice msg and then they can unplug
the device anytime and continue without a computer.
"""
_check_state(msg)
if not msg.dry_run:
title = "Recovery mode"
text = Text(title, ui.ICON_RECOVERY)
text.normal("Do you really want to", "recover a wallet?", "")
else:
title = "Seed check"
text = Text(title, ui.ICON_RECOVERY)
text.normal("Do you really want to", "check the recovery", "seed?")
await require_confirm(ctx, text, code=ButtonRequestType.ProtectCall)
# for dry run pin needs to entered
if msg.dry_run:
if config.has_pin():
curpin = await request_pin_ack(ctx, "Enter PIN",
config.get_pin_rem())
else:
curpin = ""
if not config.check_pin(pin_to_int(curpin)):
raise wire.PinInvalid("PIN invalid")
# set up pin if requested
if msg.pin_protection:
if msg.dry_run:
raise wire.ProcessError("Can't setup PIN during dry_run recovery.")
newpin = await request_pin_confirm(ctx, allow_cancel=False)
config.change_pin(pin_to_int(""), pin_to_int(newpin))
if msg.u2f_counter:
storage.device.set_u2f_counter(msg.u2f_counter)
storage.device.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.recovery.set_in_progress(True)
if msg.dry_run:
storage.recovery.set_dry_run(msg.dry_run)
result = await recovery_process(ctx)
return result
async def bootscreen():
while True:
try:
if not config.has_pin():
config.unlock(pin_to_int(""), show_pin_timeout)
return
await lockscreen()
label = None
while True:
pin = await request_pin(label)
if config.unlock(pin_to_int(pin), show_pin_timeout):
return
else:
label = "Wrong PIN, enter again"
except Exception as e:
if __debug__:
log.exception(__name__, e)
def test_get_default(self):
config.init()
config.wipe()
self.assertEqual(config.unlock(pin_to_int(''), None), True)
for _ in range(128):
appid, key = random_entry()
value = config.get(appid, key)
self.assertEqual(value, bytes())
async def recovery_device(ctx, msg):
"""
Recover BIP39 seed into empty device.
1. Ask for the number of words in recovered seed.
2. Let user type in the mnemonic words one by one.
3. Optionally check the seed validity.
4. Optionally ask for the PIN, with confirmation.
5. Save into storage.
"""
if not msg.dry_run and storage.is_initialized():
raise wire.UnexpectedMessage("Already initialized")
# ask for the number of words
wordcount = await request_wordcount(ctx)
# ask for mnemonic words one by one
mnemonic = await request_mnemonic(ctx, wordcount)
# check mnemonic validity
if msg.enforce_wordlist or msg.dry_run:
if not bip39.check(mnemonic):
raise wire.ProcessError("Mnemonic is not valid")
# ask for pin repeatedly
if msg.pin_protection:
newpin = await request_pin_confirm(ctx, cancellable=False)
# save into storage
if not msg.dry_run:
if msg.pin_protection:
config.change_pin(pin_to_int(""), pin_to_int(newpin), None)
storage.load_settings(label=msg.label,
use_passphrase=msg.passphrase_protection)
storage.load_mnemonic(mnemonic=mnemonic,
needs_backup=False,
no_backup=False)
return Success(message="Device recovered")
else:
if storage.get_mnemonic() == mnemonic:
return Success(
message="The seed is valid and matches the one in the device")
else:
raise wire.ProcessError(
"The seed is valid but does not match the one in the device")
async def change_pin(ctx: wire.Context, msg: ChangePin) -> Success:
if not is_initialized():
raise wire.NotInitialized("Device is not initialized")
# confirm that user wants to change the pin
await require_confirm_change_pin(ctx, msg)
# get old pin
curpin, salt = await request_pin_and_sd_salt(ctx, "Enter old PIN")
# if changing pin, pre-check the entered pin before getting new pin
if curpin and not msg.remove:
if not config.check_pin(pin_to_int(curpin), salt):
await show_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
# get new pin
if not msg.remove:
newpin = await request_pin_confirm(ctx)
else:
newpin = ""
# write into storage
if not config.change_pin(pin_to_int(curpin), pin_to_int(newpin), salt,
salt):
if newpin:
await show_pin_matches_wipe_code(ctx)
else:
await show_pin_invalid(ctx)
raise wire.PinInvalid("PIN invalid")
if newpin:
if curpin:
msg_screen = "changed your PIN."
msg_wire = "PIN changed"
else:
msg_screen = "enabled PIN protection."
msg_wire = "PIN enabled"
else:
msg_screen = "disabled PIN protection."
msg_wire = "PIN removed"
await show_success(ctx, ("You have successfully", msg_screen))
return Success(message=msg_wire)
async def bootscreen():
while True:
try:
if not config.has_pin():
config.unlock(pin_to_int(""))
storage.init_unlocked()
return
await lockscreen()
label = None
while True:
pin = await request_pin(label, config.get_pin_rem())
if config.unlock(pin_to_int(pin)):
storage.init_unlocked()
return
else:
label = "Wrong PIN, enter again"
except Exception as e:
if __debug__:
log.exception(__name__, e)
async def unlock_layout():
while True:
if config.has_pin():
pin = await request_pin()
else:
pin = ''
if config.unlock(pin_to_int(pin), show_pin_timeout):
return
else:
await unlock_failed()
async def verify_user_pin(prompt: str = "Enter your PIN",
allow_cancel: bool = True,
retry: bool = True) -> None:
try:
salt = await request_sd_salt()
except SdProtectCancelled:
raise PinCancelled
if not config.has_pin() and not config.check_pin(pin_to_int(""), salt):
raise RuntimeError
while retry:
pin = await request_pin(prompt, config.get_pin_rem(), allow_cancel)
if config.check_pin(pin_to_int(pin), salt):
return
else:
prompt = "Wrong PIN, enter again"
raise PinInvalid