diff --git a/SConscript.firmware b/SConscript.firmware index 1bcfbfe7..b742700e 100644 --- a/SConscript.firmware +++ b/SConscript.firmware @@ -11,6 +11,7 @@ SOURCE_MOD = [] SOURCE_MOD += [ 'embed/extmod/modtrezorconfig/modtrezorconfig.c', 'embed/extmod/modtrezorconfig/norcow.c', + 'embed/extmod/modtrezorconfig/storage.c', ] # modtrezorcrypto diff --git a/SConscript.unix b/SConscript.unix index 00a11775..f64f42e7 100644 --- a/SConscript.unix +++ b/SConscript.unix @@ -12,6 +12,7 @@ LIBS_MOD = [] SOURCE_MOD += [ 'embed/extmod/modtrezorconfig/modtrezorconfig.c', 'embed/extmod/modtrezorconfig/norcow.c', + 'embed/extmod/modtrezorconfig/storage.c', ] # modtrezorcrypto diff --git a/embed/extmod/modtrezorconfig/modtrezorconfig.c b/embed/extmod/modtrezorconfig/modtrezorconfig.c index cbd42994..46ae1f10 100644 --- a/embed/extmod/modtrezorconfig/modtrezorconfig.c +++ b/embed/extmod/modtrezorconfig/modtrezorconfig.c @@ -7,163 +7,36 @@ #include "py/runtime.h" #include "py/mphal.h" +#include "py/objstr.h" #if MICROPY_PY_TREZORCONFIG -#include -#include #include "norcow.h" -#include "../../trezorhal/flash.h" - -#define MAX_WRONG_PINS 15 - -#define FAIL_SECTOR_LEN 0x4000 - -#define STORAGE_KEY_PIN 0x00 - -static void pin_fails_reset(uint32_t ofs) -{ - if (ofs + sizeof(uint32_t) >= FAIL_SECTOR_LEN) { - // ofs points to the last word of the PIN fails area. Because there is - // no space left, we recycle the sector (set all words to 0xffffffff). - // On next unlock attempt, we start counting from the the first word. - flash_erase_sectors((uint8_t[]) { FLASH_SECTOR_PIN_AREA }, 1, NULL); - } else { - // Mark this counter as exhausted. On next unlock attempt, pinfails_get - // seeks to the next word. - flash_unlock(); - flash_write_word_rel(FLASH_SECTOR_PIN_AREA, ofs, 0); - flash_lock(); - } -} - -static bool pin_fails_increase(uint32_t ofs) -{ - uint32_t ctr = ~MAX_WRONG_PINS; - if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, ofs, &ctr)) { - return false; - } - ctr = ctr << 1; - - flash_unlock(); - if (!flash_write_word_rel(FLASH_SECTOR_PIN_AREA, ofs, ctr)) { - flash_lock(); - return false; - } - flash_lock(); - - uint32_t check = 0; - if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, ofs, &check)) { - return false; - } - return ctr == check; -} - -static bool pin_fails_check_max(uint32_t ctr) -{ - if (~ctr >= 1 << MAX_WRONG_PINS) { - norcow_wipe(); - // TODO: shutdown - return false; - } - return true; -} - -static bool pin_fails_get(uint32_t *ofs, uint32_t *ctr) -{ - if (!ofs || !ctr) { - return false; - } - for (uint32_t o = 0; o < FAIL_SECTOR_LEN; o += sizeof(uint32_t)) { - uint32_t c = 0; - if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, o, &c)) { - return false; - } - if (c != 0) { - *ofs = o; - *ctr = c; - return true; - } - } - return false; -} - -static bool const_cmp(const uint8_t *pub, size_t publen, const uint8_t *sec, size_t seclen) -{ - size_t diff = seclen - publen; - for (size_t i = 0; i < publen; i++) { - diff |= pub[i] ^ sec[i]; - } - return diff == 0; -} - -static bool pin_check(const uint8_t *pin, size_t pinlen) -{ - const void *st_pin; - uint16_t st_pinlen; - if (!norcow_get(STORAGE_KEY_PIN, &st_pin, &st_pinlen)) { - return false; - } - return const_cmp(pin, pinlen, st_pin, (size_t)st_pinlen); -} - -static bool pin_unlock(const uint8_t *pin, size_t pinlen) -{ - uint32_t ofs; - uint32_t ctr; - if (!pin_fails_get(&ofs, &ctr)) { - return false; - } - pin_fails_check_max(ctr); - - // Sleep for ~ctr seconds before checking the PIN. - for (uint32_t wait = ~ctr; wait > 0; wait--) { - mp_hal_delay_ms(1000); - } - - // First, we increase PIN fail counter in storage, even before checking the - // PIN. If the PIN is correct, we reset the counter afterwards. If not, we - // check if this is the last allowed attempt. - if (!pin_fails_increase(ofs)) { - return false; - } - if (!pin_check(pin, pinlen)) { - pin_fails_check_max(ctr << 1); - return false; - } - pin_fails_reset(ofs); - return true; -} - -static bool initialized = false; -static bool unlocked = false; +#include "storage.h" /// def init() -> None: /// ''' -/// Initializes the storage. Must be called before any other method is called from this module! +/// Initializes the storage. Must be called before any other method is +/// called from this module! /// ''' STATIC mp_obj_t mod_trezorconfig_init(void) { - bool r = norcow_init(); + bool r = storage_init(); if (!r) { mp_raise_msg(&mp_type_RuntimeError, "Could not initialize config module"); } - initialized = true; - unlocked = false; return mp_const_none; } STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_init_obj, mod_trezorconfig_init); -/// def unlock(pin: str) -> None: +/// def unlock(pin: str) -> bool: /// ''' -/// Tries to unlock the storage with given PIN key. +/// Attempts to unlock the storage with given PIN. Returns True on +/// success, False on failure. /// ''' STATIC mp_obj_t mod_trezorconfig_unlock(mp_obj_t pin) { - if (!initialized) { - mp_raise_msg(&mp_type_RuntimeError, "Config module not initialized"); - } - mp_buffer_info_t pinbuf; - mp_get_buffer_raise(pin, &pinbuf, MP_BUFFER_READ); - bool r = pin_unlock(pinbuf.buf, pinbuf.len); + mp_buffer_info_t buf; + mp_get_buffer_raise(pin, &buf, MP_BUFFER_READ); + bool r = storage_unlock(buf.buf, buf.len); if (!r) { return mp_const_false; } @@ -176,25 +49,16 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorconfig_unlock_obj, mod_trezorconfig_u /// Gets a value of given key for given app (or empty bytes if not set). /// ''' STATIC mp_obj_t mod_trezorconfig_get(mp_obj_t app, mp_obj_t key) { - if (!initialized) { - mp_raise_msg(&mp_type_RuntimeError, "Config module not initialized"); - } - if (!unlocked) { - mp_raise_msg(&mp_type_RuntimeError, "Config module locked"); - // TODO: shutdown? - } uint8_t a = mp_obj_get_int(app); uint8_t k = mp_obj_get_int(key); - uint16_t appkey = a << 8 | k, len; + uint16_t appkey = a << 8 | k; + uint16_t len = 0; const void *val; - bool r = norcow_get(appkey, &val, &len); + bool r = storage_get(appkey, &val, &len); if (!r || len == 0) { return mp_const_empty_bytes; } - vstr_t vstr; - vstr_init_len(&vstr, len); - memcpy(vstr.buf, val, len); - return mp_obj_new_str_from_vstr(&mp_type_bytes, &vstr); + return mp_obj_new_str_of_type(&mp_type_bytes, val, len); } STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_get_obj, mod_trezorconfig_get); @@ -203,19 +67,12 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_get_obj, mod_trezorconfig_get) /// Sets a value of given key for given app. /// ''' STATIC mp_obj_t mod_trezorconfig_set(mp_obj_t app, mp_obj_t key, mp_obj_t value) { - if (!initialized) { - mp_raise_msg(&mp_type_RuntimeError, "Config module not initialized"); - } - if (!unlocked) { - mp_raise_msg(&mp_type_RuntimeError, "Config module locked"); - // TODO: shutdown? - } uint8_t a = mp_obj_get_int(app); uint8_t k = mp_obj_get_int(key); uint16_t appkey = a << 8 | k; mp_buffer_info_t v; mp_get_buffer_raise(value, &v, MP_BUFFER_READ); - bool r = norcow_set(appkey, v.buf, v.len); + bool r = storage_set(appkey, v.buf, v.len); if (!r) { mp_raise_msg(&mp_type_RuntimeError, "Could not save value"); } @@ -228,10 +85,7 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_3(mod_trezorconfig_set_obj, mod_trezorconfig_set) /// Erases the whole config. Use with caution! /// ''' STATIC mp_obj_t mod_trezorconfig_wipe(void) { - if (!initialized) { - mp_raise_msg(&mp_type_RuntimeError, "Config module not initialized"); - } - bool r = norcow_wipe(); + bool r = storage_wipe(); if (!r) { mp_raise_msg(&mp_type_RuntimeError, "Could not wipe storage"); } diff --git a/embed/extmod/modtrezorconfig/storage.c b/embed/extmod/modtrezorconfig/storage.c new file mode 100644 index 00000000..eb4f2fcc --- /dev/null +++ b/embed/extmod/modtrezorconfig/storage.c @@ -0,0 +1,188 @@ +/* + * Copyright (c) Pavol Rusnak, Jan Pochyla, SatoshiLabs + * + * Licensed under TREZOR License + * see LICENSE file for details + */ + +#include + +#include "norcow.h" +#include "../../trezorhal/flash.h" + +// Byte-length of flash sector containing fail counters. +#define PIN_AREA_LEN 0x4000 + +// Maximum number of failed unlock attempts. +#define PIN_MAX_TRIES 15 + +// Norcow storage key of configured PIN. +#define PIN_KEY 0x0000 + +static bool initialized = false; +static bool unlocked = false; + +bool storage_init(void) +{ + if (!norcow_init()) { + return false; + } + initialized = true; + unlocked = false; + return true; +} + +static void pin_fails_reset(uint32_t ofs) +{ + if (ofs + sizeof(uint32_t) >= PIN_AREA_LEN) { + // ofs points to the last word of the PIN fails area. Because there is + // no space left, we recycle the sector (set all words to 0xffffffff). + // On next unlock attempt, we start counting from the the first word. + flash_erase_sectors((uint8_t[]) { FLASH_SECTOR_PIN_AREA }, 1, NULL); + } else { + // Mark this counter as exhausted. On next unlock attempt, pinfails_get + // seeks to the next word. + flash_unlock(); + flash_write_word_rel(FLASH_SECTOR_PIN_AREA, ofs, 0); + flash_lock(); + } +} + +static bool pin_fails_increase(uint32_t ofs) +{ + uint32_t ctr = ~PIN_MAX_TRIES; + if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, ofs, &ctr)) { + return false; + } + ctr = ctr << 1; + + flash_unlock(); + if (!flash_write_word_rel(FLASH_SECTOR_PIN_AREA, ofs, ctr)) { + flash_lock(); + return false; + } + flash_lock(); + + uint32_t check = 0; + if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, ofs, &check)) { + return false; + } + return ctr == check; +} + +static void pin_fails_check_max(uint32_t ctr) +{ + if (~ctr >= 1 << PIN_MAX_TRIES) { + for (;;) { + if (norcow_wipe()) { + break; + } + } + // shutdown(); + } +} + +static bool pin_fails_read(uint32_t *ofs, uint32_t *ctr) +{ + if (!ofs || !ctr) { + return false; + } + for (uint32_t o = 0; o < PIN_AREA_LEN; o += sizeof(uint32_t)) { + uint32_t c = 0; + if (!flash_read_word_rel(FLASH_SECTOR_PIN_AREA, o, &c)) { + return false; + } + if (c != 0) { + *ofs = o; + *ctr = c; + return true; + } + } + return false; +} + +static bool const_cmp(const uint8_t *pub, size_t publen, const uint8_t *sec, size_t seclen) +{ + size_t diff = seclen ^ publen; + for (size_t i = 0; i < publen; i++) { + diff |= pub[i] ^ sec[i]; + } + return diff == 0; +} + +static bool pin_check(const uint8_t *pin, size_t pinlen) +{ + const void *st_pin; + uint16_t st_pinlen; + if (!norcow_get(PIN_KEY, &st_pin, &st_pinlen)) { + return false; + } + return const_cmp(pin, pinlen, st_pin, (size_t)st_pinlen); +} + +bool storage_unlock(const uint8_t *pin, size_t len) +{ + if (!initialized) { + return false; + } + + uint32_t ofs; + uint32_t ctr; + if (!pin_fails_read(&ofs, &ctr)) { + return false; + } + pin_fails_check_max(ctr); + + // Sleep for ~ctr seconds before checking the PIN. + for (uint32_t wait = ~ctr; wait > 0; wait--) { + // hal_delay(1000); + } + + // First, we increase PIN fail counter in storage, even before checking the + // PIN. If the PIN is correct, we reset the counter afterwards. If not, we + // check if this is the last allowed attempt. + if (!pin_fails_increase(ofs)) { + return false; + } + if (!pin_check(pin, len)) { + pin_fails_check_max(ctr << 1); + return false; + } + pin_fails_reset(ofs); + return true; +} + +bool storage_get(uint16_t key, const void **val, uint16_t *len) +{ + if (!initialized) { + return false; + } + if (!unlocked) { + // shutdown(); + return false; + } + if (key == PIN_KEY) { + return false; + } + return norcow_get(key, val, len); +} + +bool storage_set(uint16_t key, const void *val, uint16_t len) +{ + if (!initialized) { + return false; + } + if (!unlocked) { + // shutdown(); + return false; + } + if (key == PIN_KEY) { + return false; + } + return norcow_set(key, val, len); +} + +bool storage_wipe(void) +{ + return norcow_wipe(); +} diff --git a/embed/extmod/modtrezorconfig/storage.h b/embed/extmod/modtrezorconfig/storage.h new file mode 100644 index 00000000..2bbe58c8 --- /dev/null +++ b/embed/extmod/modtrezorconfig/storage.h @@ -0,0 +1,15 @@ +/* + * Copyright (c) Pavol Rusnak, Jan Pochyla, SatoshiLabs + * + * Licensed under TREZOR License + * see LICENSE file for details + */ + +#include +#include + +bool storage_init(void); +bool storage_wipe(void); +bool storage_unlock(const uint8_t *pin, size_t len); +bool storage_get(uint16_t key, const void **val, uint16_t *len); +bool storage_set(uint16_t key, const void *val, uint16_t len);