Merge branch 'pw'

Author: benma

src/rust/bitbox02-rust/src/hww/api/error.rs

@@ -48,17 +48,23 @@ impl core::convert::From<crate::workflow::cancel::Error> for Error {
     }
 }
 
+impl core::convert::From<crate::workflow::password::EnterError> for Error {
+    fn from(error: crate::workflow::password::EnterError) -> Self {
+        match error {
+            crate::workflow::password::EnterError::Memory => Error::Memory,
+            crate::workflow::password::EnterError::Cancelled => Error::UserAbort,
+        }
+    }
+}
+
 impl core::convert::From<crate::workflow::password::EnterTwiceError> for Error {
     fn from(error: crate::workflow::password::EnterTwiceError) -> Self {
         match error {
             crate::workflow::password::EnterTwiceError::DoNotMatch => {
                 // For backwards compatibility.
                 Error::Generic
             }
-            crate::workflow::password::EnterTwiceError::Cancelled => {
-                // Added in v9.13.0.
-                Error::UserAbort
-            }
+            crate::workflow::password::EnterTwiceError::EnterError(err) => err.into(),
         }
     }
 }
@@ -108,6 +114,7 @@ impl core::convert::From<UnlockError> for Error {
     fn from(error: UnlockError) -> Self {
         match error {
             UnlockError::UserAbort => Error::UserAbort,
+            UnlockError::Memory => Error::Memory,
             UnlockError::IncorrectPassword | UnlockError::Generic => Error::Generic,
         }
     }

src/rust/bitbox02-rust/src/hww/api/restore.rs

@@ -140,7 +140,7 @@ pub async fn from_mnemonic(
                     })
                     .await?;
             }
-            Err(password::EnterTwiceError::Cancelled) => return Err(Error::UserAbort),
+            Err(err @ password::EnterTwiceError::EnterError(_)) => return Err(err.into()),
             Ok(password) => break password,
         }
     };

src/rust/bitbox02-rust/src/workflow/password.rs

@@ -27,33 +27,58 @@ async fn prompt_cancel(hal: &mut impl crate::hal::Hal) -> Result<(), confirm::Us
         .await
 }
 
+pub enum PasswordType {
+    /// The password to be entered is the device unlock password.
+    DevicePassword,
+    /// The password to be entered is the BIP39 passphrase.
+    Bip39Passphrase,
+}
+
+#[derive(Debug)]
+pub enum EnterError {
+    Memory,
+    Cancelled,
+}
+
 /// If `can_cancel` is `Yes`, the workflow can be cancelled.
 /// If it is no, the result is always `Ok(())`.
 ///
 /// Example:
 /// ```no_run
-/// let pw = enter("Enter password", true, CanCancel::No).await.unwrap();
+/// let pw = enter(hal, "Enter password", PassswordType::DevicePassword, CanCancel::No).await.unwrap();
 /// // use pw.
 /// ```
 pub async fn enter(
     hal: &mut impl crate::hal::Hal,
     title: &str,
-    special_chars: bool,
+    password_type: PasswordType,
     can_cancel: CanCancel,
-) -> Result<zeroize::Zeroizing<String>, Error> {
+) -> Result<zeroize::Zeroizing<String>, EnterError> {
     let params = trinary_input_string::Params {
         title,
         hide: true,
-        special_chars,
+        special_chars: match password_type {
+            PasswordType::DevicePassword => false,
+            PasswordType::Bip39Passphrase => true,
+        },
         longtouch: true,
+        default_to_digits: match password_type {
+            PasswordType::DevicePassword => {
+                match bitbox02::memory::get_securechip_type().map_err(|_| EnterError::Memory)? {
+                    bitbox02::memory::SecurechipType::Atecc => false,
+                    bitbox02::memory::SecurechipType::Optiga => true,
+                }
+            }
+            PasswordType::Bip39Passphrase => false,
+        },
         ..Default::default()
     };
 
     loop {
         match hal.ui().enter_string(&params, can_cancel, "").await {
-            o @ Ok(_) => return o,
+            Ok(pw) => return Ok(pw),
             Err(Error::Cancelled) => match prompt_cancel(hal).await {
-                Ok(()) => return Err(Error::Cancelled),
+                Ok(()) => return Err(EnterError::Cancelled),
                 Err(confirm::UserAbort) => {}
             },
         }
@@ -62,14 +87,12 @@ pub async fn enter(
 
 pub enum EnterTwiceError {
     DoNotMatch,
-    Cancelled,
+    EnterError(EnterError),
 }
 
-impl core::convert::From<Error> for EnterTwiceError {
-    fn from(error: Error) -> Self {
-        match error {
-            Error::Cancelled => EnterTwiceError::Cancelled,
-        }
+impl core::convert::From<EnterError> for EnterTwiceError {
+    fn from(error: EnterError) -> Self {
+        EnterTwiceError::EnterError(error)
     }
 }
 
@@ -84,8 +107,20 @@ impl core::convert::From<Error> for EnterTwiceError {
 pub async fn enter_twice(
     hal: &mut impl crate::hal::Hal,
 ) -> Result<zeroize::Zeroizing<String>, EnterTwiceError> {
-    let password = enter(hal, "Set password", false, CanCancel::Yes).await?;
-    let password_repeat = enter(hal, "Repeat password", false, CanCancel::Yes).await?;
+    let password = enter(
+        hal,
+        "Set password",
+        PasswordType::DevicePassword,
+        CanCancel::Yes,
+    )
+    .await?;
+    let password_repeat = enter(
+        hal,
+        "Repeat password",
+        PasswordType::DevicePassword,
+        CanCancel::Yes,
+    )
+    .await?;
     if password.as_str() != password_repeat.as_str() {
         hal.ui().status("Passwords\ndo not match", false).await;
         return Err(EnterTwiceError::DoNotMatch);
@@ -104,7 +139,7 @@ pub async fn enter_twice(
             {
                 Ok(()) => break,
                 Err(confirm::UserAbort) => match prompt_cancel(hal).await {
-                    Ok(()) => return Err(EnterTwiceError::Cancelled),
+                    Ok(()) => return Err(EnterTwiceError::EnterError(EnterError::Cancelled)),
                     Err(confirm::UserAbort) => {}
                 },
             }

src/rust/bitbox02-rust/src/workflow/unlock.rs

@@ -55,12 +55,16 @@ async fn confirm_mnemonic_passphrase(
 pub enum UnlockError {
     UserAbort,
     IncorrectPassword,
+    Memory,
     Generic,
 }
 
-impl core::convert::From<super::cancel::Error> for UnlockError {
-    fn from(_error: super::cancel::Error) -> Self {
-        UnlockError::UserAbort
+impl core::convert::From<password::EnterError> for UnlockError {
+    fn from(error: password::EnterError) -> Self {
+        match error {
+            password::EnterError::Cancelled => UnlockError::UserAbort,
+            password::EnterError::Memory => UnlockError::Memory,
+        }
     }
 }
 
@@ -76,7 +80,13 @@ pub async fn unlock_keystore(
     title: &str,
     can_cancel: password::CanCancel,
 ) -> Result<(), UnlockError> {
-    let password = password::enter(hal, title, false, can_cancel).await?;
+    let password = password::enter(
+        hal,
+        title,
+        password::PasswordType::DevicePassword,
+        can_cancel,
+    )
+    .await?;
 
     match keystore::unlock(&password) {
         Ok(()) => Ok(()),
@@ -106,10 +116,14 @@ pub async fn unlock_bip39(hal: &mut impl crate::hal::Hal) {
     if bitbox02::memory::is_mnemonic_passphrase_enabled() {
         // Loop until the user confirms.
         loop {
-            mnemonic_passphrase =
-                password::enter(hal, "Optional passphrase", true, password::CanCancel::No)
-                    .await
-                    .expect("not cancelable");
+            mnemonic_passphrase = password::enter(
+                hal,
+                "Optional passphrase",
+                password::PasswordType::Bip39Passphrase,
+                password::CanCancel::No,
+            )
+            .await
+            .expect("not cancelable and does not call memory functions");
 
             if let Ok(()) = confirm_mnemonic_passphrase(hal, mnemonic_passphrase.as_str()).await {
                 break;

src/rust/bitbox02-sys/build.rs

@@ -40,6 +40,8 @@ const ALLOWLIST_VARS: &[&str] = &[
     "MEMORY_SPI_BLE_FIRMWARE_2_ADDR",
     "MEMORY_PLATFORM_BITBOX02",
     "MEMORY_PLATFORM_BITBOX02_PLUS",
+    "MEMORY_SECURECHIP_TYPE_ATECC",
+    "MEMORY_SECURECHIP_TYPE_OPTIGA",
 ];
 
 const ALLOWLIST_TYPES: &[&str] = &[
@@ -110,6 +112,7 @@ const ALLOWLIST_FNS: &[&str] = &[
     "memory_get_ble_metadata",
     "memory_set_ble_metadata",
     "memory_get_platform",
+    "memory_get_securechip_type",
     "memory_spi_get_active_ble_firmware_version",
     "spi_mem_write",
     "menu_create",

src/rust/bitbox02/src/memory.rs

@@ -175,6 +175,19 @@ pub fn get_platform() -> Result<Platform, ()> {
     }
 }
 
+pub enum SecurechipType {
+    Atecc,
+    Optiga,
+}
+
+pub fn get_securechip_type() -> Result<SecurechipType, ()> {
+    match unsafe { bitbox02_sys::memory_get_securechip_type() as u32 } {
+        bitbox02_sys::MEMORY_SECURECHIP_TYPE_ATECC => Ok(SecurechipType::Atecc),
+        bitbox02_sys::MEMORY_SECURECHIP_TYPE_OPTIGA => Ok(SecurechipType::Optiga),
+        _ => Err(()),
+    }
+}
+
 pub fn get_ble_metadata() -> BleMetadata {
     let mut metadata = core::mem::MaybeUninit::uninit();
 

src/rust/bitbox02/src/ui/types.rs

@@ -107,6 +107,7 @@ pub struct TrinaryInputStringParams<'a> {
     pub special_chars: bool,
     pub longtouch: bool,
     pub cancel_is_backbutton: bool,
+    pub default_to_digits: bool,
 }
 
 impl<'a> TrinaryInputStringParams<'a> {
@@ -138,6 +139,7 @@ impl<'a> TrinaryInputStringParams<'a> {
             special_chars: self.special_chars,
             longtouch: self.longtouch,
             cancel_is_backbutton: self.cancel_is_backbutton,
+            default_to_digits: self.default_to_digits,
         })
     }
 }

src/ui/components/keyboard_switch.c

@@ -152,6 +152,7 @@ static component_functions_t _component_functions = {
 component_t* keyboard_switch_create(
     slider_location_t location,
     bool special_chars,
+    bool default_to_digits,
     component_t* parent)
 {
     component_t* keyboard_switch = malloc(sizeof(component_t));
@@ -167,7 +168,7 @@ component_t* keyboard_switch_create(
     memset(ks_data, 0, sizeof(keyboard_switch_data_t));
 
     ks_data->location = location;
-    ks_data->mode = LOWER_CASE;
+    ks_data->mode = default_to_digits ? DIGITS : LOWER_CASE;
     ks_data->active = false;
     ks_data->special_chars = special_chars;
 

src/ui/components/keyboard_switch.h

@@ -25,12 +25,14 @@ typedef enum { LOWER_CASE, UPPER_CASE, DIGITS, SPECIAL_CHARS } keyboard_mode_t;
 /**
  * Creates a keyboard switch component.
  * @param[in] location The slider location.
- * @param[in] make special chars keyboard mode available.
+ * @param[in] special_chars make special chars keyboard mode available.
+ * @param[in] default_to_digits start with the digits keyboard instead of the lowercase keyboard.
  * @param[in] parent The parent component.
  */
 component_t* keyboard_switch_create(
     slider_location_t location,
     bool special_chars,
+    bool default_to_digits,
     component_t* parent);
 
 /**

src/ui/components/trinary_input_string.c

@@ -490,8 +490,8 @@ component_t* trinary_input_string_create(
     ui_util_add_sub_component(component, data->confirm_component);
 
     if (params->wordlist == NULL && !params->number_input) {
-        data->keyboard_switch_component =
-            keyboard_switch_create(top_slider, params->special_chars, component);
+        data->keyboard_switch_component = keyboard_switch_create(
+            top_slider, params->special_chars, params->default_to_digits, component);
         ui_util_add_sub_component(component, data->keyboard_switch_component);
     }