Skip to content

feat: support attach to pin #357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
guowei0105 merged 16 commits into from
Jul 17, 2025
Merged

feat: support attach to pin #357

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
a094e6a
support attach to pin
guowei0105 Jul 16, 2025
3a3fed1
Merge remote-tracking branch 'upstream/main' into merge-commits
guowei0105 Jul 16, 2025
e1f6cfd
merger code
guowei0105 Jul 16, 2025
615cfa8
clean homescreen code
guowei0105 Jul 16, 2025
6a9bc0f
format homescreen code
guowei0105 Jul 16, 2025
239b455
restore close pin time
guowei0105 Jul 16, 2025
c88abd6
restore reset code
guowei0105 Jul 16, 2025
666edf3
clean homescreen code
guowei0105 Jul 17, 2025
59823dd
clean workflow_handlers code
guowei0105 Jul 17, 2025
5184c1b
remove print code
guowei0105 Jul 17, 2025
6464600
format code
guowei0105 Jul 17, 2025
c667768
format code
guowei0105 Jul 17, 2025
a5e7af7
add fingerprintsetting wall type
guowei0105 Jul 17, 2025
af75ef7
restore code
guowei0105 Jul 17, 2025
4b5743a
format code
guowei0105 Jul 17, 2025
6c65813
format code
guowei0105 Jul 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions common/protob/messages-common.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ message ButtonRequest {
ButtonRequest_Warning = 18;
ButtonRequest_PassphraseEntry = 19;
ButtonRequest_PinEntry = 20;
ButtonRequest_AttachPin = 8000;
}
}

Expand Down Expand Up @@ -119,6 +120,7 @@ message PinMatrixAck {
*/
message PassphraseRequest {
optional bool _on_device = 1 [deprecated=true]; // <2.3.0
optional bool exists_attach_pin_user = 8000;
}

/**
Expand All @@ -129,6 +131,7 @@ message PassphraseAck {
optional string passphrase = 1;
optional bytes _state = 2 [deprecated=true]; // <2.3.0
optional bool on_device = 3; // user wants to enter passphrase on the device
optional bool on_device_attach_pin = 8000;
}

/**
Expand Down
46 changes: 45 additions & 1 deletion common/protob/messages-management.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,8 @@ message Initialize {
optional bytes session_id = 1; // assumed device session id; Trezor clears caches if it is different or empty
optional bool _skip_passphrase = 2 [deprecated=true]; // removed as part of passphrase redesign
optional bool derive_cardano = 3; // whether to derive Cardano Icarus root keys in this session
optional string passphrase_state = 8000;
optional bool is_contains_attach = 8001;
}

/**
Expand Down Expand Up @@ -129,6 +131,7 @@ message Features {
Capability_Shamir = 15 [(bitcoin_only) = true];
Capability_ShamirGroups = 16 [(bitcoin_only) = true];
Capability_PassphraseEntry = 17 [(bitcoin_only) = true]; // the device is capable of passphrase entry directly on the device
Capability_AttachToPin = 18 [(bitcoin_only) = true]; // OneKey: Attach passphrase to PIN feature
}
optional BackupType backup_type = 31; // type of device backup (BIP-39 / SLIP-39 basic / SLIP-39 advanced)
optional bool sd_card_present = 32; // is SD card present
Expand Down Expand Up @@ -189,6 +192,8 @@ message Features {
optional OneKeySEState onekey_se02_state = 622;
optional OneKeySEState onekey_se03_state = 623;
optional OneKeySEState onekey_se04_state = 624;
optional bool attach_to_pin_user = 625;
optional bool unlocked_attach_pin = 626;
}

/**
Expand Down Expand Up @@ -808,5 +813,44 @@ message UnlockPath {
* @next GetAddress
*/
message UnlockedPathRequest {
optional bytes mac = 1; // authentication code for future UnlockPath calls
optional bytes mac = 1;
}

/**
* Request: Get current passphrase state
* @start
* @next PassphraseState
*/
message GetPassphraseState {
optional string passphrase_state = 1;
optional bool _only_main_pin = 2;
optional bool allow_create_attach_pin = 3;
}

/**
* Response: Current passphrase state
* @end
*/
message PassphraseState {
optional string passphrase_state = 1;
optional bytes session_id = 2;
optional bool unlocked_attach_pin = 3;
}

/**
* Request: Unlock device
* @start
* @next UnLockDeviceResponse
*/
message UnLockDevice {
}

/**
* Response: Device unlock status
* @end
*/
message UnLockDeviceResponse {
optional bool unlocked = 1;
optional bool unlocked_attach_pin = 2;
optional bool passphrase_protection = 3;
}
9 changes: 7 additions & 2 deletions common/protob/messages.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ enum MessageType {
option (has_bitcoin_only_values) = true;
option allow_alias = true;
// Management
MessageType_Initialize = 0 [(bitcoin_only) = true, (wire_in) = true, (wire_tiny) = true];
MessageType_Initialize = 0 [(bitcoin_only) = true, (wire_in) = true];
Comment thread
guowei0105 marked this conversation as resolved.
Outdated
MessageType_Ping = 1 [(bitcoin_only) = true, (wire_in) = true];
MessageType_Success = 2 [(bitcoin_only) = true, (wire_out) = true, (wire_debug_out) = true];
MessageType_Failure = 3 [(bitcoin_only) = true, (wire_out) = true, (wire_debug_out) = true];
Expand Down Expand Up @@ -121,6 +121,7 @@ enum MessageType {
MessageType_UnlockPath = 93 [(bitcoin_only) = true, (wire_in) = true];
MessageType_UnlockedPathRequest = 94 [(bitcoin_only) = true, (wire_out) = true];


MessageType_SetU2FCounter = 63 [(wire_in) = true];
MessageType_GetNextU2FCounter = 80 [(wire_in) = true];
MessageType_NextU2FCounter = 81 [(wire_out) = true];
Expand Down Expand Up @@ -605,4 +606,8 @@ enum MessageType {
MessageType_OnekeyGetFeatures = 10025 [(bitcoin_only) = true,(wire_in) = true];
MessageType_OnekeyFeatures = 10026 [(bitcoin_only) = true,(wire_out) = true];
MessageType_WriteSEPrivateKey = 10027 [(wire_in) = true, (wire_bootloader) = true];
}
MessageType_GetPassphraseState = 10028 [(wire_in) = true];
MessageType_PassphraseState = 10029 [(wire_out) = true];
MessageType_UnLockDevice = 10030 [(bitcoin_only) = true, (wire_in) = true];
MessageType_UnLockDeviceResponse = 10031 [(bitcoin_only) = true, (wire_out) = true];
}
46 changes: 31 additions & 15 deletions core/embed/extmod/modtrezorconfig/modtrezorconfig.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,58 +110,74 @@ STATIC mp_obj_t mod_trezorconfig_is_initialized(void) {
STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_is_initialized_obj,
mod_trezorconfig_is_initialized);

/// def unlock(pin: str, ext_salt: bytes | None) -> bool:
/// def unlock(pin: str, ext_salt: bytes | None, pin_use_type: int = 0)
/// -> tuple[bool, int]:
/// """
/// Attempts to unlock the storage with the given PIN and external salt.
/// Returns True on success, False on failure.
/// """
STATIC mp_obj_t mod_trezorconfig_unlock(mp_obj_t pin, mp_obj_t ext_salt) {
STATIC mp_obj_t mod_trezorconfig_unlock(size_t n_args, const mp_obj_t *args) {
mp_buffer_info_t pin_b = {0};
mp_get_buffer_raise(pin, &pin_b, MP_BUFFER_READ);
mp_get_buffer_raise(args[0], &pin_b, MP_BUFFER_READ);

mp_buffer_info_t ext_salt_b = {0};
ext_salt_b.buf = NULL;
if (ext_salt != mp_const_none) {
mp_get_buffer_raise(ext_salt, &ext_salt_b, MP_BUFFER_READ);
if (n_args > 1 && args[1] != mp_const_none) {
mp_get_buffer_raise(args[1], &ext_salt_b, MP_BUFFER_READ);
if (ext_salt_b.len != EXTERNAL_SALT_SIZE)
mp_raise_msg(&mp_type_ValueError, "Invalid length of external salt.");
}

pin_type_t pin_use_type = PIN_TYPE_USER;

if (n_args > 2) {
pin_use_type = mp_obj_get_int(args[2]);
}

// display_clear();
// display_loader_ex(0, false, 0, 0xFFFF, 0x0000, NULL, 0, 0);
secbool ret = secfalse;

// verify se pin first when not in emulator
ret = se_verifyPin(pin_b.buf);
ret = se_verifyPin(pin_b.buf, pin_use_type);
if (ret != sectrue) {
if (!pin_state.pin_unlocked_initialized) {
pin_state.pin_unlocked = false;
pin_state.pin_unlocked_initialized = true;
}
return mp_const_false;
mp_obj_t tuple[2] = {mp_const_false, mp_obj_new_int(0)};
return mp_obj_new_tuple(2, tuple);
}

pin_result_t pin_type = se_get_pin_result_type();

// fpsensor_data_init();
fpsensor_data_init_start();
pin_state.pin_unlocked = true;
pin_state.pin_unlocked_initialized = true;
pin_state.fp_unlocked = true;
pin_state.fp_unlocked_initialized = true;
return mp_const_true;

mp_obj_tuple_t *tuple = MP_OBJ_TO_PTR(mp_obj_new_tuple(2, NULL));
tuple->items[0] = mp_const_true;
tuple->items[1] = mp_obj_new_int(pin_type);
return MP_OBJ_FROM_PTR(tuple);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_unlock_obj,
mod_trezorconfig_unlock);
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorconfig_unlock_obj, 2, 3,
mod_trezorconfig_unlock);

/// def check_pin(pin: str, ext_salt: bytes | None) -> bool:
/// def check_pin(pin: str, ext_salt: bytes | None, pin_use_type: int = 0) ->
/// bool:
/// """
/// Check the given PIN with the given external salt.
/// Returns True on success, False on failure.
/// """
STATIC mp_obj_t mod_trezorconfig_check_pin(mp_obj_t pin, mp_obj_t ext_salt) {
return mod_trezorconfig_unlock(pin, ext_salt);
STATIC mp_obj_t mod_trezorconfig_check_pin(size_t n_args,
const mp_obj_t *args) {
return mod_trezorconfig_unlock(n_args, args);
}
STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorconfig_check_pin_obj,
mod_trezorconfig_check_pin);
STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorconfig_check_pin_obj, 2, 3,
mod_trezorconfig_check_pin);

/// def lock() -> None:
/// """
Expand Down
Loading
Loading