add ble connection status query && clear session when device is locked

core/embed/extmod/modtrezorcrypto/modtrezorcrypto-se-thd89.h

@@ -135,6 +135,17 @@ STATIC mp_obj_t mod_trezorcrypto_se_thd89_end_session(void) {
 STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_se_thd89_end_session_obj,
                                  mod_trezorcrypto_se_thd89_end_session);
 
+/// def clear_session() -> None:
+///     """
+///     clear all sessions.
+///     """
+STATIC mp_obj_t mod_trezorcrypto_se_thd89_clear_session(void) {
+  se_sessionClear();
+  return mp_const_none;
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorcrypto_se_thd89_clear_session_obj,
+                                 mod_trezorcrypto_se_thd89_clear_session);
+
 /// def get_session_state() -> bytes:
 ///     """
 ///     get current session secret state.
@@ -1149,6 +1160,8 @@ STATIC const mp_rom_map_elem_t mod_trezorcrypto_se_thd89_globals_table[] = {
      MP_ROM_PTR(&mod_trezorcrypto_se_thd89_start_session_obj)},
     {MP_ROM_QSTR(MP_QSTR_end_session),
      MP_ROM_PTR(&mod_trezorcrypto_se_thd89_end_session_obj)},
+    {MP_ROM_QSTR(MP_QSTR_clear_session),
+     MP_ROM_PTR(&mod_trezorcrypto_se_thd89_clear_session_obj)},
     {MP_ROM_QSTR(MP_QSTR_get_session_state),
      MP_ROM_PTR(&mod_trezorcrypto_se_thd89_get_session_state_obj)},
     {MP_ROM_QSTR(MP_QSTR_get_session_current_id),

core/mocks/generated/trezorcrypto/se_thd89.pyi

@@ -46,6 +46,13 @@ def end_session() -> None:
     """
 
 
+# extmod/modtrezorcrypto/modtrezorcrypto-se-thd89.h
+def clear_session() -> None:
+    """
+    clear all sessions.
+    """
+
+
 # extmod/modtrezorcrypto/modtrezorcrypto-se-thd89.h
 def get_session_state() -> bytes:
     """

core/src/apps/base.py

@@ -551,17 +551,15 @@ def lock_device() -> None:
     if storage.device.is_initialized() and config.has_pin():
         from trezor.lvglui.scrs import fingerprints
 
+        se_thd89.clear_session()
+
         if fingerprints.is_available():
             fingerprints.lock()
         else:
             if __debug__:
                 print(
                     f"pin locked,  finger is available: {fingerprints.is_available()} ===== finger is unlocked: {fingerprints.is_unlocked()} "
                 )
-            from apps.common import passphrase
-
-            if passphrase.is_passphrase_pin_enabled():
-                storage.cache.end_current_session()
             config.lock()
         wire.find_handler = get_pinlocked_handler
         set_homescreen()

core/src/trezor/uart.py

@@ -209,17 +209,13 @@ async def handle_usb_state():
                 usb_auto_lock = device.is_usb_lock_enabled()
                 if usb_auto_lock and device.is_initialized() and config.has_pin():
                     from trezor.lvglui.scrs import fingerprints
+                    from trezor.crypto import se_thd89
 
                     if config.is_unlocked():
+                        se_thd89.clear_session()
                         if fingerprints.is_available():
                             fingerprints.lock()
                         else:
-
-                            from apps.common import passphrase
-                            import storage.cache
-
-                            if passphrase.is_passphrase_pin_enabled():
-                                storage.cache.end_current_session()
                             config.lock()
                         await safe_reloop()
                         await workflow.spawn(utils.internal_reloop())
@@ -367,16 +363,14 @@ async def _deal_button_press(value: bytes) -> None:
                 from trezor.lvglui.scrs import fingerprints
 
                 if config.has_pin() and config.is_unlocked():
+                    from trezor.crypto import se_thd89
+
+                    se_thd89.clear_session()
+
                     if fingerprints.is_available():
                         if fingerprints.is_unlocked():
                             fingerprints.lock()
                     else:
-
-                        from apps.common import passphrase
-                        import storage.cache
-
-                        if passphrase.is_passphrase_pin_enabled():
-                            storage.cache.end_current_session()
                         config.lock()
                 await loop.race(safe_reloop(), loop.sleep(200))
                 await loop.sleep(300)
@@ -631,6 +625,9 @@ def fetch_ble_info():
     if BLE_ENABLED is None:
         BLE_CTRL.ctrl(0x81, b"\x04")
 
+    if utils.BLE_CONNECTED is None:
+        BLE_CTRL.ctrl(0x81, b"\x05")
+
     if utils.BLE_BUILD_ID is None:
         BLE_CTRL.ctrl(0x83, b"\x05")