trezor · matejcik · Jun 4, 2020 · Apr 14, 2020 · Apr 20, 2020 · Apr 21, 2020
diff --git a/common/protob/messages-common.proto b/common/protob/messages-common.proto
@@ -68,6 +68,7 @@ message ButtonRequest {
         ButtonRequest_Success = 17;
         ButtonRequest_Warning = 18;
         ButtonRequest_PassphraseEntry = 19;
+        ButtonRequest_PinEntry = 20;
     }
 }
 

diff --git a/common/protob/messages-debug.proto b/common/protob/messages-debug.proto
@@ -185,3 +185,14 @@ message DebugLinkEraseSdCard {
     optional bool format = 1;  // if true, the card will be formatted to FAT32.
                                // if false, it will be all 0xFF bytes.
 }
+
+
+/**
+ * Request: Start or stop tracking layout changes
+ * @start
+ * @next Success
+ */
+message DebugLinkWatchLayout {
+    optional bool watch = 1;  // if true, start watching layout.
+                              // if false, stop.
+}
diff --git a/common/protob/messages-management.proto b/common/protob/messages-management.proto
@@ -93,11 +93,21 @@ message Features {
 }
 
 /**
- * Request: clear session (removes cached PIN, passphrase, etc).
+ * Request: soft-lock the device. Following actions will require PIN. Passphrases remain cached.
  * @start
  * @next Success
  */
-message ClearSession {
+message LockDevice {
+}
+
+/**
+ * Request: end the current sesson. Following actions must call Initialize again.
+ * Cache for the current session is discarded, other sessions remain intact.
+ * Device is not PIN-locked.
+ * @start
+ * @next Success
+ */
+message EndSession {
 }
 
 /**

diff --git a/common/protob/messages.proto b/common/protob/messages.proto
@@ -44,7 +44,7 @@ enum MessageType {
     MessageType_PinMatrixRequest = 18 [(wire_out) = true];
     MessageType_PinMatrixAck = 19 [(wire_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
     MessageType_Cancel = 20 [(wire_in) = true, (wire_tiny) = true];
-    MessageType_ClearSession = 24 [(wire_in) = true];
+    MessageType_LockDevice = 24 [(wire_in) = true];
     MessageType_ApplySettings = 25 [(wire_in) = true];
     MessageType_ButtonRequest = 26 [(wire_out) = true];
     MessageType_ButtonAck = 27 [(wire_in) = true, (wire_tiny) = true, (wire_no_fsm) = true];
@@ -63,6 +63,7 @@ enum MessageType {
     MessageType_GetNextU2FCounter = 80 [(wire_in) = true];
     MessageType_NextU2FCounter = 81 [(wire_out) = true];
     MessageType_ChangeWipeCode = 82 [(wire_in) = true];
+    MessageType_EndSession = 83 [(wire_in) = true];
 
     // Deprecated messages, kept for protobuf compatibility.
     // Both are marked wire_out so that we don't need to implement incoming handler for legacy
@@ -114,6 +115,7 @@ enum MessageType {
     MessageType_DebugLinkRecordScreen = 9003 [(wire_debug_in) = true];
     MessageType_DebugLinkShowText = 9004 [(wire_debug_in) = true];
     MessageType_DebugLinkEraseSdCard = 9005 [(wire_debug_in) = true];
+    MessageType_DebugLinkWatchLayout = 9006 [(wire_debug_in) = true];
 
     // Ethereum
     MessageType_EthereumGetPublicKey = 450 [(wire_in) = true];

diff --git a/core/SConscript.firmware b/core/SConscript.firmware
@@ -36,6 +36,7 @@ CPPDEFINES_MOD += [
     'AES_128',
     'AES_192',
     'RAND_PLATFORM_INDEPENDENT',
+    ('USE_BIP32_CACHE', '0'),
     ('USE_KECCAK', '1'),
     ('USE_ETHEREUM', '1' if EVERYTHING else '0'),
     ('USE_MONERO', '1' if EVERYTHING else '0'),
@@ -486,6 +487,7 @@ if FROZEN:
         ])
     )
 
+    SOURCE_PY.append(SOURCE_PY_DIR + 'apps/base.py')
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/common/*.py'))
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/common/*/*.py'))
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/debug/*.py'))

diff --git a/core/SConscript.unix b/core/SConscript.unix
@@ -34,6 +34,7 @@ CPPPATH_MOD += [
 CPPDEFINES_MOD += [
     'AES_128',
     'AES_192',
+    ('USE_BIP32_CACHE', '0'),
     ('USE_KECCAK', '1'),
     ('USE_ETHEREUM', '1' if EVERYTHING else '0'),
     ('USE_MONERO', '1' if EVERYTHING else '0'),
@@ -454,6 +455,7 @@ if FROZEN:
         ])
     )
 
+    SOURCE_PY.append(SOURCE_PY_DIR + 'apps/base.py')
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/common/*.py'))
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/common/*/*.py'))
     SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/debug/*.py'))

diff --git a/core/embed/extmod/modtrezorconfig/modtrezorconfig.c b/core/embed/extmod/modtrezorconfig/modtrezorconfig.c
@@ -112,6 +112,19 @@ STATIC mp_obj_t mod_trezorconfig_lock(void) {
 STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_lock_obj,
                                  mod_trezorconfig_lock);
 
+/// def is_unlocked() -> bool:
+///     """
+///     Returns True if storage is unlocked, False otherwise.
+///     """
+STATIC mp_obj_t mod_trezorconfig_is_unlocked(void) {
+  if (sectrue != storage_is_unlocked()) {
+    return mp_const_false;
+  }
+  return mp_const_true;
+}
+STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorconfig_is_unlocked_obj,
+                                 mod_trezorconfig_is_unlocked);
+
 /// def has_pin() -> bool:
 ///     """
 ///     Returns True if storage has a configured PIN, False otherwise.
@@ -374,6 +387,8 @@ STATIC const mp_rom_map_elem_t mp_module_trezorconfig_globals_table[] = {
      MP_ROM_PTR(&mod_trezorconfig_check_pin_obj)},
     {MP_ROM_QSTR(MP_QSTR_unlock), MP_ROM_PTR(&mod_trezorconfig_unlock_obj)},
     {MP_ROM_QSTR(MP_QSTR_lock), MP_ROM_PTR(&mod_trezorconfig_lock_obj)},
+    {MP_ROM_QSTR(MP_QSTR_is_unlocked),
+     MP_ROM_PTR(&mod_trezorconfig_is_unlocked_obj)},
     {MP_ROM_QSTR(MP_QSTR_has_pin), MP_ROM_PTR(&mod_trezorconfig_has_pin_obj)},
     {MP_ROM_QSTR(MP_QSTR_get_pin_rem),
      MP_ROM_PTR(&mod_trezorconfig_get_pin_rem_obj)},

diff --git a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip32.h b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-bip32.h
@@ -240,18 +240,17 @@ STATIC mp_obj_t mod_trezorcrypto_HDNode_derive_path(mp_obj_t self,
     mp_raise_ValueError("Path cannot be longer than 32 indexes");
   }
 
-  // convert path to int array
-  uint32_t pi;
-  uint32_t pints[plen];
-  for (pi = 0; pi < plen; pi++) {
-    pints[pi] = trezor_obj_get_uint(pitems[pi]);
-  }
-
-  if (!hdnode_private_ckd_cached(&o->hdnode, pints, plen, &o->fingerprint)) {
-    // derivation failed, reset the state and raise
-    o->fingerprint = 0;
-    memzero(&o->hdnode, sizeof(o->hdnode));
-    mp_raise_ValueError("Failed to derive path");
+  for (uint32_t pi = 0; pi < plen; pi++) {
+    if (pi == plen - 1) {
+      // fingerprint is calculated from the parent of the final derivation
+      o->fingerprint = hdnode_fingerprint(&o->hdnode);
+    }
+    uint32_t pitem = trezor_obj_get_uint(pitems[pi]);
+    if (!hdnode_private_ckd(&o->hdnode, pitem)) {
+      o->fingerprint = 0;
+      memzero(&o->hdnode, sizeof(o->hdnode));
+      mp_raise_ValueError("Failed to derive path");
+    }
   }
 
   return mp_const_none;

diff --git a/core/embed/extmod/modtrezorio/modtrezorio-poll.h b/core/embed/extmod/modtrezorio/modtrezorio-poll.h
@@ -28,7 +28,7 @@
 
 /// package: trezorio.__init__
 
-/// def poll(ifaces: Iterable[int], list_ref: List, timeout_us: int) -> bool:
+/// def poll(ifaces: Iterable[int], list_ref: List, timeout_ms: int) -> bool:
 ///     """
 ///     Wait until one of `ifaces` is ready to read or write (using masks
 //      `io.POLL_READ` and `io.POLL_WRITE`) and assign the result into
@@ -42,14 +42,14 @@
 ///     If timeout occurs, False is returned, True otherwise.
 ///     """
 STATIC mp_obj_t mod_trezorio_poll(mp_obj_t ifaces, mp_obj_t list_ref,
-                                  mp_obj_t timeout_us) {
+                                  mp_obj_t timeout_ms) {
   mp_obj_list_t *ret = MP_OBJ_TO_PTR(list_ref);
   if (!MP_OBJ_IS_TYPE(list_ref, &mp_type_list) || ret->len < 2) {
     mp_raise_TypeError("invalid list_ref");
   }
 
-  const mp_uint_t timeout = trezor_obj_get_uint(timeout_us);
-  const mp_uint_t deadline = mp_hal_ticks_us() + timeout;
+  const mp_uint_t timeout = trezor_obj_get_uint(timeout_ms);
+  const mp_uint_t deadline = mp_hal_ticks_ms() + timeout;
   mp_obj_iter_buf_t iterbuf;
 
   for (;;) {
@@ -125,7 +125,7 @@ STATIC mp_obj_t mod_trezorio_poll(mp_obj_t ifaces, mp_obj_t list_ref,
       }
     }
 
-    if (mp_hal_ticks_us() >= deadline) {
+    if (mp_hal_ticks_ms() >= deadline) {
       break;
     } else {
       MICROPY_EVENT_POLL_HOOK

diff --git a/core/embed/extmod/modtrezorutils/modtrezorutils.c b/core/embed/extmod/modtrezorutils/modtrezorutils.c
@@ -114,6 +114,7 @@ STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorutils_halt_obj, 0, 1,
 /// VERSION_PATCH: int
 /// MODEL: str
 /// EMULATOR: bool
+/// BITCOIN_ONLY: bool
 
 STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = {
     {MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_trezorutils)},

diff --git a/core/embed/firmware/version.h b/core/embed/firmware/version.h
@@ -1,6 +1,6 @@
 #define VERSION_MAJOR 2
 #define VERSION_MINOR 3
-#define VERSION_PATCH 1
+#define VERSION_PATCH 2
 #define VERSION_BUILD 0
 
 #define FIX_VERSION_MAJOR 2

diff --git a/core/mocks/generated/trezorconfig.pyi b/core/mocks/generated/trezorconfig.pyi
@@ -34,6 +34,13 @@ def lock() -> None:
     """
 
 
+# extmod/modtrezorconfig/modtrezorconfig.c
+def is_unlocked() -> bool:
+    """
+    Returns True if storage is unlocked, False otherwise.
+    """
+
+
 # extmod/modtrezorconfig/modtrezorconfig.c
 def has_pin() -> bool:
     """

diff --git a/core/mocks/generated/trezorio/__init__.pyi b/core/mocks/generated/trezorio/__init__.pyi
@@ -68,7 +68,7 @@ class HID:
 
 
 # extmod/modtrezorio/modtrezorio-poll.h
-def poll(ifaces: Iterable[int], list_ref: List, timeout_us: int) -> bool:
+def poll(ifaces: Iterable[int], list_ref: List, timeout_ms: int) -> bool:
     """
     Wait until one of `ifaces` is ready to read or write (using masks
     `list_ref`:

diff --git a/core/mocks/generated/trezorutils.pyi b/core/mocks/generated/trezorutils.pyi
@@ -33,3 +33,4 @@ VERSION_MINOR: int
 VERSION_PATCH: int
 MODEL: str
 EMULATOR: bool
+BITCOIN_ONLY: bool